scholarly journals A New Sensors-Based Covert Channel on Android

2014 ◽  
Vol 2014 ◽  
pp. 1-14 ◽  
Author(s):  
Ahmed Al-Haiqi ◽  
Mahamod Ismail ◽  
Rosdiadee Nordin
Keyword(s):  
Covert Channel ◽  
Security Model ◽  
Covert Channels ◽  
Computing Systems ◽  
Collusion Attacks ◽  
Acceleration Data ◽  
Universal Solution ◽  
Android Platform ◽  
New Sensors ◽  
Explicit Communication

Covert channels are not new in computing systems, and have been studied since their first definition four decades ago. New platforms invoke thorough investigations to assess their security. Now is the time for Android platform to analyze its security model, in particular the two key principles: process-isolation and the permissions system. Aside from all sorts of malware, one threat proved intractable by current protection solutions, that is, collusion attacks involving two applications communicating over covert channels. Still no universal solution can countermeasure this sort of attack unless the covert channels are known. This paper is an attempt to reveal a new covert channel, not only being specific to smartphones, but also exploiting an unusual resource as a vehicle to carry covert information: sensors data. Accelerometers generate signals that reflect user motions, and malware applications can apparently only read their data. However, if the vibration motor on the device is used properly, programmatically produced vibration patterns can encode stolen data and hence an application can cause discernible effects on acceleration data to be received and decoded by another application. Our evaluations confirmed a real threat where strings of tens of characters could be transmitted errorless if the throughput is reduced to around 2.5–5 bps. The proposed covert channel is very stealthy as no unusual permissions are required and there is no explicit communication between the colluding applications.

scholarly journals Addressing Covert Channel Attacks in RFID-Enabled Supply Chains

2013 ◽  
pp. 176-190
Author(s):  
Kirti Chawla ◽  
Gabriel Robins
Keyword(s):  
Supply Chain ◽  
Supply Chains ◽  
Network Flow ◽  
Economic Effects ◽  
Future Research ◽  
Covert Channel ◽  
Covert Channels ◽  
Node Selection ◽  
Future Research Directions ◽  
Key Nodes

RFID technology can help competitive organizations optimize their supply chains. However, it may also enable adversaries to exploit covert channels to surreptitiously spy on their competitors. We explain how tracking tags and compromising readers can create covert channels in supply chains and cause detrimental economic effects. To mitigate such attacks, the authors propose a framework that enables an organization to monitor its supply chain. The supply chain is modeled as a network flow graph, where tag flow is verified at selected key nodes, and covert channels are actively sought. While optimal taint checkpoint node selection is algorithmically intractable, the authors propose node selection and flow verification heuristics with various tradeoffs. The chapter discusses economically viable countermeasures against supply chain-based covert channels, and suggests future research directions.

scholarly journals A Survey of Key Technologies for Constructing Network Covert Channel

2020 ◽  
Vol 2020 ◽  
pp. 1-20
Author(s):  
Jing Tian ◽  
Gang Xiong ◽  
Zhen Li ◽  
Gaopeng Gou
Keyword(s):  
Communication Technology ◽  
Network Architecture ◽  
The Internet ◽  
Covert Channel ◽  
Free Access ◽  
Transmission Network ◽  
Information Channel ◽  
Covert Channels ◽  
Key Technologies ◽  
Network Covert Channel

In order to protect user privacy or guarantee free access to the Internet, the network covert channel has become a hot research topic. It refers to an information channel in which the messages are covertly transmitted under the network environment. In recent years, many new construction schemes of network covert channels are proposed. But at the same time, network covert channel has also received the attention of censors, leading to many attacks. The network covert channel refers to an information channel in which the messages are covertly transmitted under the network environment. Many users exploit the network covert channel to protect privacy or guarantee free access to the Internet. Previous construction schemes of the network covert channel are based on information steganography, which can be divided into CTCs and CSCs. In recent years, there are some covert channels constructed by changing the transmission network architecture. On the other side, some research work promises that the characteristics of emerging network may better fit the construction of the network covert channel. In addition, the covert channel can also be constructed by changing the transmission network architecture. The proxy and anonymity communication technology implement this construction scheme. In this paper, we divide the key technologies for constructing network covert channels into two aspects: communication content level (based on information steganography) and transmission network level (based on proxy and anonymity communication technology). We give an comprehensively summary about covert channels at each level. We also introduce work for the three new types of network covert channels (covert channels based on streaming media, covert channels based on blockchain, and covert channels based on IPv6). In addition, we present the attacks against the network covert channel, including elimination, limitation, and detection. Finally, the challenge and future research trend in this field are discussed.

Research on Construction Methods for Network Covert Channels Based on HTTP

2012 ◽  
Vol 220-223 ◽  
pp. 2528-2533
Author(s):  
Ran Zhang ◽  
Yong Gan ◽  
Yi Feng Yin
Keyword(s):  
Network Traffic ◽  
Covert Channel ◽  
Construction Technology ◽  
Traffic Data ◽  
Covert Channels ◽  
Secret Data ◽  
Construction Methods ◽  
Working Principle ◽  
Network Covert Channel

Network covert channel is a steganography technology that uses network traffic data as a carrier to transfer the secret data. This paper analyzes the working principle of network covert channels, and summarizes the commonly used construction technology of network covert channels. Then it analyzes the characteristics of the HTTP header lines and gives some methods of constructing network covert channels with these characteristics. Network covert channels based on the HTTP header lines are simple, flexible, and difficult to be detected and shielded.

scholarly journals A Wireless Covert Channel Based on Dirty Constellation with Phase Drift

Electronics ◽  
2021 ◽  
Vol 10 (6) ◽  
pp. 647
Author(s):  
Krystian Grzesiak ◽  
Zbigniew Piotrowski ◽  
Jan M. Kelner
Keyword(s):  
Software Defined Radio ◽  
Modulation Method ◽  
Practical Implementation ◽  
Covert Channel ◽  
Audio Signals ◽  
Covert Channels ◽  
Simulation Research ◽  
Phase Drift ◽  
Modulation Type ◽  
Shift Keying

Modern telecommunications systems require the use of various transmission techniques, which are either open or hidden. The open transmission system uses various security techniques against its unauthorized reception, and cryptographic solutions ensure the highest security. In the case of hidden transmissions, steganographic techniques are used, which are based on the so-called covert channels. In this case, the transparency and stealth of the transmission ensure its security against being picked up by an unauthorized user. These covert channels can be implemented in multimedia content, network protocols, or physical layer transmissions. This paper focuses on wireless covert channels. We present a novel method of steganographic transmission which is based on phase drift in phase-shift keying or quadrature amplitude modulation (QAM) and is included in the so-called dirty constellation techniques. The proposed approach is based on the drift correction modulation method, which was previously used in the watermarking of audio-signals. The developed solution is characterized by a variable bit rate, which can be adapted to the used modulation type and transmission conditions occurring in radio channels. In the paper, we present the method of generating and receiving hidden information, simulation research, and practical implementation of the proposed solution using the software-defined radio platform for selected QAM.

Survey of Transient Execution Attacks and Their Mitigations

2021 ◽  
Vol 54 (3) ◽  
pp. 1-36
Author(s):  
Wenjie Xiong ◽  
Jakub Szefer
Keyword(s):  
Information Leakage ◽  
Speculative Execution ◽  
Covert Channel ◽  
Covert Channels ◽  
Critical Data ◽  
Different Types ◽  
Temporal And Spatial ◽  
Main Components ◽  
First Disclosure

Transient execution attacks, also known as speculative execution attacks, have drawn much interest in the last few years as they can cause critical data leakage. Since the first disclosure of Spectre and Meltdown attacks in January 2018, a number of new transient execution attack types have been demonstrated targeting different processors. A transient execution attack consists of two main components: transient execution itself and a covert channel that is used to actually exfiltrate the information.Transient execution is a result of the fundamental features of modern processors that are designed to boost performance and efficiency, while covert channels are unintended information leakage channels that result from temporal and spatial sharing of the micro-architectural components. Given the severity of the transient execution attacks, they have motivated computer architects in both industry and academia to rethink the design of the processors and to propose hardware defenses. To help understand the transient execution attacks, this survey summarizes the phases of the attacks and the security boundaries across which the information is leaked in different attacks.This survey further analyzes the causes of transient execution as well as the different types of covert channels and presents a taxonomy of the attacks based on the causes and types. This survey in addition presents metrics for comparing different aspects of the transient execution attacks and uses them to evaluate the feasibility of the different attacks. This survey especially considers both existing attacks and potential new attacks suggested by our analysis. This survey finishes by discussing different mitigations that have so far been proposed at the micro-architecture level and discusses their benefits and limitations.

Categorizing and Identifying with Covert Channel Based on Information Flow Analysis

2013 ◽  
Vol 427-429 ◽  
pp. 2512-2518
Author(s):  
Yang Jiao ◽  
Li Jun Xie ◽  
Zhi Yuan Zhao
Keyword(s):  
Information Flow ◽  
Integral Method ◽  
Flow Analysis ◽  
Flow Characteristics ◽  
Covert Channel ◽  
Information Flows ◽  
Covert Channels ◽  
Channel Identification ◽  
Information Flow Analysis

Based on the security OS (SLinux) designing and implementing, this paper adopted information flow sequence to represent information flows and covert channels. Categorized the covert channels according to their information flow characteristics and discussed the integral method of dealing with covert channel. On this basis, proposed a genera l framework for covert channel identification founded on information flow analysis, and designed the optimization rules of covert channel identification. The framework and the rules can decrease the illegal flow of misinformation by restricting in formation flow combination spread, and provide the basis process for improving of analyzing covert channel.

scholarly journals Another Step in the Ladder of DNS-Based Covert Channels: Hiding Ill-Disposed Information in DNSKEY RRs

Information ◽  
2019 ◽  
Vol 10 (9) ◽  
pp. 284
Author(s):  
Marios Anagnostopoulos ◽  
John André Seem
Keyword(s):  
Network Protocols ◽  
Public Key ◽  
Security Policies ◽  
Covert Channel ◽  
Proof Of Concept ◽  
Covert Channels ◽  
The Public ◽  
Private Data ◽  
Internal Network ◽  
Security Incidents

Covert channel communications are of vital importance for the ill-motivated purposes of cyber-crooks. Through these channels, they are capable of communicating in a stealthy way, unnoticed by the defenders and bypassing the security mechanisms of protected networks. The covert channels facilitate the hidden distribution of data to internal agents. For instance, a stealthy covert channel could be beneficial for the purposes of a botmaster that desires to send commands to their bot army, or for exfiltrating corporate and sensitive private data from an internal network of an organization. During the evolution of Internet, a plethora of network protocols has been exploited as covert channel. DNS protocol however has a prominent position in this exploitation race, as it is one of the few protocols that is rarely restricted by security policies or filtered by firewalls, and thus fulfills perfectly a covert channel’s requirements. Therefore, there are more than a few cases where the DNS protocol and infrastructure are exploited in well-known security incidents. In this context, the work at hand puts forward by investigating the feasibility of exploiting the DNS Security Extensions (DNSSEC) as a covert channel. We demonstrate that is beneficial and quite straightforward to embed the arbitrary data of an aggressor’s choice within the DNSKEY resource record, which normally provides the public key of a DNSSEC-enabled domain zone. Since DNSKEY contains the public key encoded in base64 format, it can be easily exploited for the dissemination of an encrypted or stego message, or even for the distribution of a malware’s binary encoded in base64 string. To this end, we implement a proof of concept based on two prominent nameserver software, namely BIND and NDS, and we publish in the DNS hierarchy custom data of our choice concealed as the public key of the DNS zone under our jurisdiction in order to demonstrate the effectiveness of the proposed covert channel.

Sign in / Sign up

Export Citation Format

Share Document