Inhaltszusammenfassung

Covert channels are stealthy communication channels that enable manifold adversary and legitimate scenarios, ranging from stealthy malware communications to the exchange of confidential information by journalists. We present DYST, which represents a new class of covert channels we call history covert channels jointly with the new paradigm of covert channel amplification. All covert channels described until now need to craft seemingly legitimate flows or need to modify third-party flows, mim...Covert channels are stealthy communication channels that enable manifold adversary and legitimate scenarios, ranging from stealthy malware communications to the exchange of confidential information by journalists. We present DYST, which represents a new class of covert channels we call history covert channels jointly with the new paradigm of covert channel amplification. All covert channels described until now need to craft seemingly legitimate flows or need to modify third-party flows, mimicking unsuspicious behavior. In contrast, history covert channels can communicate by pointing to unaltered legitimate traffic created by regular network nodes. Only a negligible fraction of the covert communication process requires the transfer of actual covert channel information by the covert channel's sender. This information can be sent through different protocols/channels. This allows an amplification of the covert channel's message size, i.e., minimizing the fraction of actually transferred secret data by a covert channel's sender in relation to the overall secret data being exchanged. Further, we extend the current taxonomy for covert channels to show how history channels can be categorized. We describe multiple scenarios in which history covert channels can be realized, analyze the characteristics of these channels, and show how their configuration can be optimized. » weiterlesen» einklappen

Autoren

Klassifikation

DFG Fachgebiet:
Informatik

DDC Sachgruppe:
Informatik