276 research outputs found
BitWhisper: Covert Signaling Channel between Air-Gapped Computers using Thermal Manipulations
It has been assumed that the physical separation (air-gap) of computers
provides a reliable level of security, such that should two adjacent computers
become compromised, the covert exchange of data between them would be
impossible. In this paper, we demonstrate BitWhisper, a method of bridging the
air-gap between adjacent compromised computers by using their heat emissions
and built-in thermal sensors to create a covert communication channel. Our
method is unique in two respects: it supports bidirectional communication, and
it requires no additional dedicated peripheral hardware. We provide
experimental results based on implementation of BitWhisper prototype, and
examine the channel properties and limitations. Our experiments included
different layouts, with computers positioned at varying distances from one
another, and several sensor types and CPU configurations (e.g., Virtual
Machines). We also discuss signal modulation and communication protocols,
showing how BitWhisper can be used for the exchange of data between two
computers in a close proximity (at distance of 0-40cm) at an effective rate of
1-8 bits per hour, a rate which makes it possible to infiltrate brief commands
and exfiltrate small amount of data (e.g., passwords) over the covert channel
xLED: Covert Data Exfiltration from Air-Gapped Networks via Router LEDs
In this paper we show how attackers can covertly leak data (e.g., encryption
keys, passwords and files) from highly secure or air-gapped networks via the
row of status LEDs that exists in networking equipment such as LAN switches and
routers. Although it is known that some network equipment emanates optical
signals correlated with the information being processed by the device
('side-channel'), intentionally controlling the status LEDs to carry any type
of data ('covert-channel') has never studied before. A malicious code is
executed on the LAN switch or router, allowing full control of the status LEDs.
Sensitive data can be encoded and modulated over the blinking of the LEDs. The
generated signals can then be recorded by various types of remote cameras and
optical sensors. We provide the technical background on the internal
architecture of switches and routers (at both the hardware and software level)
which enables this type of attack. We also present amplitude and frequency
based modulation and encoding schemas, along with a simple transmission
protocol. We implement a prototype of an exfiltration malware and discuss its
design and implementation. We evaluate this method with a few routers and
different types of LEDs. In addition, we tested various receivers including
remote cameras, security cameras, smartphone cameras, and optical sensors, and
also discuss different detection and prevention countermeasures. Our experiment
shows that sensitive data can be covertly leaked via the status LEDs of
switches and routers at a bit rates of 10 bit/sec to more than 1Kbit/sec per
LED
A Survey of Techniques for Improving Security of GPUs
Graphics processing unit (GPU), although a powerful performance-booster, also
has many security vulnerabilities. Due to these, the GPU can act as a
safe-haven for stealthy malware and the weakest `link' in the security `chain'.
In this paper, we present a survey of techniques for analyzing and improving
GPU security. We classify the works on key attributes to highlight their
similarities and differences. More than informing users and researchers about
GPU security techniques, this survey aims to increase their awareness about GPU
security vulnerabilities and potential countermeasures
Harnessing single board computers for military data analytics
Executive summary: This chapter covers the use of Single Board Computers (SBCs) to expedite onsite data analytics for a variety of military applications. Onsite data summarization and analytics is increasingly critical for command, control, and intelligence (C2I) operations, as excessive power consumption and communication latency can restrict the efficacy of down-range operations. SBCs offer power-efficient, inexpensive data-processing capabilities while maintaining a small form factor. We discuss the use of SBCs in a variety of domains, including wireless sensor networks, unmanned vehicles, and cluster computing. We conclude with a discussion of existing challenges and opportunities for future use.https://digitalcommons.usmalibrary.org/books/1010/thumbnail.jp
A NOVEL APPROACH FOR COVERT COMMUNICATION OVER TCP VIA INDUCED CLOCK SKEW
The goal of this thesis is to determine the feasibility and provide a proof of concept for a covert
communications channel based on induced clock skew. Transmission Control Protocol (TCP) timestamps
provide a means for measuring clock skew between two hosts. By intentionally altering timestamps, a host
can induce artificial clock skew as measured by the receiver, thereby providing a means to covertly
communicate. A novel scheme for transforming symbols into skew values is developed in this work, along
with methods for extraction at the receiver. We tested the proposed scheme in a laboratory network
consisting of Dell laptops running Ubuntu 16.04. The results demonstrated a successful implementation of
the proposed covert channel with achieved bit rates as high as 33 bits per second under ideal conditions.
Forward error correction was also successfully employed in the form of a Reed–Solomon code to mitigate
the effects of variation in delay over the Internet.Lieutenant, United States NavyApproved for public release; distribution is unlimited
Evaluating the Impacts of Detecting X.509 Covert Channels
This quasi-experimental before-and-after study examined the performance impacts of detecting X.509 covert channels in the Suricata intrusion detection system. Relevant literature and previous studies surrounding covert channels and covert channel detection, X.509 certificates, and intrusion detection system performance were evaluated. This study used Jason Reaves’ X.509 covert channel proof of concept code to generate malicious network traffic for detection (2018). Various detection rules for intrusion detection systems were created to aid in the detection of the X.509 covert channel. The central processing unit (CPU) and memory utilization impacts that each rule had on the intrusion detection system was studied and analyzed. Statistically significant figures found that the rules do have an impact on the performance of the system, some more than others. Finally, pathways towards future related research in creating efficient covert channel detection mechanisms were identified
- …