
	Where results make sense

Topic: Covert channel

Related Topics

Stegotext

Digital image

In the News (Tue 22 Dec 09)

Northern Trust

Marvin Harrison

Peter Chernin

Gary Locke

Match Play

Penelope Cruz

Mickey Rourke

AR Rahman

Danny Boyle

Hugh Jackman

	Covert Channel and Tunneling over the HTTP protocol Detection
		Whereas detecting and/or reacting (proactively or not) to Covert Channels is a topic presented by security researchers in a wide number of papers, the detection of Covert Channels and Tunnels embedded inside the HTTP protocol is a relatively new (theoretical) research area.
		Covert channel methods establishing unauthorized tunnels are often used to transit real world application data streams.
		We feel that the covert channel detection engine should be designed on a two part tool : a data stream monitor which listens on the wire and records data in a proprietary binary form and a correlation engine (modules-based) which would be in charge to investigate the data streams recorded for eventual anomalies.
	www.infosecwriters.com /hhworld/cctde.html (5239 words)

	Covert channel -- Facts, Info, and Encyclopedia article (Site not responding. Last check: 2007-10-20)
		In ((computer science) a statistical theory dealing with the limits and efficiency of information processing) information theory, a covert channel is a (Click link for more info and facts about communications channel) communications channel that does a writing-between-the-lines form of (Something that is communicated by or to or between people or groups) communication.
		Typically a covert channel is parasitic to its host channel; it reduces (A data transmission rate; the maximum amount of information (bits/second) that can be transmitted along a channel) bandwidth of the host channel by reducing the signal-to-noise ratio in the host channel.
		A covert channel could be defined as a (Click link for more info and facts about communications channel) communications channel that transfers some kind of information using a method originally not intended to transfer this kind of information.
	www.absoluteastronomy.com /encyclopedia/c/co/covert_channel.htm (299 words)

	Covert Channel Analysis
		Thus, analysis of covert channels is equally important to the implementation of both nondiscretionary secrecy (e.g., [Bell and La Padula76, Denning76, Denning77, Denning83, NCSC TCSEC]) and integrity models (e.g., [Biba77, Clark and Wilson87]).
		In contrast, the covert channels of Examples 3 and 4 are noisy channels because, whenever extraneous processes-not just the sender and receiver-use the shared resource, the bits transmitted by the sender may not be received correctly with probability 1 unless appropriate error-correcting codes are used.
		Parallel aggregation of covert channel variables requires, for bandwidth maximization reasons, that the sender and receiver pairs be scheduled on different processors at the same time as a group, as illustrated in Figure 2-8 and in [Gligor86].
	www.usgovserver2.8m.com /NCSC-TG-030.html (17768 words)

	[e-lang] On the Value of Covert Channel Analysis
		The objective of covert channel analysis is (a) to understand the rate of such leakage, and (b) to reduce it insofar as reduction is possible.
		Covert channel analysis is therefore concerned with both inward and outward leakage.
		On the subject of covert channels, current applicable standards (the Common Criteria, CC) require analysis and reduction of covert bandwidth without reference to whether the data motion is inward or outward.
	www.eros-os.org /pipermail/e-lang/2002-May/006670.html (1120 words)

	I-0113: Covert channel capacity limit policy (Site not responding. Last check: 2007-10-20)
		High-capacity covert timing channels, particularly those based on characteristics of shared hardware components, appear to be inevitable in modern trusted systems, particularly those with a multiprocessor architecture (see ``An Analysis of Covert Timing Channels,'' John C. Wray, Proceedings of the IEEE Computer Society Symposium on Research in Security and Privacy, Oakland, CA, pages 2-7, 1991).
		However, the TCSEC requirement for covert channels analysis at the B3 and A1 evaluation classes requires a thorough search be conducted for covert timing channels, as well as covert storage channels.
		Although this interpretation does not require that covert storage channels slower than 1 bit/second be documented in the product's covert channel analysis, it is strongly recommended that such channels be included in the analysis and documented.
	niap.nist.gov /cc-scheme/PUBLIC/0113.html (680 words)

	Covert Channel Analysis (Site not responding. Last check: 2007-10-20)
		Covert channel auditing requires that sufficient data be recorded in audit trails to enable the identification of (1) individual covert channel use, or use of certain channel types; and (2) identification of the senders and receivers of individual channels or of channel types (i.e., the identification of the covert channel users).
		Most of the problems identified in covert channel auditing are fundamental and are shared by most operating systems; these problems include (1) inability of distinguishing use of covert channels from innocuous use of TCB primitives, and (2) ambiguity in distinguishing senders from receivers among covert channel users.
		Thus, the recording of channel variables is necessary for all no-error outcomes of a primitive associated with a covert channel.
	www.radium.ncsc.mil /tpep/library/rainbow/NCSC-TG-030.html (19096 words)

	[No title]
		Although a covert channel is a communication channel, it is generally not intended to be one and may require some sophistication to exploit.
		For example, consider a slower covert channel with a bandwidth of a thousandth of a data bit per second where each bit received has a seventy-five percent chance of being the same as what was sent and a twenty-five percent chance of being wrong.
		A cynical interpretation of this willingness to tolerate residual channels is that, because many users have simply accepted systems with covert channels despite the potential for security violations, developers treat a multilevel security policy as an ideal to approach, not as a requirement to meet.
	www.csl.sri.com /users/neumann/ncs92.html (12474 words)

	Covert channel tool hides data in IPv6 \| The Register
		The packets have a target address for the network where the recipient PC resides and a key, which identifies which covert PC on that network is the destination.
		He also points to one feature of the system that could give away any PCs that are taking part in covert communications using the tool: The initial version of the tool sets the endpoint computers to listen in promiscuous mode to pick up data sent to their network.
		Dan Kaminsky, a well-known network security expert, points out that covert channels are nothing new, and while an implementation using ICMP packets may not have been created yet, sending data using 6to4 tunneling has been around for a few years.
	www.theregister.co.uk /2006/08/14/ipv6_covert_channel_tool (866 words)

	Keyboards and Covert Channels
		Covert channels are an important theoretical construction for the analysis of information security, but they are not often regarded as a significant threat in conventional (non-MLS) networked computing systems.
		Covert timing channels, for example, may exist if there is flexibility in the timing or sequencing of externally observable events (such as disk accesses or delivery of data packets).
		Covert channels are notoriously hard to detect or eliminate, but this is somewhat ameliorated by the fact that their bandwidth is often rather low, and, in any case, exploiting them requires that the attacker somehow compromise a sensitive system component in the first place.
	www.usenix.org /events/sec06/tech/shah/shah_html/jbug-Usenix06.html (11273 words)

	Covert Channel Analysis
		Thus, analysis of covert channels is equally important to the implementation of both nondiscretionary secrecy (e.g., [Bell and La Padula76, Denning76, Denning77, Denning83, NCSC TCSEC]) and integrity models (e.g., [Biba77, Clark and Wilson87]).
		Parallel aggregation of covert channel variables requires, for bandwidth maximization reasons, that the sender and receiver pairs be scheduled on different processors at the same time as a group, as illustrated in Figure 2-8 and in [Gligor86].
		Covert channel auditing requires that sufficient data be recorded in audit trails to enable the identification of (1) individual covert channel use, or use of certain channel types; and (2) identification of the senders and receivers of individual channels or of channel types (i.e., the identification of the covert channel users).
	www.ouah.org /NCSC-TG-030.html (19096 words)

	Hackers Center : Ethical Hacker Course by Doz
		Covert Channels are methods in which an attacker can hide the data in a protocol that is undetectable.
		Covert Channels rely on techniques called tunneling, which allows one protocol to be carried over another protocol.
		A covert channel is a vessel in which information can pass, but this vessel is not ordinarily used for information exchange.
	www.hackerscenter.com /hacker/trojan-rat.asp (4229 words)

	Definition of Side channel attack
		In cryptography, a side channel attack is any attack based on information gained from the physical implementation of a cryptosystem, rather than weaknesses in the mathematical algorithms (compare cryptanalysis).
		For example, timing information, power consumption or even sound provide an extra "channel of information", which can be exploited to break the system.
		Because side channel attacks rely on emitted information (eg, TEMPEST attacks) or on relationship information (eg, timing and power attacks), the most reasonable methods of countering such attacks is to limit the release of such information or access to those relationships.
	www.wordiq.com /definition/Side_channel_attack (879 words)

	Wireless Tools and Texts : Hackers Center Directory : Internet Security Portal
		A program that initiates a covert channel over IEEE 802.11 networks thanks to wireless raw injection.
		It aims at encoding a covert channel in valid ACK frames in the RA address field.
		Covert channel principles can be extended to encode anything between the lines in t...
	www.hackerscenter.com /directory.asp?id=26 (1411 words)

	Covert channel events (Site not responding. Last check: 2007-10-20)
		Covert channel events are recorded only on systems running UNIX System V Release 4.1 Enhanced Security that have the Enhanced Security Utilities installed.
		Unless you are processing a log file from a system running that release, you will not see these events.
		See the Auditing Covert Channels chapter of the Audit Trail Administrator's Guide for UNIX System V Release 4.1 Enhanced Security for detailed information on covert channels.
	docsrv.sco.com /SEC_audit/_Covert_Channel_Events.html (103 words)

	Covert channel tool hides data in IPv6
		Covert channel tool hides data in IPv6 2006-08-13
		There is already an arms race with IPv6 hacker tools, like the THC-IPv6 toolkit and this covert channel tool going up against enterprise protection tools like firewalls and IDS.
		There is at least one commercial IDS and a couple of good firewalls with the ability to do deep inspection of IPv6 header...
	www.securityfocus.com /cgi-bin/index.cgi?c=articlecomments&op=display_comments&ArticleID=11406&expand_all=true&mode=threaded (346 words)

	BACKGROUND: How the covert contacts transpired - Haaretz - Israel News
		To allow the European mediator to form his own impressions regarding the Syrians' attitude toward the covert channel, Suleiman invited him to join him on his trips to Damascus.
		The final meeting took place a year later, in the midst of the second Lebanon war, on a day in which eight Israelis were killed by Hezbollah-fired Katyusha rockets in the Galilee.
		Suleiman announced that the Syrians had done all they could with the covert channel and were suggesting a meeting between a Syrian representative at the rank of deputy minister and an Israeli official at the rank of director general.
	www.haaretz.com /hasen/spages/813818.html (1309 words)

	21C3: Vorträge und Workshops: Passive covert channels in the Linux kernel
		By passive covert channels, one means a specific kind of CC, which does not generate its own traffic.
		A passive covert channel will be very hard to detect, since the packets used for carrying the message are beyond any suspicion.
		The PCC idea will be demonstrated with proof-of-concept code that implements an ISN based TCP passive covert channel in the Linux kernel.
	www.ccc.de /congress/2004/fahrplan/event/176.de.html (382 words)

	Glow-In-The-Dark Printer Ink: A Possible Covert Channel (And Spy's Best Friend)? \| Hizook
		I'd love to feel this paper to determine if the ink was detectable by touch or not.
		On a side-note, Joe Patterson correctly analyses this "covert channel" as a comment on Bruce's blog.
		There are two kinds of covert channels in this world: covert channels that will go undetected by your kid sister, and covert channels that will go undetected by major governments.
	www.hizook.com /blog/2007/06/19/glow-in-the-dark-printer-ink-a-possible-covert-channel-and-spys-best-friend (773 words)

	Ethereal: Re: [Ethereal-users] Covert Channel Detected?
		BUT IF your host has some trojan or something installed, it is possible that that trojan could monitor the network and reply back to these incomplete fragments.
		A covert method to get only infected hosts to reply.
		If i were you i would 1, block off the entire c-net where the probes comes from.
	www.ethereal.com /lists/ethereal-users/200411/msg00065.html (387 words)

	Multics Bibliography
		A novel solution developed for the Multics computer system for a class of covert channels is presented.
		In a previous article, I introduced the idea of a mechanism (the covert channel limiter) that would watch for the potential uses of covert channels and affect the responsible process (or process group) only when such potential uses exceeded the allowable bandwidth for covert channels.
		This paper extends the informal basis for the covert channel limiter and extends its possible utility.
	www.multicians.org /biblio.html (11760 words)

	DVR Secuity Systems 64 Channel Cameras 32 h.264 Pelco Dedicated Spy Kodicom DVW Diginet GeoVision Mobile Recorders
		This system allows you to record up to 4 channels of video and audio onto a durable system made to withstand the rigors of vehicular use.
		The MDVR systems hold certifications and full Vibration Test Reports are available upon request Starting at $1599 with an MSRP of $2499 running embedded Linux with an 160GB HDD these units have been installed in 1000's of school busses, fire trucks and police cars around the world.
		The Digital COP Speed Dome Camera is the integration of digital camera, lens, multi-protocol receiver, variable high-speed pan/tilt and dome enclosure.
	www.dvrsecuritysystems.com (1047 words)

	SecuriTeam™ - Cctde - Covert Channel and Tunneling Over the HTTP Protocol Detection
		Cctde is a first implementation of the Gray-World.net Covert Channel and Tunneling over the HTTP protocol Detection : GW implementation theoretical design' paper.
		The main goal of this project is to provide a way to register and disclose informations leading to the detection of unauthorized tunnels and covert channels embedded into the HTTP protocol but the concepts could also be applied to the detection of arbitrary data flows inside other high level protocols.
		Located in front of corporate servers in DMZ, cctde is trying to detect if someone located on the Internet is using server side tools such as WebShell or Firepass to run across the NACS boundaries.
	www.securiteam.com /tools/5RP0M0UEMK.html (375 words)

	NCSC-TG-030: Light Pink book (Site not responding. Last check: 2007-10-20)
		A Guide to Understanding Covert Channel Analysis of Trusted Systems
		Therefore, the primary goal of covert channel identification is to discover all TCB internal variables and TCB primitives that can be used to alter or view these variables (i.e., all triples < variable; PA h
		Thus, the following times are needed to transfer a 1 from state 1: <
	secinf.net /info/rainbow/tg30.htm (15302 words)

	Covert timing channel - OWASP
		Design: Protocols usually have timing difficulties implicit in their design.
		Implementation: Sometimes a timing covert channel can be dependent on implementation strategy.
		Example: Using conditionals may leak information, but using table lookup will not.
	www.owasp.org /index.php/Covert_timing_channel (410 words)

	Covert channel
		A covert channel is thus a hidden channel.
		In security terms, it is used to describe any transfer of information that violates a computer's built-in security systems - the transfer is by definition disguised if it defeats the security defenses.
		A covert storage channel is the use of memory or a storage location to deposit information that can later be accessed by other security clearances, thus defeating the security system.
	www.itsecurity.com /security.htm?s=325 (164 words)

	Integrating Security and Real-Time Requirements using Covert Channel Capacity - Son, Mukkamala, David (ResearchIndex)
		This document uses CoBlitz to cache paper downloads.
		Son, S. H., Mukkamala, R., and David, R., "Integrating Security and Real-Time Requirements using Covert Channel Capacity," to appear in IEEE Transactions on Knowledge and Data Engineering, 2000.
		13 Finite-State Noiseless Covert Channels (context) - Millen - 1989 DBLP
	citeseer.ist.psu.edu /son00integrating.html (750 words)

	Covert Cameras - AVtech Solutions, Inc.
		Simply connect the video RCA plug to the video input of your existing VCR or digital recorder and your ready to begin recording and or live monitoring.
		Covert Pinhole Camera Kit, Wireless 5.8GHz - AVtech Solutions first 4-channel covert wireless 5.8GHz Audio/Video surveillance kit provides crystal clear full
		Avoid interference from crowded 2.4GHz ISM band applications (i.e.
	www.avtechsolutions.com /s_security_covert.htm (164 words)

	SourceForge.net: hcovert - HTTP Payload Covert Channel
		Jump to downloads for hcovert - HTTP Payload Covert Channel
		hcovert is a steganographic communications tool used to create a covert channel using a HTTP GET request to convey it's message to a webserver and webserver log parsing to retrieve the message.
		This tool will both send as well as recieve messages.
	sourceforge.net /projects/hcovert (148 words)

Try your search on: Qwika (all wikis)