Presentation is loading. Please wait.

Presentation is loading. Please wait.

Information Hiding and Covert Channels

Similar presentations

Presentation on theme: "Information Hiding and Covert Channels"— Presentation transcript:

1 Information Hiding and Covert Channels
Václav Petříček Steganography Watermarking Anonymity Covert Channels Covert Channel via File Access Time

2 Information Hiding Cryptography Information hiding
Hides contents of the communication Information hiding Hides even the presence of the communication

3 Information Hiding Steganography Watermarking Anonymity
"Covered writing", unnoticeable communication Watermarking Embedding data like copyright labels that are hard to remove Anonymity Identity hiding Covert channels Channels that were not intended for communication but may be used that way

4 Steganography History Steganographic techniques
Tatoos, invisible inks, microdots, steganographic filesystem, GSM inside ISDN Steganographic techniques Pure steganography Secret key steganography Public key steganography Perfectly secure steganography Does not have to be robust - just invisible

5 Watermarking Robustness against transformations
Rotations, cropping, stretching, stirmark Lossy compression Copyright, authentication, checksums, fingerprinting Images, audio, video, texts ... Visible x invisible watermarks Domain of embedding DCT x spatial domain

6 Anonymity Sender, receiver and complete anonymity
R ers, Crowds, Anonymizer TAZ servers and Rewebber network Eternity Service, Freenet, Mojo Nation

7 Covert Channels May be designed using any shared resource
Storage based x timing channels Noisy x noiseless Error correction/detection, synchronization Syntactic analysis, monitoring B2-A1 certification requires covert channel analysis, documentation and auditability

8 Covert channel via access time
Sharing read only files where file acces time may be accessed by anyone leads to a covert channel File read ® 1, file not read ® 0 (1bps) Aggregation of degree n ® n bps (8bps) Sample implementation: covertalk FreeBSD OS similar to unix talk program

9 Covert channel via access time
Top level directories and files /etc /tmp /home /kernel ... 16 files/dirs (8 in, 8 out) Error rate negligible Files accessed mostly once and from system maintenance scripts Even parity error detection on receiver side 1 bit of 8 detcts all 1bit errors, 7bits are enough for printable chars

10 Conclusions Presented covert channel is usable and may be aggregated
It may be partially prevented by allowing just owner to read the access time but still anyone with read access may send information to the owner Stil many other resources are being shared "Need to know" principle

Download ppt "Information Hiding and Covert Channels"

Similar presentations

Ads by Google