Starten Sie Ihre Suche...


Durch die Nutzung unserer Webseite erklären Sie sich damit einverstanden, dass wir Cookies verwenden. Weitere Informationen

Did You See That? A Covert Channel Exploiting Recent Legitimate Traffic

Cornell University: arXiv 2022 2212.11850

Erscheinungsjahr: 2022

Publikationstyp: Diverses (Forschungsbericht)

Sprache: Englisch

Doi/URN: 10.48550/arXiv.2212.11850

Volltext über DOI/URN

Website
GeprüftBibliothek

Inhaltszusammenfassung


Covert channels are unforeseen and stealthy communication channels that enable manifold adversary scenarios, such as the covert exfiltration of confidential data or the stealthy orchestration of botnets. However, they can also allow the exchange of confidential information by journalists. All covert channels described until now therefore need to craft seemingly legitimate information flows for their information exchange, mimicking unsuspicious behavior. In this paper, we present DYST (Did ...Covert channels are unforeseen and stealthy communication channels that enable manifold adversary scenarios, such as the covert exfiltration of confidential data or the stealthy orchestration of botnets. However, they can also allow the exchange of confidential information by journalists. All covert channels described until now therefore need to craft seemingly legitimate information flows for their information exchange, mimicking unsuspicious behavior. In this paper, we present DYST (Did You See That?), which represents a new class of covert channels we call history covert channels. History covert channels can communicate almost exclusively based on unaltered legitimate traffic created by regular nodes participating in a network. Only a negligible fraction of the covert communication process requires the transfer of actual covert channel information. We extend the current taxonomy for covert channels to show how history channels can be categorized. We theoretically analyze the characteristics of history channels and show how their configuration can be optimized for two channel implementations, called DYST-Basic and DYST-Ext. We further implement a proof-of-concept code for both DYST variants and evaluate the performance (robustness, detectability, and optimization) with both, simulated and real traffic. Finally, we discuss application scenarios and potential countermeasures against DYST. » weiterlesen» einklappen

  • verdeckter Kanal
  • Informationssicherheit
  • Netzwerksicherheit
  • IT-Sicherheit
  • Cybersecurity
  • IT-Security
  • Steganographie
  • Steganografie
  • Steganography
  • Covert Channel
  • Censorship
  • Censorship Circumvention
  • Traffic Obfuscation
  • Network Security
  • Cyber Attacks

Autoren


Schmidbauer, Tobias (Autor)
Keller, Jörg (Autor)

Klassifikation


DFG Fachgebiet:
Informatik

DDC Sachgruppe:
Informatik

Verbundene Forschungsprojekte


Verknüpfte Personen


Steffen Wendzel