1 / 17

Covert Channels

Covert Channels. John Dabney. Covert Channels. “. . . any communication channel that can be exploited by a process to transfer information in a manner that violates the system's security policy. National Institute of Standards and Technology

emmett
Download Presentation

Covert Channels

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Covert Channels John Dabney

  2. Covert Channels • “. . . any communication channel that can be exploited by a process to transfer information in a manner that violates the system's security policy. • National Institute of Standards and Technology • “a path of communication that was not designed to be used for communication.” - Matt Bishop

  3. Steganography • “the practice of concealing information in channels that superficially appear benign.” • “While cryptography is about protecting the content of messages, steganography is about concealing their very existence.” – Fabien Petitcolas

  4. Properties • Existence • Hide the fact that communication is taking place • Bandwidth • Unused • Detectability • Evaluation • Ease of implementation • Range • Permissibility • Probability of detection • Anonymity • “Unobservable” • “Unlinkable”

  5. Usage • Network • Wireless - Corrupted headers • Modifying header fields • Optional/mandatory – bits used infrequently raise risk of detection • Modifying existing traffic • Audio and Video stenograms • Encryption • Canary trap and Digital watermarking

  6. An example • http://www.petitcolas.net/fabien/steganography/image%5Fdowngrading/

  7. 64 KB hidden

  8. 129 KB hidden

  9. 194 KB hidden

  10. 258 KB hidden

  11. 323 KB hidden

  12. 388 KB “hidden”

  13. 452 KB “hidden”

  14. Detection • Comparison with original • Artifacts from applications used to hide information • Statistical analysis • Wireless - High error rates

  15. Mitigation • Not complete elimination • Isolation • Bandwidth - time • Randomness/Uniformity • Compression • Changing formats • Disabling certain traffic

  16. Questions? • ?

  17. Bibliography • Bishop, Matt. Introduction to Computer Security. Massachusetts: Pearson Education, Inc., 2005. • “Canary Trap.” Wikipedia. http://en.wikipedia.org/wiki/Canary_trap. April 26, 2007. • “Covert Channels.” Wikipedia. http://en.wikipedia.org/wiki/Covert_channel. April 26, 2007. • Dunbar, Bret. A detailed look at Steganographic Techniques and their use in an Open-Systems Environment. SANS Institute. 01/18/2002http://www.sans.org/reading_room/papers/download.php?id=677&c=29cae459acbc32dac569453048050082&portal=67dfc17e34bed372c83983ad0cbd5629. April 26, 2007. • Owens, Mark. A Discussion of Covert Channels and Steganography. SANS/GIAC GSEC 1.3. March 19, 2002. http://www.sans.org/reading_room/papers/download.php?id=678&c=29cae459acbc32dac569453048050082&portal=67dfc17e34bed372c83983ad0cbd5629. April 26, 2007. • Petitcolas, Fabien. “the information hiding homepage digital watermarking and steganography.” (Nov. 2006) Fabien a. p. petitcolas. http://www.petitcolas.net/fabien/steganography/image%5Fdowngrading/ April 26, 2007. • Sbrusch, Raymond. Network Covert Channels: Subversive Secrecy. SANS Institute. http://www.sans.org/reading_room/papers/download.php?id=1660&c=29cae459acbc32dac569453048050082&portal=67dfc17e34bed372c83983ad0cbd5629. April 26, 2007 • “Steganography.” Wikipedia. http://en.wikipedia.org/wiki/Steganography. April 26, 2007. • Wingate, Jim. The Perfect Dead Drop: The Use of Cyberspace for Covert Communications. BackBone Security.com. http://www.infosec-technologies.com/steganograph.pdf. April 26, 2007.

More Related