Reading Room

Sorry! The requested paper could not be found.

Covert Channels

Featuring 9 Papers as of August 17, 2011

Click Here

  • BYOB: Build Your Own Botnet Francois Begin - August 17, 2011

    A recent report on botnet threats (Dhamballa, 2010) provides a sobering read for any security professional. According to its authors, the number of computers that fell victim to botnets grew at the rate of 8%/week in 2010, which translates to more than a six-fold increase over the course of the year.

  • Covert Data Storage Channel Using IP Packet Headers Jonathan Thyer - February 7, 2008

    A covert data channel is a communications channel that is hidden within the medium of a legitimate communications channel. Covert channels manipulate a communications medium in an unexpected or unconventional way in order to transmit information in an almost undetectable fashion. Otherwise said, a covert data channel transfers arbitrary bytes between two points in a fashion that would appear legitimate to someone scrutinizing the exchange. (Bingham, 2006)

  • Covert communications: subverting Windows applications D. Climenti, A. Fontes, A. Menghrajani - September 14, 2007

    This article describes an approach to covert channel communications in the Microsoft Windows environment, which is appllcable to all versions of Windows. The goal of this approach is to bypass network firewalls, as well as personal firewalls. We achieve this by using Windows messaging to hijack and control applications that have network access; accordingly such applications are not blocked at the application level.

  • Inside-Out Vulnerabilities, Reverse Shells Masters Richard Hammer - November 10, 2006

    Keeping data from leaking out of protected networks is becoming increasingly difficult due to the increase of malicious code that sends data from infected systems.

  • Network Covert Channels: Subversive Secrecy Ray Sbrusch - October 25, 2006

    Steganography is the practice of concealing information in channels that superficially appear benign. The National Institute of Standards and Technology defines a covert channel as any communication channel that can be exploited

  • Steganography: Why it Matters in a "Post 911" World Bob Gilbert - October 31, 2003

    This paper discusses cryptography attempts that to conceal messages by various translation methods that create new, unrecognizable messages.

  • A Detailed look at Steganographic Techniques and their use in an Open-Systems Environment Bret Dunbar - October 31, 2003

    This paper's focus is on a relatively new field of study in Information Technology known as Steganography.

  • A Discussion of Covert Channels and Steganography Mark Owens - October 31, 2003

    Although the current threat of steganographic technology appears to lag its usefulness, the diligent information systems person needs to be mindful of the security ramifications that a covert channel in their enterprise carries.

  • HTTP Tunnels Though Proxies Daniel Alman - October 31, 2003

    This paper covers the topic of HTTP tunnels, the risks they pose, and discusses how those risks can be limited with proper administration.

Most of the computer security white papers in the Reading Room have been written by students seeking GIAC certification to fulfill part of their certification requirements and are provided by SANS as a resource to benefit the security community at large. SANS attempts to ensure the accuracy of information, but papers are published "as is". Errors or inconsistencies may exist or may be introduced over time as material becomes dated. If you suspect a serious error, please contact webmaster@sans.org.

All papers are copyrighted. No re-posting or distribution of papers is permitted.

Masters This paper was created by a SANS Technology Institute student as part of their Master's curriculum.