Fraunhofer-Gesellschaft

Publica

Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

Design and implementation of an active warden addressing protocol switching covert channels

 
: Wendzel, S.; Keller, J.

Wagner, A. ; International Academy, Research, and Industry Association -IARIA-:
ICIMP 2012, the Seventh International Conference on Internet Monitoring and Protection : May 27 - June 1, 2012, Stuttgart, Germany
Red Hook, NY: Curran, 2012
ISBN: 978-1-62276-072-5
pp.1-6
International Conference on Internet Monitoring and Protection (ICIMP) <7, 2012, Stuttgart>
English
Conference Paper
Fraunhofer FKIE

Abstract
Network covert channels enable a policy-breaking network communication (e.g., within botnets). Within the last years, new covert channel techniques occurred which are based on the capability of protocol switching. There are currently no means available to counter these new techniques. In this paper we present the first approach to effectively limit the bandwidth of such covert channels by introducing a new active warden. We present a calculation method for the bandwidth of these channels in case the active warden is used. Additionally, we discuss implementation details and we evaluate the practical usefulness of our technique.

: http://publica.fraunhofer.de/documents/N-339809.html