Presentation is loading. Please wait.

Presentation is loading. Please wait.

Covert Channels The Silence Must be Heard The Hidden Must be Seen The Secrets Must be Revealed By: Randy Grubb Armstrong Atlantic State University – Cyber.

Published byHilary Carson Modified over 9 years ago

Similar presentations

Presentation on theme: "Covert Channels The Silence Must be Heard The Hidden Must be Seen The Secrets Must be Revealed By: Randy Grubb Armstrong Atlantic State University – Cyber."— Presentation transcript:

1 Covert Channels The Silence Must be Heard The Hidden Must be Seen The Secrets Must be Revealed By: Randy Grubb Armstrong Atlantic State University – Cyber & Homeland Security Institute

2 Cyber Capabilities By the turn of the century all known terrorist and criminal groups had a presence on the Internet. –Psychological Warfare –Propaganda –Data Mining –Fundraising/financing –Recruiting –Networking –Information sharing –Planning & coordination –Actual perpetration of their crimes

3 Why the Internet? Anonymous (real or perceived) –Encryption –Covert Channels/Steganography –Public libraries/Internet cafes/wireless access points –Anonymizers/Proxies (Tor) Geographically Unbounded –People can communicate with one another from virtually anywhere in the world –More than 10,000 Internet Service Providers (ISP) worldwide –Some are sympathetic to the radical cause

4 Why the Internet? Largely unregulated –Developed as an open interoperable network –No central government authority –Most ISPs do not have the resources or desire to monitor web-site content Inexpensive –Free web hosting –Free e-mail accounts

5 Why the Internet? US and coalition military actions since 9/11 have deprived terrorist organizations their base of operations and training camps. These actions have dispersed terrorist organizations more widely. With the Internet, terrorist organizations can control a worldwide movement without ever meeting. Source: Harvard Gazette: Terror Online and how to counteract it, Ruth Walker, 2004

6 Netwar Term given to an emerging mode of conflict dealing with the societal relationships between namely terrorists and criminal organizations. –Involves measures short of traditional warfare –Network forms of organization, doctrine, strategy and communication Dispersed and decentralized manner

7 Netwar Small groups from points around the world utilizing network and Internet technology to: –Communicate –Coordinate –Act

8 Is This a Secure Site?

9 What are Covert Channels? Covert Channels –Any communication channel that can be exploited by a process to transfer information in a manner that violates the systems security policy. –In short, covert channels transfer information using non-standard methods –Against the system design –Communication is obscured; unnoticed –Easily bypass current security tools & products

10 What are Covert Channels? Covert Channels allow multiple parties to communicate ‘ unseen ’ –They hide the fact that a communication is even occurring –Provides privacy and anonymity Unlike encryption, where communication is obvious but obscured –Encryption is easily identified –Clear and visible indications of encryption

11 Covert Channels Covert Channels work because of human deficiencies –Eye sight –Hearing –Analysis skills Lack of Interest –It ’ s not really a problem, doesn ’ t happen –Prove it to me System Design Discrepancies –Components utilized in unintended manner

12 Covert Channels Many covert channels will elude detection simply because most individuals have never considered the possibility Perception over rides reality

13 Covert Channels Covert Channels hide the fact that communication between two or more individuals is occurring.

14 Potential Damage Corporate Espionage –Loss of competitive advantage Government or Military Activities –Increased threat to National Security –Terrorist Organizations Criminal Activities –Transfer of pornography or commercial software Financial Impact –Transfer of confidential financial data

15 Known Covert Methods Steganography –Images –Audio Text Manipulation TCP Covert Channels Alternate Data Streams (ADS) Deep or invisible web

16 Tool Summary Over 300 known tool variation and releases Tools for every Operating System including DOS, Windows, UNIX/Linux, OS2, Mac Wide variety of methodologies and features Most software is freeware or shareware

17 Origins of Steganography What does Steganography Mean? –Pronounced “STEHG-uh-NAH-gru-fee” –From the Greek Roots “Steganos” or Covered “Graphie” or Writing “Covered Writing” –First Known Usage The early Greeks and Persians used several forms of covered writing to conceal the communication of secret or covert messages Origins date back as far 2500 years ago

18 Carrier + Payload = Covert Message Carrier – The file that provides cover for and conceals the payload. Payload – The secret message or information that you wish to conceal or communicate. Covert Message – The combination of the payload and the carrier. The covert message file should appear identical to the carrier. Most current stego tools also encrypt the payload to increase security.

19 Digital Images Digital Images are created by software –Digital camera –Scanner –Graphics program Digital Images are made up of pixels –Represented on a grid –The pixel is the smallest visual component –Resolution & representation 640 x 480 – rows x columns 75 dpi – number of dots per inch 1 1 http://www.library.cornell.edu/preservation/tutorial/intro/intro-01.html Source: WetStone Technologies

20 Digital Images Color is represented in digital images by three different methods. –Paletted images –True color images –Compressed images

21 Palette Images Map to a pre-defined color on a table – Pixel represented by table lookup value 2 http://www.webstyleguide.com/graphics/displays.html 2 Source: WetStone Technologies

22 True Color Images True Color images –Typically 24 bits –Most common format is RGB or Red – Green - Blue –8 bits for each color byte (red, green, blue) –16.7M possible colors 4 http://www.webstyleguide.com/graphics/displays.html 4 Source: WetStone Technologies

23 Least Significant Bit Steganography “The hiding of data within a digital carrier by slightly altering an insignificant characteristic of the carrier that does not appear to alter the normal rendering of the data” Hosmer, 1999 Source: WetStone Technologies

24 Altering a True Color Image 2 http://www.webstyleguide.com/graphics/displays.html 2 Image source: www.wikipedia.com

25 LSB Substitution – bit 0 11011010 1100011 1110000 RED GREEN BLUE 0 0 1 Before After Combined Color Individual Colors After 0 1 0 LSB Substitution Source: WetStone Technologies

26 LSB Substitution bit 0 and 1 11011010 110001 0 111000 1 RED GREEN BLUE 1 0 1 Before After Combined Color Individual Colors After 0 1 0 LSB Substitution Source: WetStone Technologies

27 LSB Substitution bits (0-3) 1 1011 100 1100 100 1110 111 RED GREEN BLUE 1 0 1 Before After Combined Color Individual Colors After 0 1 0 LSB Substitution Source: WetStone Technologies

28 Color Differences Source: WetStone Technologies

29 Color Differences Source: WetStone Technologies

30 Color Differences Can you spot the modified pixel? Source: WetStone Technologies

Download ppt "Covert Channels The Silence Must be Heard The Hidden Must be Seen The Secrets Must be Revealed By: Randy Grubb Armstrong Atlantic State University – Cyber."

Similar presentations

Introduction to Computers Lecture By K. Ezirim. What is a Computer? An electronic device –Desktops, Notebooks, Mobile Devices, Calculators etc. Require.

Introduction to Computers Lecture By K. Ezirim. What is a Computer? An electronic device –Desktops, Notebooks, Mobile Devices, Calculators etc. Require.
Introduction to Computer Graphics Raster Vs. Vector COMMUNICATION TECHNOLOGY.

Introduction to Computer Graphics Raster Vs. Vector COMMUNICATION TECHNOLOGY.
Steganograp hy By : Uday Deep Singh (IT-2 / 7 th Sem) “The Art Of Hiding Content In Images” 1.

Steganograp hy By : Uday Deep Singh (IT-2 / 7 th Sem) “The Art Of Hiding Content In Images” 1.
A Digital Imaging Primer Nick Dvoracek Instructional Resources Center University of Wisconsin Oshkosh.

A Digital Imaging Primer Nick Dvoracek Instructional Resources Center University of Wisconsin Oshkosh.
Information Hiding: Watermarking and Steganography

Information Hiding: Watermarking and Steganography
Fundamentals of Information Systems, Second Edition 1 Telecommunications, the Internet, Intranets, and Extranets Chapter 4.

Fundamentals of Information Systems, Second Edition 1 Telecommunications, the Internet, Intranets, and Extranets Chapter 4.
Steganography and Network Security

Steganography and Network Security
Steganography Steganography is the art and science of writing hidden messages in such a way that no one apart from the sender and intended recipient even.

Steganography Steganography is the art and science of writing hidden messages in such a way that no one apart from the sender and intended recipient even.
Khan, Mohammed Minhajuddin

Khan, Mohammed Minhajuddin
Bits are Not just for Numbers or Characters Computers store characters as bits or binary digits. Characters from the English-language keyboard can be represented.

Bits are Not just for Numbers or Characters Computers store characters as bits or binary digits. Characters from the English-language keyboard can be represented.
Overview of Digital Stenography

Overview of Digital Stenography
Pictures Worth More Than 1000 Words

Pictures Worth More Than 1000 Words
Steganography Detection Brittnee Morgan December 22, 2004 HPR 108B.

Steganography Detection Brittnee Morgan December 22, 2004 HPR 108B.
CSCI 530L Steganography and Steganalysis. Administrative issues If you have not yet signed up for a Lab Section, do so now. Most lab sections are full.

CSCI 530L Steganography and Steganalysis. Administrative issues If you have not yet signed up for a Lab Section, do so now. Most lab sections are full.
Steganography Rayan Ghamri.

Steganography Rayan Ghamri.
1. 2 Discussion Topic: Steganography By Chris Turla, Darien Hager, Jeremy Cheng, Pui Chee Chan INFO 498 – Information Security Autumn ’04.

1. 2 Discussion Topic: Steganography By Chris Turla, Darien Hager, Jeremy Cheng, Pui Chee Chan INFO 498 – Information Security Autumn ’04.
CS 591 C3S C ryptography & S teganography S ecure S ystem By: Osama Khaleel.

CS 591 C3S C ryptography & S teganography S ecure S ystem By: Osama Khaleel.
CGS 1000 Introduction to Computers and Technology.

CGS 1000 Introduction to Computers and Technology.
How Images are Represented Bitmap images (Dots used to draw the image) Monochrome images 8 bit grey scale images 24 bit colour Colour lookup tables Vector.

How Images are Represented Bitmap images (Dots used to draw the image) Monochrome images 8 bit grey scale images 24 bit colour Colour lookup tables Vector.
Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #12 Computer Forensics Analysis/Validation and Recovering Graphic.

Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #12 Computer Forensics Analysis/Validation and Recovering Graphic.

Similar presentations

Ads by Google