Covert Hacking

Application Layer Covert Channels

Covert Hacking Internet Security Whitepapers

Covert Channel is "Any communication channel that can be exploited… to transfer information in a manner that violates the systems' security policy" and "Anything that can be changed by one and seen by another can be used to send data". Classification are storage and timing, noisy and noiseless, aggregated and not-aggregated.

Covert Channel Analysis and Data Hiding in TCP/IP

Covert Hacking Internet Security Whitepapers

This thesis investigates the existence of covert channels in computer networks by analyzing the transport and the Internet layers of the TCP/IP protocol suite. Two approaches for data hiding are identified: packet header manipulation and packet sorting. Each scenario facilitates the interaction of steganographic principles with the existing network security environment. Specifically, we show how associating additional information with IPv4 headers can ease up security mechanisms in network nodes like routers, firewalls and for services such as authentication, audit, and billing. Furthermore, use of packet sorting with the IP Sec framework results in an enhanced network security architecture. The packet sorting approach is simulated at the network layer which provides a feasibility of packet sorting under varying network conditions. While bridging the areas of data hiding, network protocols and network security, both techniques have potential for practical data hiding at the transport and network layers.

Covert Channel Vulnerabilities in Anonymity Systems

Covert Hacking Internet Security Whitepapers

Covert channels transfer information in violation of a security policy. Multilevel secure systems (MLS) aim to protect against unauthorised flows of information, through mandatory access control, backed by covert channel prevention. Similarly, anonymity systems aim to protect a user’s actions and identity from observation by an adversary; an implicit information flow control policy. This thesis will discuss the congruence between covert channel prevention and securing anonymity systems, showing how techniques for attacking and protecting MLS can be used in the analysis and improvement of anonymity systems.

Covert Channels Provided Hackers - Opportunity and Means for Distributed Denial of Service Attacks

Covert Hacking Internet Security Whitepapers

A "covert channel" can be described as: "Any communications channel that can be exploited by a process to transfer information in a manner that violates the system’s security policy." Essentially it is a method of communication that is not part of an actual computer systems design but can be used to transfer information to users or system processes that normally would not be allowed access to the information. Covert channel exploits typically require a malicious client or server program operating on a PC outside the protected network and a malicious server or client program operating on a server inside the protected network.