Home // ICIMP 2012, The Seventh International Conference on Internet Monitoring and Protection // View article

Design and Implementation of an Active Warden Addressing Protocol Switching Covert Channels

Authors:
Steffen Wendzel
Jörg Keller

Keywords: network covert channel, protocol switching covert channel

Abstract:
Network covert channels enable a policy-breaking network communication (e.g., within botnets). Within the last years, new covert channel techniques occurred which are based on the capability of protocol switching. There are currently no means available to counter these new techniques. In this paper we present the first approach to effectively limit the bandwidth of such covert channels by introducing a new active warden. We present a calculation method for the bandwidth of these channels in case the active warden is used. Additionally, we discuss implementation details and we evaluate the practical usefulness of our technique.

Pages: 1 to 6

Copyright: Copyright (c) IARIA, 2012

Publication date: May 27, 2012

Published in: conference

ISSN: 2308-3980

ISBN: 978-1-61208-201-1

Location: Stuttgart, Germany

Dates: from May 27, 2012 to June 1, 2012