Presentation is loading. Please wait.

Presentation is loading. Please wait.

Covert Channels Eric Pennington COSC480. Common Network Threats  Viruses, Trojans, Worms, etc.  Password Attacks  Eavesdropping  Port Scanning  Not.

Published byImogen Summers Modified over 8 years ago

Similar presentations

Presentation on theme: "Covert Channels Eric Pennington COSC480. Common Network Threats  Viruses, Trojans, Worms, etc.  Password Attacks  Eavesdropping  Port Scanning  Not."— Presentation transcript:

1 Covert Channels Eric Pennington COSC480

2 Common Network Threats  Viruses, Trojans, Worms, etc.  Password Attacks  Eavesdropping  Port Scanning  Not typically Covert Channels

3 Prisoner’s Problem  Two prisoners want to escape jail.  They are in separate cells and need to communicate.  All messages between prisoners must go through the warden.  What should they do?

4 Prisoner’s Problem  They communicate their plans to each other in code.  Each word with an even number of letters represents a 1.  Each word with an odd number of letters represents a 0.  The actual message is the reassembled binary string.

5 Prisoner’s Problem “Hey, what are you up to?” “010011”

6 Covert Channels

7 “A covert channel is any communication channel that can be exploited by a process to transfer information in a manner that violates the system's security policy.”

8 Sending and Receiving Processes  The Sending Process is what transmits the covert data  The Sending Process typically has higher security privileges  The Receiving Process is what accepts the covert data  The Receiving Process typically has lower security privileges

9 Trojan Horses  A Trojan Horse is a backdoor disguised as legitimate software  Trojan Horses are the most common way to deploy the Sending process of a covert channel

10 Covert Storage Channels

11 “Covert storage channels include all vehicles that would allow the direct or indirect writing of a storage location by one process and the direct or indirect reading of it by another.”

12 Storage Channels Example  Sending process (S) creates a file on the Common Drive (N:)  To signal a 1, S makes the file read-only  To signal a 0, S turns off read-only  Receiving process (R) polls to see if the file exists  When it exists, R reads the read-only value to receive the information

13 Covert Timing Channels

14 “Covert timing channels include all vehicles that would allow one process to signal information to another process by modulating its own use of system resources in such a way that the change in response time observed by the second process would provide information.”

15 Timing Channels Example  Sending process (S) and Receiving process (R) have access to the same movable-head I/O device  S has access to the entire device while R only has access to a certain section  The device processes all requests serially  To signal a 1, S makes a request to the farthest area of the device from R’s section  To signal a 0, S does nothing

16 Timing Channels Example  R makes a read request within its own section of the device  It measures the time it takes for the request to complete  If it takes a longer time, due to the head being so far away, it reads a 1  If it takes a shorter time, because the head is closer, it reads a 0

17 Covert Channels vs. Steganography Data HidingChannel Hiding

18 Covert Channels vs. Steganography  Covert Channels – The method of data transmission is hidden  Steganography – The message is hidden within another message  Steganography Example – The least significant bits of a bitmap could be altered to hold the message  These can be combined – the bitmap could be transferred using a covert channel

19 Noise in Covert Channels Noise occurs when something interferes with the transmission from the Sending process to the Receiving process

20 Noise in Covert Channels  In the Storage Channels example, what happens if another process modifies the read-only bit of the file?  The receiving process would still record the information and possibly become corrupted  This is a major problem in Covert Channels

21 Bibliography  Department of Defense. “Trusted Computer System Evaluation Criteria.” 1985.  Owens, Mark. “A Discussion of Covert Channels and Steganography.” 2002.  Simmons, Gustavus. “The Prisoners’ Problem and the Subliminal Channel.” 1983.

Download ppt "Covert Channels Eric Pennington COSC480. Common Network Threats  Viruses, Trojans, Worms, etc.  Password Attacks  Eavesdropping  Port Scanning  Not."

Similar presentations

Chapter Three: Interconnection Structure

Chapter Three: Interconnection Structure
POSSIBLE THREATS TO DATA

POSSIBLE THREATS TO DATA
Crime and Security in the Networked Economy Part 4.

Crime and Security in the Networked Economy Part 4.
A Taxonomy of Computer Program Security Flaws C. E. Landwehr, A. R. Bull, J. P. McDermott and W.S. Choi -- Presented by: Feng Hui Luo ACM Computing Surveys,

A Taxonomy of Computer Program Security Flaws C. E. Landwehr, A. R. Bull, J. P. McDermott and W.S. Choi -- Presented by: Feng Hui Luo ACM Computing Surveys,
Security strategy. What is security strategy? How an organisation plans to protect and respond to security attacks on their information technology assets.

Security strategy. What is security strategy? How an organisation plans to protect and respond to security attacks on their information technology assets.
Software Security Threats Threats have been an issue since computers began to be used widely by the general public.

Software Security Threats Threats have been an issue since computers began to be used widely by the general public.
Security: Attacks. 2 Trojan Horse Malicious program disguised as an innocent one –Could modify/delete user’s file, send important info to cracker, etc.

Security: Attacks. 2 Trojan Horse Malicious program disguised as an innocent one –Could modify/delete user’s file, send important info to cracker, etc.
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 9 Performing Vulnerability Assessments.

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 9 Performing Vulnerability Assessments.
Nasca 2007 100 200 300 400 500 Internet Networking and Security viruses.

Nasca Internet Networking and Security viruses.
Lesson 10 – SECURING YOUR NETWORK Security devices Internal security External security Viruses and other malicious software OVERVIEW.

Lesson 10 – SECURING YOUR NETWORK Security devices Internal security External security Viruses and other malicious software OVERVIEW.
Data Integrity and Security. Data integrity  data that has a complete or whole structure  a condition in which data has not been altered or destroyed.

Data Integrity and Security. Data integrity  data that has a complete or whole structure  a condition in which data has not been altered or destroyed.
Analogue and Digital Signals SL – Option C.1. Signals When talking about electronics we will talk about ‘signals’ –This is simply the transfer of information.

Analogue and Digital Signals SL – Option C.1. Signals When talking about electronics we will talk about ‘signals’ –This is simply the transfer of information.
Covert Channels John Dabney. Covert Channels   “... any communication channel that can be exploited by a process to transfer information in a manner.

Covert Channels John Dabney. Covert Channels   “... any communication channel that can be exploited by a process to transfer information in a manner.
By : Nimish Agarwal.  … are those which are neither designed nor intended to transfer information at all.  … are based on transmission by storage into.

By : Nimish Agarwal.  … are those which are neither designed nor intended to transfer information at all.  … are based on "transmission by storage into.
Chapter 10 Error Detection and Correction

Chapter 10 Error Detection and Correction
Department of Mathematics Computer and Information Science1 Basics of Cyber Security and Computer Forensics Christopher I. G. Lanclos.

Department of Mathematics Computer and Information Science1 Basics of Cyber Security and Computer Forensics Christopher I. G. Lanclos.
331: STUDY DATA COMMUNICATIONS AND NETWORKS.  1. Discuss computer networks (5 hrs)  2. Discuss data communications (15 hrs)

331: STUDY DATA COMMUNICATIONS AND NETWORKS.  1. Discuss computer networks (5 hrs)  2. Discuss data communications (15 hrs)
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Cameron Simpson.

GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Cameron Simpson.
Chapter 15: Security (Part 1). The Security Problem Security must consider external environment of the system, and protect the system resources Intruders.

Chapter 15: Security (Part 1). The Security Problem Security must consider external environment of the system, and protect the system resources Intruders.
Networks and Security. Types of Attacks/Security Issues  Malware  Viruses  Worms  Trojan Horse  Rootkit  Phishing  Spyware  Denial of Service.

Networks and Security. Types of Attacks/Security Issues  Malware  Viruses  Worms  Trojan Horse  Rootkit  Phishing  Spyware  Denial of Service.

Similar presentations

Ads by Google