Covert channels
Download
1 / 17

Covert Channels - PowerPoint PPT Presentation


  • 195 Views
  • Uploaded on

Covert Channels. John Dabney. Covert Channels. “. . . any communication channel that can be exploited by a process to transfer information in a manner that violates the system's security policy. National Institute of Standards and Technology

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' Covert Channels' - emmett


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Covert channels

Covert Channels

John Dabney


Covert channels1
Covert Channels

  • “. . . any communication channel that can be exploited by a process to transfer information in a manner that violates the system's security policy.

    • National Institute of Standards and Technology

  • “a path of communication that was not designed to be used for communication.” - Matt Bishop


  • Steganography
    Steganography

    • “the practice of concealing information in channels that superficially appear benign.”

    • “While cryptography is about protecting the content of messages, steganography is about concealing their very existence.” – Fabien Petitcolas


    Properties
    Properties

    • Existence

      • Hide the fact that communication is taking place

    • Bandwidth

      • Unused

      • Detectability

    • Evaluation

      • Ease of implementation

      • Range

      • Permissibility

      • Probability of detection

      • Anonymity

        • “Unobservable”

        • “Unlinkable”


    Usage
    Usage

    • Network

      • Wireless - Corrupted headers

      • Modifying header fields

        • Optional/mandatory – bits used infrequently raise risk of detection

      • Modifying existing traffic

    • Audio and Video stenograms

    • Encryption

    • Canary trap and Digital watermarking


    An example
    An example

    • http://www.petitcolas.net/fabien/steganography/image%5Fdowngrading/









    Detection
    Detection

    • Comparison with original

    • Artifacts from applications used to hide information

    • Statistical analysis

    • Wireless - High error rates


    Mitigation
    Mitigation

    • Not complete elimination

    • Isolation

    • Bandwidth - time

    • Randomness/Uniformity

    • Compression

    • Changing formats

    • Disabling certain traffic



    Bibliography
    Bibliography

    • Bishop, Matt. Introduction to Computer Security. Massachusetts: Pearson Education, Inc., 2005.

    • “Canary Trap.” Wikipedia. http://en.wikipedia.org/wiki/Canary_trap. April 26, 2007.

    • “Covert Channels.” Wikipedia. http://en.wikipedia.org/wiki/Covert_channel. April 26, 2007.

    • Dunbar, Bret. A detailed look at Steganographic Techniques and their use in an Open-Systems Environment. SANS Institute. 01/18/2002http://www.sans.org/reading_room/papers/download.php?id=677&c=29cae459acbc32dac569453048050082&portal=67dfc17e34bed372c83983ad0cbd5629. April 26, 2007.

    • Owens, Mark. A Discussion of Covert Channels and Steganography. SANS/GIAC GSEC 1.3. March 19, 2002. http://www.sans.org/reading_room/papers/download.php?id=678&c=29cae459acbc32dac569453048050082&portal=67dfc17e34bed372c83983ad0cbd5629. April 26, 2007.

    • Petitcolas, Fabien. “the information hiding homepage digital watermarking and steganography.” (Nov. 2006) Fabien a. p. petitcolas. http://www.petitcolas.net/fabien/steganography/image%5Fdowngrading/ April 26, 2007.

    • Sbrusch, Raymond. Network Covert Channels: Subversive Secrecy. SANS Institute. http://www.sans.org/reading_room/papers/download.php?id=1660&c=29cae459acbc32dac569453048050082&portal=67dfc17e34bed372c83983ad0cbd5629. April 26, 2007

    • “Steganography.” Wikipedia. http://en.wikipedia.org/wiki/Steganography. April 26, 2007.

    • Wingate, Jim. The Perfect Dead Drop: The Use of Cyberspace for Covert Communications. BackBone Security.com. http://www.infosec-technologies.com/steganograph.pdf. April 26, 2007.


    ad