1 COVERT CHANNELS Ravi Sandhu. 2 COVERT CHANNELS A covert channel is a communication channel based on the use of system resources not normally intended.

Slides:



Advertisements
Similar presentations
ACCESS-CONTROL MODELS
Advertisements

LECTURE 1 ACCESS CONTROL Ravi Sandhu.
System Integration and Performance
Higher Computing Computer Systems S. McCrossan Higher Grade Computing Studies 8. Supporting Software 1 Software Compatibility Whether you are doing a fresh.
Flash storage memory and Design Trade offs for SSD performance
Practical techniques & Examples
1 Hardware Support for Isolation Krste Asanovic U.C. Berkeley MURI “DHOSA” Site Visit April 28, 2011.
Dr. Kalpakis CMSC 421, Operating Systems. Fall 2008 URL: Security.
Virus Code Actions Clara Pirie & Eilidh Currie. Viruses A virus is a computer program that can copy itself and infect a computer without the permission.
Practical Timing Side Channel Attacks Against Kernel Space ASLR
Virus code actions Or ‘how viruses work’. Replication Spreads quickly and can be difficult to control Can be attached to any type of file and make copies.
1 Access Control Models Prof. Ravi Sandhu Executive Director and Endowed Chair January 25, 2013 & February 1, 2013
Lecturer: Fadwa Tlaelan
5/17/2015 9:36 AM Confinement James Hook CS 591: Introduction to Computer Security.
Unit 18 Data Security 1.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 3 Wenbing Zhao Department of Electrical and Computer Engineering.
Security strategy. What is security strategy? How an organisation plans to protect and respond to security attacks on their information technology assets.
Chapter 8 Operating System Support
Lecture 15 Overview. Kinds of Malicious Codes Virus: a program that attaches copies of itself into other programs. – Propagates and performs some unwanted.
1 Malicious Logic CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute March 25, 2004.
 Introduction Introduction  Definition of Operating System Definition of Operating System  Abstract View of OperatingSystem Abstract View of OperatingSystem.
Computer Organization
Chapter 15: Security (Part 1). The Security Problem Security must consider external environment of the system, and protect the system resources Intruders.
UNIT 4 ASSIGNMENT VIRUSES & DESTRUCTIVE PROGRAMS.
Chapter 13 Processing Controls. Operating System Integrity Operating system -- the set of programs implemented in software/hardware that permits sharing.
UNIT 1 INFRASTRUCTURE AND APPLICATION SUPPORT. UNIT OBJECTIVES Name the different ROSS application platforms. Describe the difference between client hardware,
Viruses & Destructive Programs
CS 1308 Computer Literacy and the Internet. Introduction  Von Neumann computer  “Naked machine”  Hardware without any helpful user-oriented features.
Input and Output Computer Organization and Assembly Language: Module 9.
 a crime committed on a computer network, esp. the Internet.
Reducing Refresh Power in Mobile Devices with Morphable ECC
1 What is a computer virus? Computer program Replicating Problematic "Event" Types Detection and prevention.
1 Higher Computing Topic 8: Supporting Software Updated
1 Chapter 1 The need for security Computerized trend (all kind of information are in the database) Information passing through Internet.
CSCE 522 Lecture 12 Program Security Malicious Code.
Rensselaer Polytechnic Institute CSC 432 – Operating Systems David Goldschmidt, Ph.D.
1 Grand Challenges in Authorization Systems Prof. Ravi Sandhu Executive Director and Endowed Chair November 14, 2011
Chapter 101 Multiprocessor and Real- Time Scheduling Chapter 10.
1 Multiprocessor and Real-Time Scheduling Chapter 10 Real-Time scheduling will be covered in SYSC3303.
6 Memory Management and Processor Management Management of Resources Measure of Effectiveness – On most modern computers, the operating system serves.
Detecting Targeted Attacks Using Shadow Honeypots Authors: K.G. Anagnostakis, S. Sidiroglou, P. Akritidis, K. Xinidis, E. Markatos, A.D. Keromytis Published:
1 TOPIC SYSTEM Z Ravi Sandhu This lecture is primarily based on: John McLean, Roger R. Schell and Donald L. Brinkley, "Security Models." Encyclopedia of.
Security CS Introduction to Operating Systems.
Operating System Principles And Multitasking
Malicious Logic and Defenses. Malicious Logic Trojan Horse – A Trojan horse is a program with an overt (documented or known) effect and covert (undocumented.
Lecture (Mar 23, 2000) H/W Assignment 3 posted on Web –Due Tuesday March 28, 2000 Review of Data packets LANS WANS.
R ECONFIGURABLE SECURITY SUPPORT FOR EMBEDDED SYSTEMS 1 AKSHATA VARDHARAJ.
Covert Channels Drew Hintz. At A Glance Definitions Who are you? Who are “they”? A Couple Good Solutions A Couple Really Good Solutions Demo Tool.
Computer Architecture Lecture 27 Fasih ur Rehman.
Information Security CS 526 Topic 17
1 X.509-style PKI Revolves around the distribution and management of digital identity certificates Invented in 1978 to facilitate message encryption In.
COEN 350: Network Security Authorization. Fundamental Mechanisms: Access Matrix Subjects Objects (Subjects can be objects, too.) Access Rights Example:
Windows XP Memory Management Aaron Lanoy and Jason Farnsworth.
Introduction to Operating Systems Prepared by: Dhason Operating Systems.
CS426Fall 2010/Lecture 211 Computer Security CS 426 Lecture 21 The Bell LaPadula Model.
Interrupts and Exception Handling. Execution We are quite aware of the Fetch, Execute process of the control unit of the CPU –Fetch and instruction as.
Von Neumann Machines. 3 The Von Neumann Architecture Model for designing and building computers, based on the following three characteristics: 1)The.
Mike Switlick. Overview What is a covert channel? Storage / Timing Requirements Bunratty attack Covert_tcp Questions.
Mandatory Access Control (MAC)
2. OPERATING SYSTEM 2.1 Operating System Function
Hustle and Bustle of SQL Pages
OPERATING SYSTEM OVERVIEW
UNIT 18 Data Security 1.
Chapter 17: Confinement Problem
Mandatory Access Control (MAC)
THE ORANGE BOOK Ravi Sandhu
Lecture 32 Syed Mansoor Sarwar
CGS 3763 Operating Systems Concepts Spring 2013
Information Security CS 526 Topic 17
Access Control Evolution and Prospects
Presentation transcript:

1 COVERT CHANNELS Ravi Sandhu

2 COVERT CHANNELS A covert channel is a communication channel based on the use of system resources not normally intended for communication between the subjects (processes) in the system

3 COVERT CHANNELS Low User High Trojan Horse Infected Subject High User Low Trojan Horse Infected Subject COVERT CHANNEL Information is leaked unknown to the high user

4 COVERT CHANNELS The concern is with subjects not users users are trusted (must be trusted) not to disclose secret information outside of the computer system subjects are not trusted because they may have Trojan Horses embedded in the code they execute star-property prevents overt leakage of information and does not address the covert channel problem

5 RESOURCE EXHAUSTION CHANNEL (STORAGE CHANNELS) Given 5GB pool of dynamically allocated memory HIGH PROCESS bit = 1  request 5GB of memory bit = 0  request 0GB of memory LOW PROCESS request 5GB of memory if allocated then bit = 0 otherwise bit = 1

6 LOAD SENSING CHANNEL (TIMING CHANNEL) HIGH PROCESS bit = 1  enter computation intensive loop bit = 0  go to sleep LOW PROCESS perform a task with known computational requirements if completed quickly then bit = 0 otherwise bit = 1

7 COPING WITH COVERT CHANNELS identification close the channel or slow it down detect attempts to use the channel tolerate its existence

8 SIDE CHANNELS VS COVERT CHANNELS Covert channels require a cooperating sender and receiver Side channels do not require a sender but nevertheless information is leaked

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.