Starten Sie Ihre Suche...


Durch die Nutzung unserer Webseite erklären Sie sich damit einverstanden, dass wir Cookies verwenden. Weitere Informationen

Detection Of Computational Intensive Reversible Covert Channels Based On Packet Runtime

Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications (JoWUA). Bd. 13. H. 1. 2022 S. 137 - 166

Erscheinungsjahr: 2022

Publikationstyp: Zeitschriftenaufsatz

Sprache: Englisch

Doi/URN: 10.22667/JOWUA.2022.03.31.137

Volltext über DOI/URN

GeprüftBibliothek

Inhaltszusammenfassung


In current research, reversible network-level covert channels are receiving more and more attention. The restoration of the original data leaves little evidence for detection, especially if the implementation is plausibly deniable. Recently, such a channel based on one-time password hash chains has been published. The covert channel uses repeated computational intensive operations to restore a modified hash and to extract covert information transferred within. In this paper, we present an app...In current research, reversible network-level covert channels are receiving more and more attention. The restoration of the original data leaves little evidence for detection, especially if the implementation is plausibly deniable. Recently, such a channel based on one-time password hash chains has been published. The covert channel uses repeated computational intensive operations to restore a modified hash and to extract covert information transferred within. In this paper, we present an approach that observes the influence of repeated MD5, SHA2-384, SHA3-256 and SHA3-512 hash-operations on packet runtimes. Besides these hash algorithms, we also investigate whether the alphabet that the Covert Sender and the Covert Receiver agreed upon, has an influence on our detection approach. For each algorithm, we carry out three experiments with different alphabets: one without a covert channel, one with a covert channel altering all hashes, and finally, one with a covert channel altering every second hash. We further repeat each experiment ten times and define a threshold for packet runtimes without modified hashes. Also, we investigate the detectability of computational intensive reversible covert channels for all our scenarios and evaluate the detection rate depending on the number of observed packets. In addition, we describe countermeasures and limitations of our detection method and, finally, discuss application scenarios for existing network environments.» weiterlesen» einklappen

  • steganography
  • network security
  • network covert channels
  • verdeckte Kanäle
  • Seitenkanäle
  • Side Channels
  • Information Hiding
  • Information Security
  • Data Leakage Protection
  • IT-Sicherheit
  • Netzwerksicherheit
  • Steganografie
  • Cybersecurity
  • Data Protection
  • Anomalieerkennung
  • Anomaly Detection
  • Hash Functions
  • Cryptography
  • SHA3
  • SHA2
  • MD5
  • Network Communications
  • Computer Networks

Autoren


Schmidbauer, Tobias (Autor)

Klassifikation


DFG Fachgebiet:
Informatik

DDC Sachgruppe:
Informatik

Verknüpfte Personen


Steffen Wendzel