The Implementation of Passive Covert Channels in the Linux Kern
نویسنده
چکیده
Introduction The goal of this paper is to describe the idea of so called passive covert channels (PCC), which might be used by malware to leak information from the compromised hosts. This idea has been implemented in a proof-of-concept tool, called NUSHU. The primary goal of the PCC is to be as stealth as possible by not generating its own traffic at all. To be actually useful PCC should be combined with some kind of password sniffer or other information gathering software running on the compromised host.
منابع مشابه
Covert Messaging through TCP Timestamps
We present a protocol for sending data over a common class of low-bandwidth covert channels. Covert channels exist in most communications systems and allow individuals to communicate truly undetectably. However, covert channels are seldom used due to their complexity. Our protocol is both practical and secure against attack by powerful adversaries. We implement our protocol on a standard platfo...
متن کاملDesign, implementation and evaluation Operational Program for Improving the Quality of Basic Clinical Skills in Nursing and Emergency Medicine Students based on Kern method
متن کامل
Covert channel resistant information leakage protection using a multi-agent architecture
Covert channel attacks utilise shared resources to indirectly transmit sensitive information to unauthorised parties. Current operating systems (e.g. SELinux) rely on tagging the filesystem with security labels and enforcing security policies at the time of access to a file or resource. However, such mechanisms do not provide strong protection against information laundering via covert channels....
متن کاملCovert channels in combinatorial games
A general framework for exploiting covert channels in combinatorial games is presented. The framework is applicable to all combinatorial games, including Chess and Go, but is applied to the game of Tic-Tac-Toe for ease of experimental analysis. The security and capacity of the resulting covert channel are analyzed experimentally. By considering the ways in which a passive adversary can attempt ...
متن کاملطراحی و ارزیابی روش کدگذاری ترکیبی برای کانال پوششی زمانبندیدار در شبکه اینترنت
Covert channel means communicating information through covering of overt and authorized channel in a manner that existence of channel to be hidden. In network covert timing channels that use timing features of transmission packets to modulating covert information, the appropriate encoding schema is very important. In this paper, a hybrid encoding schema proposed through combining "the inter-pac...
متن کامل