Covert Channel For Local Area Network

被引：9

作者：

Ji, Liping ^{[1
]}

Fan, Yu ^{[1
]}

Ma, Chuan ^{[1
]}

机构：

[1] Harbin Inst Technol, Shenzhen Grad Sch, Informat Secur Ctr, Shenzhen 518055, Peoples R China

来源：

2010 IEEE INTERNATIONAL CONFERENCE ON WIRELESS COMMUNICATIONS, NETWORKING AND INFORMATION SECURITY (WCNIS), VOL 1 | 2010年

关键词：

Hidden communication; LAN covert channels; ARP broadcasting packet; Undetectability;

D O I：

10.1109/WCINS.2010.5541791

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

There exist many TCP/IP covert channels in WAN for network hidden communication in last decades. However, there are few covert channels designed for the LAN while existing WAN covert channels could not be adapted for the LAN applications. In this paper we proposed a novel covert channel based on ARP broadcasting packets for LAN. In our method we employed the normal ARP request packets as the carrier which could escape feature-based detections. In addition, our method would not lead to abnormal network traffic. Experimental results show that our covert channel has great resistance to not only the feature-based detections but also the network traffic detections.

引用

页码：316 / 319

页数：4

共 12 条

[1]

[Anonymous], 1997, 1 MONDAY

[2]

Berk V., 2005, Detection of covert channel encoding in network packet delays

[3]

Chakinala RC, 2007, LECT NOTES COMPUT SC, V4437, P42

[4]

Fisk G, 2003, LECT NOTES COMPUT SC, V2578, P18

[5] COVERT CHANNELS IN LANS [J].

GIRLING, CG .

IEEE TRANSACTIONS ON SOFTWARE ENGINEERING, 1987, 13 (02) :292-296

[6]

Ji Liping, 2009, 2009 INT C COMP INT

[7]

Kundur D., 2003, COVERT CHANNELS TCP

[8]

Lampson B., 1973, COMMUN ACM, V9, P44

[9]

Murdoch SJ, 2005, LECT NOTES COMPUT SC, V3727, P247

[10]

Trabelsi Zouheir, 2006, IWSEC, P421

← 1 2 →