This paper presents a covert communication channel that exists in virtually all forms of packet switching data networks. On the one hand, this covert channel, if used properly, can potentially enhance the overall security of data communications over networks. On the other hand, the covert channel can also potentially become a back door to access a destination computer, and hence becomes a security hazard to the computer. A simple protocol is specified for communications on the covert channel. A modified TFTP application is also presented to demonstrate how to use the covert channel to convey secret messages or to enhance the integrity of data communications. The application also illustrates a back door that leaks client’s data files without user notification. A sliding entropy method is also introduced to detect some cases of covert channels.
Date of creation, presentation, or exhibit
Department, Program, or Center
Department of Computing Security (GCCIS)
B. Yuan and P. Lutz, "A Covert channel in packet switching data networks," Proceedings of The Second Upstate New York Workshop on Communications and Networking, 2005, Rochester, New York
RIT – Main Campus