Featuring 16 Papers as of June 17, 2014
Skype and Data Exfiltration
by Kenneth Hartman - April 21, 2014
Few software packages have been as controversial, yet as ubiquitous as Skype.
Securing the Internet of Things Survey
by John Pescatore - January 15, 2014
- Associated Webcasts: SANS Analyst Webcast: SANS Survey on Securing The Internet of Things
- Sponsored By: Codenomicon Norse
Survey reveals the risks introduced by an increasing array of "smart" things with wireless or Internet connections.
Finding Hidden Threats by Decrypting SSL
by Michael Butler - November 8, 2013
- Associated Webcasts: Finding Hidden Threats by Decrypting SSL/TLS
- Sponsored By: Blue Coat Systems, Inc.
Paper describes the role of SSL, the role SSL decryption/inspection tools play in security, options for deploying inspection tools, and how the information generated by such inspection can be shared with other security monitoring systems.
Needle in a Haystack? Getting to Attribution in Control Systems
by Matthew E. Luallen - January 17, 2012
In control system protection, mechanisms for achieving attack attribution must be implemented across physical, cyber and operational controls using additional tools.
Critical Control System Vulnerabilities Demonstrated - And What to Do About Them
by Matthew E. Luallen - November 29, 2011
- Sponsored By: NitroSecurity
A study of four common infrastructures (agriculture and food, transportation, water and wastewater, and physical facilities) demonstrates what vulnerabilities could be found in specific control systems and how they might be exploited and protected.
BYOB: Build Your Own Botnet
by Francois Begin - August 17, 2011
A recent report on botnet threats (Dhamballa, 2010) provides a sobering read for any security professional. According to its authors, the number of computers that fell victim to botnets grew at the rate of 8%/week in 2010, which translates to more than a six-fold increase over the course of the year.
Building a Better Bunker: Securing Energy Control Systems Against Terrorists and Cyberwarriors
by Jonathan Pollet - December 9, 2010
This paper, the second in the series, explains the advanced persistent threats being aimed at SCADA and utility control systems, followed by advanced measures to take against these threats.
Securing a Smarter Grid: Risk Management in Power Utility Networks
by Matthew E. Luallen - October 17, 2009
- Sponsored By: NitroSecurity
This paper will address the security issues facing smarter grid operators and will provide policy advice points.
Covert Data Storage Channel Using IP Packet Headers
by Jonathan Thyer - February 7, 2008
A covert data channel is a communications channel that is hidden within the medium of a legitimate communications channel. Covert channels manipulate a communications medium in an unexpected or unconventional way in order to transmit information in an almost undetectable fashion. Otherwise said, a covert data channel transfers arbitrary bytes between two points in a fashion that would appear legitimate to someone scrutinizing the exchange. (Bingham, 2006)
Covert communications: subverting Windows applications
by D. Climenti, A. Fontes, A. Menghrajani - September 13, 2007
This article describes an approach to covert channel communications in the Microsoft Windows environment, which is appllcable to all versions of Windows. The goal of this approach is to bypass network firewalls, as well as personal firewalls. We achieve this by using Windows messaging to hijack and control applications that have network access; accordingly such applications are not blocked at the application level.
Inside-Out Vulnerabilities, Reverse Shells
by Richard Hammer - November 10, 2006
Keeping data from leaking out of protected networks is becoming increasingly difficult due to the increase of malicious code that sends data from infected systems.
Network Covert Channels: Subversive Secrecy
by Ray Sbrusch - October 25, 2006
Steganography is the practice of concealing information in channels that superficially appear benign. The National Institute of Standards and Technology defines a covert channel as any communication channel that can be exploited
HTTP Tunnels Though Proxies
by Daniel Alman - September 9, 2003
This paper covers the topic of HTTP tunnels, the risks they pose, and discusses how those risks can be limited with proper administration.
A Discussion of Covert Channels and Steganography
by Mark Owens - March 19, 2002
Although the current threat of steganographic technology appears to lag its usefulness, the diligent information systems person needs to be mindful of the security ramifications that a covert channel in their enterprise carries.
A Detailed look at Steganographic Techniques and their use in an Open-Systems Environment
by Bret Dunbar - January 18, 2002
This paper's focus is on a relatively new field of study in Information Technology known as Steganography.
Steganography: Why it Matters in a "Post 911" World
by Bob Gilbert - January 14, 2002
This paper discusses cryptography attempts that to conceal messages by various translation methods that create new, unrecognizable messages.
Most of the computer security white papers in the Reading Room have been written by students seeking GIAC certification to fulfill part of their certification requirements and are provided by SANS as a resource to benefit the security community at large. SANS attempts to ensure the accuracy of information, but papers are published "as is". Errors or inconsistencies may exist or may be introduced over time as material becomes dated. If you suspect a serious error, please contact firstname.lastname@example.org.
All papers are copyrighted. No re-posting or distribution of papers is permitted.