The Implementation of Passive Covert Channels in the Linux Kernel
The goal of this paper is to describe the idea of so called passive covert channels (PCC), which might be used by malware to leak information from the compromised hosts. This idea has been implemented in a proof-of-concept tool, called NUSHU. The primary goal of the PCC is to be as stealth as possible by not generating its own traffic at all. To be actually useful PCC should be combined with some kind of password sniffer or other information gathering software running on the compromised host. The idea is pretty simple – we do not generate our own traffic (i.e. packets) but only change some fields in the packets which are normally generated by the compromised computer. Of course, that requires that the attacker control one of the computer which receives at least most of the traffic from the compromise host, like enterprise gateway, router, etc. [via]
http://jeremian.info/gray-world.net/papers/pa...
linux
Related Files
Rate this Document
Popular eBooks
- Python Programming: An Introduction to Computer Science
- Business Data Networks and Telecommunications
- Introduction to Programming Using Java
- Linux From Scratch - Version 4.0
- Oracle/SQL Tutorial
- OpenGL Programming Guide
- A Quick, Painless Tutorial on the Python Language
- Ubuntu Desktop Guide
- The J2EE 1.4 Tutorial
- PostgreSQL 7.2 Tutorial
ADS
Tag Clouds
3d algorithm analysis application bio energy corba design ebook framework guide java javascript kernel linux manual network paper programming python reference security software system theory thesis tutorial typography web service white paper xml
BookShelf
- International Bio-Energy Trade; Background, Opportunities and IEA Task 40
- Paper and Board Manufacturing and Recycling
- PHP - Advanced Tutorial
- Relational Databases for Querying XML Documents: Limitations and Opportunities
- Exploring Photosynthesis with Fast Plants