Spelling suggestions: "subject:"covert channels"" "subject:"povert channels""
1 |
Air-Gap Covert ChannelsCarrara, Brent January 2016 (has links)
A fresh perspective on covert channels is presented in this work. A new class, air-gap covert channels, is defined as an unintentional communication channel established between systems that are physically and electronically isolated from one another. A specific class of air-gap covert channel is studied in depth, out-of-band covert channels (OOB-CCs), which are defined as policy-breaking communication channels established between isolated, physically unmodified systems. It is shown that OOB-CCs can be categorized by the physical channel that they communicate over: acoustic, light, seismic, magnetic, thermal, and radio-frequency, and the hardware that is required at the transmitter and receiver to make covert communication possible. In general, OOB-CCs are not as high-bandwidth as conventional radio-frequency channels; however, they are capable of leaking sensitive information that requires low data rates to communicate (e.g., text, recorded audio, cryptographic key material). The ability for malware to communicate information using a specific type of OOB-CC, the covert-acoustic channel, is also analyzed. It is empirically demonstrated that using physically unmodified, commodity systems (e.g., laptops, desktops, and mobile devices), covert-acoustic channels can be used to communicate at data rates of hundreds of bits per second, without being detected by humans in the environment, and data rates of thousands of bits per second when nobody is around to hear the communication. Defence mechanisms to counter covert-acoustic channels are also proposed and evaluated, and, as a result, best practices for the designers of secure systems and secure facilities are presented. Additionally, the covertness of OOB-CCs, i.e., the amount of data that can be leaked before the channel is detected, is also determined for classical communication channels as well as for covert-acoustic channels.
|
2 |
A novel approach to detecting covert DNS tunnels using throughput estimationHimbeault, Michael 22 April 2014 (has links)
In a world that relies heavily on data, protection of that data and of the motion of that
data is of the utmost importance. Covert communication channels attempt to circumvent
established methods of control, such as rewalls and proxies, by utilizing non-standard
means of getting messages between two endpoints. The Domain Name System (DNS), the
system that translates text-based resource names into machine-readable resource records,
is a very common and e ective platform upon which covert channels can be built. This
work proposes, and demonstrates the e ectiveness of, a novel technique that estimates
data transmission throughput over DNS in order to identify the existence of a DNS tunnel
against the background noise of legitimate network tra c. The proposed technique is
robust in the face of the obfuscation techniques that are able to hide tunnels from existing
detection methods.
|
3 |
On the Modelling, Analysis, and Mitigation of Distributed Covert ChannelsJaskolka, Jason 06 1900 (has links)
Covert channels are means of communication that allow agents in a system to transfer information in a manner that violates the system’s security policy. Covert channels have been well studied in the constrained and old sense of the term where two agents are communicating through a channel while an intruder interferes to hide the transmission of a message. In an increasingly connected world where modern computer systems consist of broad and heterogeneous communication networks with many interacting agents, distributed covert channels are becoming increasingly available. For these distributed forms of covert channels, there are shortcomings in the science, mathematics, fundamental theory, and tools for risk assessment, and for proposing mechanisms and design solutions for averting these threats. Since current formal methods for specifying concurrent systems do not provide the tools needed to efficiently tackle the problem of distributed covert channels in systems of communicating agents, this thesis proposes Communicating Concurrent Kleene Algebra (C²KA) which is an extension to the algebraic model of concurrent Kleene algebra (CKA) first presented by Hoare et al. C²KA is used to capture and study the behaviour of agents, and description logic is used to capture and study the knowledge of agents. Using this representation of agents in systems of communicating agents, this thesis presents a formulation and verification approach for the necessary conditions for the existence of distributed covert channels in systems of communicating agents. In this way, this thesis establishes a mathematical framework for the modelling, analysis, and mitigation of distributed covert channels in systems of communicating agents. This framework enhances the understanding of covert channels and provides a basis for thinking and reasoning about covert channels in new ways. This can lead to a formal foundation upon which guidelines and mechanisms for designing and implementing systems of communicating agents that are resilient to covert channels can be devised. / Thesis / Doctor of Philosophy (PhD)
|
4 |
A Convert Channel Using 802.11 LANSCalhoun, Telvis Eugene 10 April 2009 (has links)
We present a covert side channel that uses the 802.11 MAC rate switching protocol. The covert channel provides a general method to hide communications in an 802.11 LAN. The technique uses a one-time password algorithm to ensure high-entropy randomness of the covert messages. We investigate how the covert side channel affects node throughput in mobile and non-mobile scenarios. We also investigate the covertness of the covert side channel using standardized entropy. The results show that the performance impact is minimal and increases slightly as the covert channel bandwidth increases. We further show that the channel has 100% accuracy with minimal impact on rate switching entropy. Finally, we present two applications for the covert channel: covert authentication and covert WiFi botnets.
|
5 |
Skrytí dat v počítačových sítích / Hiding Data in Computer NetworksHrebíček, Martin January 2013 (has links)
This diploma thesis deals with hiding data in the Internet traffic. It contains a description of the law interception. Various possibilities of hiding data are mentioned. The practical part of this thesis consists of an application that hides the data of HTTP and HTTPS protocols in a fake VoIP call. The application consists of two parts: a client and a server. Data transmitted between the client and the server parts are masked as multimedia data of the VoIP call. When a user or Internet server does not transmit any data, random data are transmitted between client and server parts in order to simulate the VoIP call. Then, the thesis focuses on detection of the attack.
|
6 |
Information Hiding in Networks : Covert ChannelsRíos del Pozo, Rubén January 2007 (has links)
<p>Covert Channels have existed for more than twenty years now. Although they did not receive a special attention in their early years, they are being more and more studied nowadays. This work focuses on network covert channels and it attempts to give an overview on their basics to later analyse several existing implementations which may compromise the security perimeter of a corporate network. The features under study are the bandwidth provided by the channel and the ease of detection. The studied tools have turned out to be in most cases unreliable and easy to detect with current detection techniques and the bandwidth provided is usually moderate but they might pose a threat if not taken into consideration.</p>
|
7 |
Information Hiding in Networks : Covert ChannelsRíos del Pozo, Rubén January 2007 (has links)
Covert Channels have existed for more than twenty years now. Although they did not receive a special attention in their early years, they are being more and more studied nowadays. This work focuses on network covert channels and it attempts to give an overview on their basics to later analyse several existing implementations which may compromise the security perimeter of a corporate network. The features under study are the bandwidth provided by the channel and the ease of detection. The studied tools have turned out to be in most cases unreliable and easy to detect with current detection techniques and the bandwidth provided is usually moderate but they might pose a threat if not taken into consideration.
|
8 |
Security for Virtualized Distributed Systems : from Modelization to Deployment / Sécurité des Systèmes Distribués Virtualisés : De la Modélisation au DéploiementLefray, Arnaud 03 November 2015 (has links)
Cette thèse s'intéresse à la sécurité des environnements virtualisés distribués type “Clouds” ou informatique en nuage. Dans ces environnements, le client bénéficie de ressources ou services (de calcul, stockage, etc.) à la demande sans connaissance de l'infrastructure sous-jacente. Ces services sont proposés à bas coût en mutualisant les ressources proposées aux clients. Ainsi, ces derniers se retrouvent à partager une infrastructure commune. Cependant, cette concentration des activités en fait une cible privilégiée pour un attaquant, d'autant plus intéressante que les Clouds présentent de nouveaux vecteurs d'attaque entre les clients du Clouds de part le partage des ressources. Actuellement, les fournisseurs de solutions de Cloud proposent une sécurité par défaut ne correspondant pas nécessairement aux besoins de sécurité des clients. Cet aspect est donc bien souvent négligé et cette situation donne lieu à de nombreux exemples d'attaques (vol de données, usage malicieux, etc.). Dans cette thèse, nous proposons une approche où le client spécifie ses besoins de sécurité ainsi que son application virtualisée au sein d'un modèle. Nous proposons notamment une nouvelle logique dédiée à l'expression de propriétés sur la propagation de l'information dans un système.Puis, nous proposons un déploiement automatique de ce modèle sur une infrastructure de type Cloud basée sur la virtualisation grâce à nos nouveaux algorithmes prenant en compte les propriétés de sécurité. Ces dernières sont assurées via un placement prenant en compte les risques d'attaques entre ressources partagées et/ou via la configuration de mécanismes de sécurité existants au sein du système. / This Thesis deals with security for virtualized distributed environments such as Clouds. In these environments, a client can access resources or services (compute, storage, etc.) on-demand without prior knowledge of the infrastructure underneath. These services are low-cost due to the mutualization of resources. As a result, the clients share a common infrastructure. However, the concentration of businesses and critical data makes Clouds more attractive for malicious users, especially when considering new attack vectors between tenants.Nowadays, Cloud providers offer default security or security by design which does not fit tenants' custom needs. This gap allows for multiple attacks (data thieft, malicious usage, etc.)In this Thesis, we propose a user-centric approach where a tenant models both its security needs as high-level properties and its virtualized application. These security objectives are based on a new logic dedicated to expressing system-based information flow properties. Then, we propose security-aware algorithm to automatically deploy the application and enforce the security properties. The enforcement can be realized by taking into account shared resources during placement decision and/or through the configuration of existing security mechanisms.
|
Page generated in 0.0681 seconds