路由协议中的网络隐蔽通道

Proceedings of the 18th International Conference on Availability, Reliability and Security Pub Date : 2023-08-29 DOI:10.1145/3600160.3605021

Michael Schneider, Daniel Spiekermann, J. Keller

{"title":"路由协议中的网络隐蔽通道","authors":"Michael Schneider, Daniel Spiekermann, J. Keller","doi":"10.1145/3600160.3605021","DOIUrl":null,"url":null,"abstract":"Computer networks play a key role in everyday lives. To guarantee fail-safe operation, routing protocols are used that enable dynamic routing via redundant paths. Because of this, routing protocols like RIP or OSPF play an important role in modern network infrastructures. The widespread use together with the mostly missing traffic monitoring of these protocols provide a possible base to exploit these protocols for network steganographic channels. In this paper, we present a novel storage covert channel based on the OSPF routing protocol. We analyzed the protocol in detail with the help of hiding patterns to identify protocol fields that might be suitable for covert communication. We provide a proof-of-concept implementation of our covert channel inside a simulated network, which demonstrates the possibility of covert communication in a routing protocol. Our evaluation covers detectability and countermeasures, steganographic bandwidth and robustness. Furthermore, we sketch an application scenario where such a covert channel can be deployed.","PeriodicalId":107145,"journal":{"name":"Proceedings of the 18th International Conference on Availability, Reliability and Security","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2023-08-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Network Covert Channels in Routing Protocols\",\"authors\":\"Michael Schneider, Daniel Spiekermann, J. Keller\",\"doi\":\"10.1145/3600160.3605021\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Computer networks play a key role in everyday lives. To guarantee fail-safe operation, routing protocols are used that enable dynamic routing via redundant paths. Because of this, routing protocols like RIP or OSPF play an important role in modern network infrastructures. The widespread use together with the mostly missing traffic monitoring of these protocols provide a possible base to exploit these protocols for network steganographic channels. In this paper, we present a novel storage covert channel based on the OSPF routing protocol. We analyzed the protocol in detail with the help of hiding patterns to identify protocol fields that might be suitable for covert communication. We provide a proof-of-concept implementation of our covert channel inside a simulated network, which demonstrates the possibility of covert communication in a routing protocol. Our evaluation covers detectability and countermeasures, steganographic bandwidth and robustness. Furthermore, we sketch an application scenario where such a covert channel can be deployed.\",\"PeriodicalId\":107145,\"journal\":{\"name\":\"Proceedings of the 18th International Conference on Availability, Reliability and Security\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2023-08-29\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 18th International Conference on Availability, Reliability and Security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3600160.3605021\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 18th International Conference on Availability, Reliability and Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3600160.3605021","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

摘要

计算机网络在日常生活中起着关键作用。为了保证故障安全操作，使用了通过冗余路径实现动态路由的路由协议。因此，RIP或OSPF等路由协议在现代网络基础设施中发挥着重要作用。这些协议的广泛使用以及大部分缺失的流量监控为利用这些协议进行网络隐写通道提供了可能的基础。本文提出了一种基于OSPF路由协议的存储隐蔽通道。我们在隐藏模式的帮助下详细分析了协议，以识别可能适合隐蔽通信的协议字段。我们在模拟网络中提供了隐蔽通道的概念验证实现，这证明了在路由协议中隐蔽通信的可能性。我们的评估包括可检测性和对策，隐写带宽和鲁棒性。此外，我们还概述了一个可以部署这种隐蔽通道的应用程序场景。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Network Covert Channels in Routing Protocols

Computer networks play a key role in everyday lives. To guarantee fail-safe operation, routing protocols are used that enable dynamic routing via redundant paths. Because of this, routing protocols like RIP or OSPF play an important role in modern network infrastructures. The widespread use together with the mostly missing traffic monitoring of these protocols provide a possible base to exploit these protocols for network steganographic channels. In this paper, we present a novel storage covert channel based on the OSPF routing protocol. We analyzed the protocol in detail with the help of hiding patterns to identify protocol fields that might be suitable for covert communication. We provide a proof-of-concept implementation of our covert channel inside a simulated network, which demonstrates the possibility of covert communication in a routing protocol. Our evaluation covers detectability and countermeasures, steganographic bandwidth and robustness. Furthermore, we sketch an application scenario where such a covert channel can be deployed.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Proceedings of the 18th International Conference on Availability, Reliability and Security

自引率

0.00%

发文量