29,039 research outputs found
An Extended Discussion on a High-Capacity Covert Channel for the Android Operating System
In “Exploring a High-Capacity Covert Channel for the Android Operating System” [1], a covert channel for communicating between different applications on the Android operating system was introduced and evaluated. This covert channel proved to be capable of a much higher throughput than any other comparable channels which had been explored previously. This article will expand on the work which was started in [1]. Specifically, further improvements on the initial covert channel concept will be detailed and their impact with regards to channel throughput will be evaluated. In addition, a new protocol for managing connections and communications between collaborating applications purely using this channel will be defined and explored. A number of different potential mechanisms and techniques for detecting the presence and use of this covert channel will also be described and discussed, including possible counter-measures, which could be implemented
A Covert Channel Using Named Resources
A network covert channel is created that uses resource names such as
addresses to convey information, and that approximates typical user behavior in
order to blend in with its environment. The channel correlates available
resource names with a user defined code-space, and transmits its covert message
by selectively accessing resources associated with the message codes. In this
paper we focus on an implementation of the channel using the Hypertext Transfer
Protocol (HTTP) with Uniform Resource Locators (URLs) as the message names,
though the system can be used in conjunction with a variety of protocols. The
covert channel does not modify expected protocol structure as might be detected
by simple inspection, and our HTTP implementation emulates transaction level
web user behavior in order to avoid detection by statistical or behavioral
analysis.Comment: 9 page
Hidden and Uncontrolled - On the Emergence of Network Steganographic Threats
Network steganography is the art of hiding secret information within innocent
network transmissions. Recent findings indicate that novel malware is
increasingly using network steganography. Similarly, other malicious activities
can profit from network steganography, such as data leakage or the exchange of
pedophile data. This paper provides an introduction to network steganography
and highlights its potential application for harmful purposes. We discuss the
issues related to countering network steganography in practice and provide an
outlook on further research directions and problems.Comment: 11 page
A Formulation of the Potential for Communication Condition using C2KA
An integral part of safeguarding systems of communicating agents from covert
channel communication is having the ability to identify when a covert channel
may exist in a given system and which agents are more prone to covert channels
than others. In this paper, we propose a formulation of one of the necessary
conditions for the existence of covert channels: the potential for
communication condition. Then, we discuss when the potential for communication
is preserved after the modification of system agents in a potential
communication path. Our approach is based on the mathematical framework of
Communicating Concurrent Kleene Algebra (C2KA). While existing approaches only
consider the potential for communication via shared environments, the approach
proposed in this paper also considers the potential for communication via
external stimuli.Comment: In Proceedings GandALF 2014, arXiv:1408.556
- …