Covert channel analysis and detection using reverse proxy servers.

Buchanan, William J and Llamas, David (2004) Covert channel analysis and detection using reverse proxy servers. In: 3rd International Conference on Electronic Warfare and Security (EIWC), 2004.

Available under License Creative Commons Attribution Non-commercial.

Download (346kB) | Preview


    Data hiding methods can be used by intruders to communicate over open data channels (Wolf 1989; McHugh 1995; deVivo, deVivo et al. 1999), and can be used to overcome firewalls, and most other forms of network intrusion detection systems. In fact, most detection systems can detect hidden data in the payload, but struggle to cope with data hidden in the IP and TCP packet headers, or in the session layer protocol. This paper contains proposes a novel architecture for data hiding, and presents methods which can be used to detect the hidden data and prevent the use of covert channels for its transmission.

    Item Type: Conference or Workshop Item (Paper)
    Uncontrolled Keywords: Reverse proxy server; covert channel; data hiding; firewalls; network intrusion detection systems; packet headers; session layer protocol;
    Dewey Decimal Subjects: 000 Computer science, information & general works > 000 Computer science, knowledge & systems > 005 Computer programming, programs & data > 005.8 Data security
    Library of Congress Subjects: Q Science > QA Mathematics > QA75 Electronic computers. Computer science
    Item ID: 3949
    Depositing User: Professor Bill Buchanan
    Date Deposited: 12 Jan 2011 16:24
    Last Modified: 12 Jan 2011 16:24

    Actions (login required)

    View Item

    Document Downloads

    More statistics for this item...

    Edinburgh Napier University is a registered Scottish charity. Registration number SC018373