10,297 research outputs found
A Formulation of the Potential for Communication Condition using C2KA
An integral part of safeguarding systems of communicating agents from covert
channel communication is having the ability to identify when a covert channel
may exist in a given system and which agents are more prone to covert channels
than others. In this paper, we propose a formulation of one of the necessary
conditions for the existence of covert channels: the potential for
communication condition. Then, we discuss when the potential for communication
is preserved after the modification of system agents in a potential
communication path. Our approach is based on the mathematical framework of
Communicating Concurrent Kleene Algebra (C2KA). While existing approaches only
consider the potential for communication via shared environments, the approach
proposed in this paper also considers the potential for communication via
external stimuli.Comment: In Proceedings GandALF 2014, arXiv:1408.556
Covert Wireless Communication with a Poisson Field of Interferers
In this paper, we study covert communication in wireless networks consisting
of a transmitter, Alice, an intended receiver, Bob, a warden, Willie, and a
Poisson field of interferers. Bob and Willie are subject to uncertain shot
noise due to the ambient signals from interferers in the network. With the aid
of stochastic geometry, we analyze the throughput of the covert communication
between Alice and Bob subject to given requirements on the covertness against
Willie and the reliability of decoding at Bob. We consider non-fading and
fading channels. We analytically obtain interesting findings on the impacts of
the density and the transmit power of the concurrent interferers on the covert
throughput. That is, the density and the transmit power of the interferers have
no impact on the covert throughput as long as the network stays in the
interference-limited regime, for both the non-fading and the fading cases. When
the interference is sufficiently small and comparable with the receiver noise,
the covert throughput increases as the density or the transmit power of the
concurrent interferers increases
Time Protection: the Missing OS Abstraction
Timing channels enable data leakage that threatens the security of computer
systems, from cloud platforms to smartphones and browsers executing untrusted
third-party code. Preventing unauthorised information flow is a core duty of
the operating system, however, present OSes are unable to prevent timing
channels. We argue that OSes must provide time protection in addition to the
established memory protection. We examine the requirements of time protection,
present a design and its implementation in the seL4 microkernel, and evaluate
its efficacy as well as performance overhead on Arm and x86 processors
POWER-SUPPLaY: Leaking Data from Air-Gapped Systems by Turning the Power-Supplies Into Speakers
It is known that attackers can exfiltrate data from air-gapped computers
through their speakers via sonic and ultrasonic waves. To eliminate the threat
of such acoustic covert channels in sensitive systems, audio hardware can be
disabled and the use of loudspeakers can be strictly forbidden. Such audio-less
systems are considered to be \textit{audio-gapped}, and hence immune to
acoustic covert channels.
In this paper, we introduce a technique that enable attackers leak data
acoustically from air-gapped and audio-gapped systems. Our developed malware
can exploit the computer power supply unit (PSU) to play sounds and use it as
an out-of-band, secondary speaker with limited capabilities. The malicious code
manipulates the internal \textit{switching frequency} of the power supply and
hence controls the sound waveforms generated from its capacitors and
transformers. Our technique enables producing audio tones in a frequency band
of 0-24khz and playing audio streams (e.g., WAV) from a computer power supply
without the need for audio hardware or speakers. Binary data (files,
keylogging, encryption keys, etc.) can be modulated over the acoustic signals
and sent to a nearby receiver (e.g., smartphone). We show that our technique
works with various types of systems: PC workstations and servers, as well as
embedded systems and IoT devices that have no audio hardware at all. We provide
technical background and discuss implementation details such as signal
generation and data modulation. We show that the POWER-SUPPLaY code can operate
from an ordinary user-mode process and doesn't need any hardware access or
special privileges. Our evaluation shows that using POWER-SUPPLaY, sensitive
data can be exfiltrated from air-gapped and audio-gapped systems from a
distance of five meters away at a maximal bit rates of 50 bit/sec
USBcat - Towards an Intrusion Surveillance Toolset
This paper identifies an intrusion surveillance framework which provides an
analyst with the ability to investigate and monitor cyber-attacks in a covert
manner. Where cyber-attacks are perpetrated for the purposes of espionage the
ability to understand an adversary's techniques and objectives are an important
element in network and computer security. With the appropriate toolset,
security investigators would be permitted to perform both live and stealthy
counter-intelligence operations by observing the behaviour and communications
of the intruder. Subsequently a more complete picture of the attacker's
identity, objectives, capabilities, and infiltration could be formulated than
is possible with present technologies. This research focused on developing an
extensible framework to permit the covert investigation of malware.
Additionally, a Universal Serial Bus (USB) Mass Storage Device (MSD) based
covert channel was designed to enable remote command and control of the
framework. The work was validated through the design, implementation and
testing of a toolset.Comment: In Proceedings AIDP 2014, arXiv:1410.322
- …