Biblio

Export results:
Author Title [ Type(Desc)] Year
Filters: Keyword is System Information Security  [Clear All Filters]
Conference Paper
R. Rios, J. A. Onieva, and J. Lopez, "HIDE_DHCP: Covert Communications Through Network Configuration Messages",
Proceedings of the 27th IFIP TC 11 International Information Security and Privacy Conference (SEC 2012), D. Gritzalis, S. Furnell, and M. Theoharidou Eds., IFIP AICT 376, Springer Boston, pp. 162-173, June 2012. DOI More..

Abstract

Covert channels are a form of hidden communication that may violate the integrity of systems. Since their birth in multilevel security systems in the early 70’s they have evolved considerably, such that new solutions have appeared for computer networks mainly due to vague protocols specifications. We analyze a protocol extensively used today, the Dynamic Host Configuration Protocol (DHCP), in search of new forms of covert communication. From this analysis we observe several features that can be effectively exploited for subliminal data transmission. This results in the implementation of HIDE_DHCP, which integrates three covert channels that accommodate to different stealthiness and bandwidth requirements

PDF icon Rios2012.pdf (400 KB)
Journal Article
R. Rios, J. A. Onieva, and J. Lopez, "Covert Communications through Network Configuration Messages",
Computers & Security, vol. 39, Part A, Elsevier, pp. 34 - 46, Nov 2013. DOI (I.F.: 1.172)More..

Abstract

Covert channels are a form of hidden communication that may violate the integrity of systems. Since their birth in Multi-Level Security systems in the early 70’s they have evolved considerably, such that new solutions have appeared for computer networks mainly due to vague protocols specifications. In this paper we concentrate on short-range covert channels and analyze the opportunities of concealing data in various extensively used protocols today. From this analysis we observe several features that can be effectively exploited for subliminal data transmission in the Dynamic Host Configuration Protocol (DHCP). The result is a proof-of-concept implementation, HIDE\_DHCP, which integrates three different covert channels each of which accommodate to different stealthiness and capacity requirements. Finally, we provide a theoretical and experimental analysis of this tool in terms of its reliability, capacity, and detectability.

Impact Factor: 1.172
Journal Citation Reports® Science Edition (Thomson Reuters, 2013)

PDF icon rios2013a.pdf (565.05 KB)