Did You See That? A Covert Channel Exploiting Recent Legitimate Traffic

12/22/2022
by   Steffen Wendzel, et al.
0

Covert channels are unforeseen and stealthy communication channels that enable manifold adversary scenarios, such as the covert exfiltration of confidential data or the stealthy orchestration of botnets. However, they can also allow the exchange of confidential information by journalists. All covert channels described until now therefore need to craft seemingly legitimate information flows for their information exchange, mimicking unsuspicious behavior. In this paper, we present DYST (Did You See That?), which represents a new class of covert channels we call history covert channels. History covert channels can communicate almost exclusively based on unaltered legitimate traffic created by regular nodes participating in a network. Only a negligible fraction of the covert communication process requires the transfer of actual covert channel information. We extend the current taxonomy for covert channels to show how history channels can be categorized. We theoretically analyze the characteristics of history channels and show how their configuration can be optimized for two channel implementations, called DYST-Basic and DYST-Ext. We further implement a proof-of-concept code for both DYST variants and evaluate the performance (robustness, detectability, and optimization) with both, simulated and real traffic. Finally, we discuss application scenarios and potential countermeasures against DYST.

READ FULL TEXT

page 1

page 13

research
01/26/2021

Classical simulations of communication channels

We investigate whether certain non-classical communication channels can ...
research
02/17/2019

On the Complexity of Anonymous Communication Through Public Networks

Anonymous channels allow users to connect to websites or communicate wit...
research
02/28/2021

Countering Adaptive Network Covert Communication with Dynamic Wardens

Network covert channels are hidden communication channels in computer ne...
research
01/13/2018

Asymptotic Distribution of Multilevel Channel Polarization for a Certain Class of Erasure Channels

This study examines multilevel channel polarization for a certain class ...
research
02/20/2021

Symbol-Level Synchronisation Channel Modelling With Real-World Application: From Davey-Mackay, Fritchman to Markov

Errors in realistic channels contain not only substitution errors, but s...
research
10/05/2018

Dynamic Channel Allocation for QoS Provisioning in Visible Light Communication

In visible light communication (VLC) diverse types of traffic are suppor...
research
08/03/2021

Information disclosure in the framework of Kolmogorov complexity

We consider the network consisting of three nodes 1, 2, 3 connected by t...

Please sign up or login with your details

Forgot password? Click here to reset