Covert channels
This presentation is the property of its rightful owner.
Sponsored Links
1 / 17

Covert Channels PowerPoint PPT Presentation


  • 136 Views
  • Uploaded on
  • Presentation posted in: General

Covert Channels. John Dabney. Covert Channels. “. . . any communication channel that can be exploited by a process to transfer information in a manner that violates the system's security policy. National Institute of Standards and Technology

Download Presentation

Covert Channels

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Covert channels

Covert Channels

John Dabney


Covert channels1

Covert Channels

  • “. . . any communication channel that can be exploited by a process to transfer information in a manner that violates the system's security policy.

    • National Institute of Standards and Technology

  • “a path of communication that was not designed to be used for communication.” - Matt Bishop


  • Steganography

    Steganography

    • “the practice of concealing information in channels that superficially appear benign.”

    • “While cryptography is about protecting the content of messages, steganography is about concealing their very existence.” – Fabien Petitcolas


    Properties

    Properties

    • Existence

      • Hide the fact that communication is taking place

    • Bandwidth

      • Unused

      • Detectability

    • Evaluation

      • Ease of implementation

      • Range

      • Permissibility

      • Probability of detection

      • Anonymity

        • “Unobservable”

        • “Unlinkable”


    Usage

    Usage

    • Network

      • Wireless - Corrupted headers

      • Modifying header fields

        • Optional/mandatory – bits used infrequently raise risk of detection

      • Modifying existing traffic

    • Audio and Video stenograms

    • Encryption

    • Canary trap and Digital watermarking


    An example

    An example

    • http://www.petitcolas.net/fabien/steganography/image%5Fdowngrading/


    64 kb hidden

    64 KB hidden


    129 kb hidden

    129 KB hidden


    194 kb hidden

    194 KB hidden


    258 kb hidden

    258 KB hidden


    323 kb hidden

    323 KB hidden


    388 kb hidden

    388 KB “hidden”


    452 kb hidden

    452 KB “hidden”


    Detection

    Detection

    • Comparison with original

    • Artifacts from applications used to hide information

    • Statistical analysis

    • Wireless - High error rates


    Mitigation

    Mitigation

    • Not complete elimination

    • Isolation

    • Bandwidth - time

    • Randomness/Uniformity

    • Compression

    • Changing formats

    • Disabling certain traffic


    Questions

    Questions?

    • ?


    Bibliography

    Bibliography

    • Bishop, Matt. Introduction to Computer Security. Massachusetts: Pearson Education, Inc., 2005.

    • “Canary Trap.” Wikipedia. http://en.wikipedia.org/wiki/Canary_trap. April 26, 2007.

    • “Covert Channels.” Wikipedia. http://en.wikipedia.org/wiki/Covert_channel. April 26, 2007.

    • Dunbar, Bret. A detailed look at Steganographic Techniques and their use in an Open-Systems Environment. SANS Institute. 01/18/2002http://www.sans.org/reading_room/papers/download.php?id=677&c=29cae459acbc32dac569453048050082&portal=67dfc17e34bed372c83983ad0cbd5629. April 26, 2007.

    • Owens, Mark. A Discussion of Covert Channels and Steganography. SANS/GIAC GSEC 1.3. March 19, 2002. http://www.sans.org/reading_room/papers/download.php?id=678&c=29cae459acbc32dac569453048050082&portal=67dfc17e34bed372c83983ad0cbd5629. April 26, 2007.

    • Petitcolas, Fabien. “the information hiding homepage digital watermarking and steganography.” (Nov. 2006) Fabien a. p. petitcolas. http://www.petitcolas.net/fabien/steganography/image%5Fdowngrading/ April 26, 2007.

    • Sbrusch, Raymond. Network Covert Channels: Subversive Secrecy. SANS Institute. http://www.sans.org/reading_room/papers/download.php?id=1660&c=29cae459acbc32dac569453048050082&portal=67dfc17e34bed372c83983ad0cbd5629. April 26, 2007

    • “Steganography.” Wikipedia. http://en.wikipedia.org/wiki/Steganography. April 26, 2007.

    • Wingate, Jim. The Perfect Dead Drop: The Use of Cyberspace for Covert Communications. BackBone Security.com. http://www.infosec-technologies.com/steganograph.pdf. April 26, 2007.


  • Login