A MAC layer covert channel in 802.11 networks
Gonçalves, Ricardo André Santana
MetadataShow full item record
Covert channels in modern communication networks are a source of security concerns. Such channels can be used to facilitate command and control of botnets or inject malicious contents into unsuspected end-user devices or network nodes. The vast majority of the documented covert channels make use of the upper layers of the Open Systems Interconnection (OSI) model. In this thesis, we present a new covert channel in IEEE 802.11 networks, making use of the Protocol Version field in the Medium Access Control (MAC) header. This is achieved by forging modified Clear To Send (CTS) and Acknowledgment (ACK) frames. Forward error correction mechanisms and interleaving were implemented to increase the proposed channel's robustness to error. A laboratory implementation of the proposed channel is presented by developing the necessary code in Python, operating in a Linux environment. We present the results of tests conducted on the proposed channel, including measurements of channel errors, available data rate for transmission, and level of covertness.
Approved for public release; distribution is unlimited
Showing items related by title, author, creator and subject.
Hacking social networks examining the viability of using computer network attack against social networks Schuhart, Russell G. (Monterey, California. Naval Postgraduate School, 2007-03);Social Network Analysis (SNA) has been proposed as a tool to defeat transnational terrorist groups such as Al Qaeda. However, SNA is an descriptive tool that is a product of sociology and not an offensive tool used to ...
Enhanced cyberspace defense with real-time distributed systems using covert channel publish-subscribe broker pattern communications Paxton, Steven G. B. (Monterey California. Naval Postgraduate School, 2008-06);In this thesis, we propose a novel cyberspace defense solution to the growing sophistication of threats facing networks within the Department of Defense. Current network defense strategies, including traditional intrusion ...
Dye, Derek J. (Monterey, California. Naval Postgraduate School, 2011-03);This thesis explores the detectability and robustness of packet length covert channels. We discovered that packet length covert channels, where a rogue user modulates the length of a Transport Control Protocol packet, can ...