@inproceedings {onieva2014, title = {An{\'a}lisis y Desarrollo de un Canal Encubierto en una Red de Sensores}, booktitle = { XIII Reuni{\'o}n Espa{\~n}ola sobre Criptolog{\'\i}a y Seguridad de la Informaci{\'o}n (RECSI 2014)}, year = {2014}, month = {09/2014}, pages = {333-338}, publisher = {Universidad de Alicante}, organization = {Universidad de Alicante}, address = {Alicante, Spain}, abstract = {

Continuamente aparecen nuevos estudios as{\'\i} como nuevos desarrollos de canales encubiertos. Como veremos, existen m{\'a}s de cien dise{\~n}os distintos para redes de ordenadores, pero no hemos encontrado en la literatura ning{\'u}n an{\'a}lisis, dise{\~n}o e implementaci{\'o}n de canales encubiertos sobre redes de sensores. En este art{\'\i}culo presentamos los resultados del dise{\~n}o e implementaci{\'o}n de un canal multitasa basado en los tiempos de monitorizaci{\'o}n sobre una red de sensores. En este proceso se han establecido las principales propiedades necesarias y, en base a ellas, se desarrolla e implementa el canal encubierto. Se describe el proceso de desarrollo y se analiza su detectabilidad.

}, keywords = {Covert channels, Information Security, Information Warfare, Intrusion Detection, Network Security, Wireless Sensor Network}, isbn = {978-84-9717-323-0}, author = {Jose A. Onieva and Ruben Rios and Bernardo Palenciano} } @article {rios2013a, title = {Covert Communications through Network Configuration Messages}, journal = {Computers \& Security}, volume = {39, Part A}, year = {2013}, month = {Nov 2013}, pages = {34 - 46}, publisher = {Elsevier}, abstract = {

Covert channels are a form of hidden communication that may violate the integrity of systems. Since their birth in Multi-Level Security systems in the early 70{\textquoteright}s they have evolved considerably, such that new solutions have appeared for computer networks mainly due to vague protocols specifications. In this paper we concentrate on short-range covert channels and analyze the opportunities of concealing data in various extensively used protocols today. From this analysis we observe several features that can be effectively exploited for subliminal data transmission in the Dynamic Host Configuration Protocol (DHCP). The result is a proof-of-concept implementation, HIDE\_DHCP, which integrates three different covert channels each of which accommodate to different stealthiness and capacity requirements. Finally, we provide a theoretical and experimental analysis of this tool in terms of its reliability, capacity, and detectability.

}, keywords = {Covert channels, Information Warfare, Intrusion Detection, Network Security, System Information Security}, issn = {0167-4048}, doi = {10.1016/j.cose.2013.03.004}, author = {Ruben Rios and Jose A. Onieva and Javier Lopez} }