Presentation is loading. Please wait.

Presentation is loading. Please wait.

Covert Channels John Dabney. Covert Channels   “... any communication channel that can be exploited by a process to transfer information in a manner.

Published byMadeline Porter Modified over 9 years ago

Similar presentations

Presentation on theme: "Covert Channels John Dabney. Covert Channels   “... any communication channel that can be exploited by a process to transfer information in a manner."— Presentation transcript:

1 Covert Channels John Dabney

2 Covert Channels   “... any communication channel that can be exploited by a process to transfer information in a manner that violates the system's security policy. - - National Institute of Standards and Technology  “a path of communication that was not designed to be used for communication.” - Matt Bishop

3 Steganography  “ ”  “the practice of concealing information in channels that superficially appear benign.”  “While cryptography is about protecting the content of messages, steganography is about concealing their very existence.” – Fabien Petitcolas

4 Properties  Existence  Hide the fact that communication is taking place  Bandwidth  Unused  Detectability  Evaluation  Ease of implementation  Range  Permissibility  Probability of detection  Anonymity  “Unobservable”  “Unlinkable”

5 Usage  Network  Wireless - Corrupted headers  Modifying header fields  Optional/mandatory – bits used infrequently raise risk of detection  Modifying existing traffic  Audio and Video stenograms  Encryption  Canary trap and Digital watermarking

6 An example  http://www.petitcolas.net/fabien/steganogr aphy/image%5Fdowngrading/

7 64 KB hidden

8 129 KB hidden

9 194 KB hidden

10 258 KB hidden

11 323 KB hidden

12 388 KB “hidden”

13 452 KB “hidden”

14 Detection  Comparison with original  Artifacts from applications used to hide information  Statistical analysis  Wireless - High error rates

15 Mitigation  Not complete elimination  Isolation  Bandwidth - time  Randomness/Uniformity  Compression  Changing formats  Disabling certain traffic

16 Questions? ????

17 Bibliography   Bishop, Matt. Introduction to Computer Security. Massachusetts: Pearson Education, Inc., 2005.   “Canary Trap.” Wikipedia. http://en.wikipedia.org/wiki/Canary_trap. April 26, 2007.http://en.wikipedia.org/wiki/Canary_trap   “Covert Channels.” Wikipedia. http://en.wikipedia.org/wiki/Covert_channel. April 26, 2007.http://en.wikipedia.org/wiki/Covert_channel   Dunbar, Bret. A detailed look at Steganographic Techniques and their use in an Open-Systems Environment. SANS Institute. 01/18/2002 http://www.sans.org/reading_room/papers/download.php?id=677&c=29cae459acbc32dac56 9453048050082&portal=67dfc17e34bed372c83983ad0cbd5629. April 26, 2007. http://www.sans.org/reading_room/papers/download.php?id=677&c=29cae459acbc32dac56 9453048050082&portal=67dfc17e34bed372c83983ad0cbd5629   Owens, Mark. A Discussion of Covert Channels and Steganography. SANS/GIAC GSEC 1.3. March 19, 2002. http://www.sans.org/reading_room/papers/download.php?id=678&c=29cae459acbc32dac569453 048050082&portal=67dfc17e34bed372c83983ad0cbd5629. April 26, 2007. http://www.sans.org/reading_room/papers/download.php?id=678&c=29cae459acbc32dac569453 048050082&portal=67dfc17e34bed372c83983ad0cbd5629   Petitcolas, Fabien. “the information hiding homepage digital watermarking and steganography.” (Nov. 2006) Fabien a. p. petitcolas. http://www.petitcolas.net/fabien/steganography/image%5Fdowngrading/ April 26, 2007. http://www.petitcolas.net/fabien/steganography/image%5Fdowngrading/   Sbrusch, Raymond. Network Covert Channels: Subversive Secrecy. SANS Institute. http://www.sans.org/reading_room/papers/download.php?id=1660&c=29cae459acbc32dac56945 3048050082&portal=67dfc17e34bed372c83983ad0cbd5629. April 26, 2007 http://www.sans.org/reading_room/papers/download.php?id=1660&c=29cae459acbc32dac56945 3048050082&portal=67dfc17e34bed372c83983ad0cbd5629   “Steganography.” Wikipedia. http://en.wikipedia.org/wiki/Steganography. April 26, 2007.http://en.wikipedia.org/wiki/Steganography   Wingate, Jim. The Perfect Dead Drop: The Use of Cyberspace for Covert Communications. BackBone Security.com. http://www.infosec-technologies.com/steganograph.pdf. April 26, 2007.http://www.infosec-technologies.com/steganograph.pdf

Download ppt "Covert Channels John Dabney. Covert Channels   “... any communication channel that can be exploited by a process to transfer information in a manner."

Similar presentations

Information Hiding and Covert Channels

Information Hiding and Covert Channels
1 SANS Technology Institute - Candidate for Master of Science Degree 1 Steganography Then and Now John Hally May 2012 GIAC GSEC, GCIA, GCIH, GCFA, GCWN,

1 SANS Technology Institute - Candidate for Master of Science Degree 1 Steganography Then and Now John Hally May 2012 GIAC GSEC, GCIA, GCIH, GCFA, GCWN,
Copyright 2003, Marchany Hiding Text in MP3 Files Randy Marchany VA Tech Computing Center Blacksburg, VA 24060.

Copyright 2003, Marchany Hiding Text in MP3 Files Randy Marchany VA Tech Computing Center Blacksburg, VA
An Exploration in the Detection of Hidden Data in Audio Bit Streams Presented by: John Monk CS 525, Spring Semester 2002

An Exploration in the Detection of Hidden Data in Audio Bit Streams Presented by: John Monk CS 525, Spring Semester 2002
Steganograp hy By : Uday Deep Singh (IT-2 / 7 th Sem) “The Art Of Hiding Content In Images” 1.

Steganograp hy By : Uday Deep Singh (IT-2 / 7 th Sem) “The Art Of Hiding Content In Images” 1.
Introduction to Watermarking Anna Ukovich Image Processing Laboratory (IPL)

Introduction to Watermarking Anna Ukovich Image Processing Laboratory (IPL)
Information Hiding: Watermarking and Steganography

Information Hiding: Watermarking and Steganography
A New Scheme For Robust Blind Digital Video Watermarking Supervised by Prof. LYU, Rung Tsong Michael Presented by Chan Pik Wah, Pat Mar 5, 2002 Department.

A New Scheme For Robust Blind Digital Video Watermarking Supervised by Prof. LYU, Rung Tsong Michael Presented by Chan Pik Wah, Pat Mar 5, 2002 Department.
Voice over IP: A growing cadre of criminals is hiding secret messages in voice data. From: Voice Over IP: The VoIP Steganography Threat. IEEE Spectrum.

Voice over IP: A growing cadre of criminals is hiding secret messages in voice data. From: "Voice Over IP: The VoIP Steganography Threat". IEEE Spectrum.
Steganography in digital images. Copyright protection “Signature” or “watermark” of the creator/sender Invisible Hard to remove Robust to processing 64.

Steganography in digital images. Copyright protection “Signature” or “watermark” of the creator/sender Invisible Hard to remove Robust to processing 64.
What is Steganography? def’n: the art and science of hiding information by embedding it in some other data. cryptography - render message unintelligible.

What is Steganography? def’n: the art and science of hiding information by embedding it in some other data. cryptography - render message unintelligible.
VIPER DSPS 1998 Slide 1 A DSP Solution to Error Concealment in Digital Video Eduardo Asbun and Edward J. Delp Video and Image Processing Laboratory (VIPER)

VIPER DSPS 1998 Slide 1 A DSP Solution to Error Concealment in Digital Video Eduardo Asbun and Edward J. Delp Video and Image Processing Laboratory (VIPER)
Steganography Steganography is the art and science of writing hidden messages in such a way that no one apart from the sender and intended recipient even.

Steganography Steganography is the art and science of writing hidden messages in such a way that no one apart from the sender and intended recipient even.
Digital Watermarking for Multimedia Security R. Chandramouli MSyNC:Multimedia Systems, Networking, and Communications Lab Stevens Institute of Technology.

Digital Watermarking for Multimedia Security R. Chandramouli MSyNC:Multimedia Systems, Networking, and Communications Lab Stevens Institute of Technology.
Overview of Digital Stenography

Overview of Digital Stenography
In the last part of the course we make a review of selected technical problems in multimedia signal processing First problem: CONTENT SECURITY AND WATERMARKING.

In the last part of the course we make a review of selected technical problems in multimedia signal processing First problem: CONTENT SECURITY AND WATERMARKING.
Multimedia Security Digital Video Watermarking Supervised by Prof. LYU, Rung Tsong Michael Presented by Chan Pik Wah, Pat Nov 20, 2002 Department of Computer.

Multimedia Security Digital Video Watermarking Supervised by Prof. LYU, Rung Tsong Michael Presented by Chan Pik Wah, Pat Nov 20, 2002 Department of Computer.
CS 591 C3S C ryptography & S teganography S ecure S ystem By: Osama Khaleel.

CS 591 C3S C ryptography & S teganography S ecure S ystem By: Osama Khaleel.
1 Enabling Secure Internet Access with ISA Server.

1 Enabling Secure Internet Access with ISA Server.
Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #12 Computer Forensics Analysis/Validation and Recovering Graphic.

Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #12 Computer Forensics Analysis/Validation and Recovering Graphic.

Similar presentations

Ads by Google