Thumbnail
Access Restriction
Subscribed

Author Wendzel, Steffen ♦ Zander, Sebastian ♦ Fechner, Bernhard ♦ Herdin, Christian
Source ACM Digital Library
Content type Text
Publisher Association for Computing Machinery (ACM)
File Format PDF
Copyright Year ©2015
Language English
Subject Domain (in DDC) Computer science, information & general works ♦ Data processing & computer science
Subject Keyword Covert channels ♦ PLML ♦ Information hiding ♦ Network security ♦ Patterns ♦ Taxonomy
Abstract Network covert channels are used to hide communication inside network protocols. Various techniques for covert channels have arisen in the past few decades. We surveyed and analyzed 109 techniques developed between 1987 and 2013 and show that these techniques can be reduced to only 11 different patterns. Moreover, the majority (69.7%) of techniques can be categorized into only four different patterns (i.e., most techniques we surveyed are similar). We represent the patterns in a hierarchical catalog using a pattern language. Our pattern catalog will serve as a base for future covert channel novelty evaluation. Furthermore, we apply the concept of pattern variations to network covert channels. With pattern variations, the context of a pattern can change. For example, a channel developed for IPv4 can automatically be adapted to other network protocols. We also propose the pattern-based covert channel optimizations pattern hopping and pattern combination. Finally, we lay the foundation for pattern-based countermeasures: whereas many current countermeasures were developed for specific channels, a pattern-oriented approach allows application of one countermeasure to multiple channels. Hence, future countermeasure development can focus on patterns, and the development of real-world protection against covert channels is greatly simplified.
ISSN 03600300
Age Range 18 to 22 years ♦ above 22 year
Educational Use Research
Education Level UG and PG
Learning Resource Type Article
Publisher Date 2015-04-01
Publisher Place New York
e-ISSN 15577341
Journal ACM Computing Surveys (CSUR)
Volume Number 47
Issue Number 3
Page Count 26
Starting Page 1
Ending Page 26


Open content in new tab

   Open content in new tab
Source: ACM Digital Library