4618134
doi
10.5281/zenodo.4618134
oai:zenodo.org:4618134
Jörg Keller
FernUniversität in Hagen
Preventing Protocol Switching Covert Channels
Steffen Wendzel
FernUniversität in Hagen
url:http://www.thinkmind.org/articles/sec_v5_n34_2012_2.pdf
info:eu-repo/semantics/openAccess
Creative Commons Attribution 4.0 International
https://creativecommons.org/licenses/by/4.0/legalcode
Covert Channels
Data Leakage Protection
Active Wardens
Information Hiding
Steganography
Network Security
Information Security
Cybersecurity
<p>Network covert channels enable a policy-breaking network communication (e.g., within botnets). Within the last years, new covert channel techniques arose which are based on the capability of protocol switching. Such protocol switching covert channels operate within overlay networks and can (asa special case) contain their own internal control protocols. We present the first approach to effectively limit the bitrate of such covert channels by introducing a new active warden.We present a calculation method for the maximum usable bitrate of these channels in case the active warden is used. We discuss implementation details of the active warden and discuss results from experiments that indicate the usability in practice. Additionally, we present means to enhance the practical application of our active warden by applying a formal grammar-based whitelisting and by proposing the combination of a previously developed detection technique in combination with our presented approach.</p>
Code is available: https://github.com/cdpxe/NetworkCovertChannels
Zenodo
2012-01-01
info:eu-repo/semantics/article
4618133
1.0.0
1616113629.081589
8288337
md5:07b9ea68ff7ef5d705ba95d2b989d086
https://zenodo.org/records/4618134/files/sec_v5_n34_2012_2.pdf
public
http://www.thinkmind.org/articles/sec_v5_n34_2012_2.pdf
Is identical to
url
10.5281/zenodo.4618133
isVersionOf
doi
International Journalon Advances in Security
5
3-4
81-93
2012-01-01