Abstract : Covert channels are a form of hidden communication that may violate the integrity of systems. Since their birth in multilevel security systems in the early 70’s they have evolved considerably, such that new solutions have appeared for computer networks mainly due to vague protocols specifications. We analyze a protocol extensively used today, the Dynamic Host Configuration Protocol (DHCP), in search of new forms of covert communication. From this analysis we observe several features that can be effectively exploited for subliminal data transmission. This results in the implementation of HIDE_DHCP, which integrates three covert channels that accommodate to different stealthiness and bandwidth requirements.
https://hal.inria.fr/hal-01518255 Contributor : Hal IfipConnect in order to contact the contributor Submitted on : Thursday, May 4, 2017 - 1:45:47 PM Last modification on : Monday, May 25, 2020 - 5:34:03 PM Long-term archiving on: : Saturday, August 5, 2017 - 1:08:01 PM
Ruben Rios, Jose A. Onieva, Javier Lopez. HIDE_DHCP: Covert Communications through Network Configuration Messages. 27th Information Security and Privacy Conference (SEC), Jun 2012, Heraklion, Crete, Greece. pp.162-173, ⟨10.1007/978-3-642-30436-1_14⟩. ⟨hal-01518255⟩