CCHEF – Covert Channels Evaluation Framework Design and Implementation

نویسندگان

  • Sebastian Zander
  • Grenville Armitage
چکیده

Communication is not necessarily made secure by the use of encryption alone. The mere existence of communication is often enough to raise suspicion and trigger investigative actions. Covert channels aim to hide the very existence of the communication. The huge amount of data and vast number of different protocols in the Internet makes it ideal as a high-bandwidth vehicle for covert communications. Covert channels are hidden inside pre-existing overt communication by encoding additional semantics onto ‘normal’ behaviours of the overt channels. We have developed CCHEF – a flexible and extensible software framework for evaluating covert channels in network protocols. The framework is able to establish covert channels across real networks using real overt traffic, but can also emulate covert channels based on overt traffic previously collected in trace files. In this paper we present the design and implementation of CCHEF.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

CCHEF – Covert Channels Evaluation Framework User Manual Version 0.1

Communication is not necessarily made secure by the use of encryption alone. The mere existence of communication is often enough to raise suspicion and trigger investigative actions. Covert channels aim to hide the very existence of the communication. The huge amount of data and vast number of different protocols in the Internet makes it ideal as a high-bandwidth vehicle for covert communicatio...

متن کامل

Model-Based Covert Timing Channels: Automated Modeling and Evasion

The exploration of advanced covert timing channel design is important to understand and defend against covert timing channels. In this paper, we introduce a new class of covert timing channels, called model-based covert timing channels, which exploit the statistical properties of legitimate network traffic to evade detection in an effective manner. We design and implement an automated framework...

متن کامل

An Evaluation Framework for the Analysis of Covert Channels in the TCP/IP Protocol Suite

Information hiding techniques can be used by criminals and terrorists to communicate over covert channels within the TCP/IP protocol suite and can be used to overcome firewalls and most other forms of network intrusion detection and prevention systems. In this work we describe the covert channel concept and weaknesses in the five layered TCP/IP layered model. We then present an evaluation frame...

متن کامل

Design and Implementation of an Active Warden Addressing Protocol Switching Covert Channels

Network covert channels enable a policy-breaking network communication (e.g., within botnets). Within the last years, new covert channel techniques occurred which are based on the capability of protocol switching. There are currently no means available to counter these new techniques. In this paper we present the first approach to effectively limit the bandwidth of such covert channels by intro...

متن کامل

A Behavior Based Covert Channel within Anti-Virus Updates

This paper presents a new behavior based covert channel utilizing the database update mechanism of anti-virus software. It is highly covert due to unattended, frequent, automatic signature database update operations performed by the software. The design of the covert channel is described; its properties are discussed and demonstrated by a reference implementation. This paper uses these points t...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2008