OverCovert: Using Stack-Overflow Software Vulnerability to Create a Covert Channel

Fatayer, Tamer S.; Khattab, Sherif; Omara, Fatma A.

doi:10.1109/ntms.2011.5720645

Cited by 5 publications

(8 citation statements)

References 15 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…However, it incurs additional traffic overhead and is time-consuming. Studies [3], [6] utilize stack-overflow attacks and address space layout randomization on Linux to transmit different file formats. The sender attempts to guess the delta_mmap memory (16 bits) while one entity indirectly sends files to another entity through a server located on the same machine.…”

Section: Related Work a Relevant Studiesmentioning

confidence: 99%

“…In this study, throughput refers to the number of bits sent via the covert channel per second. The time it takes for data to be transmitted through our covert channel is the subject of our paper, referred to as 'time' [3], [6], [13], [14].…”

Section: A Experiments Environmentmentioning

confidence: 99%

“…A covert channel is a communication channel that allows two entities to indirectly transfer data by specifying and sharing knowledge before communication occurs. Various types of covert channels have been used in encoding, decoding, and transferring original messages [1], [2], [3], [4]. A covert channel is considered a mechanism for violating the communication security policy, which is not anticipated by the system creator [1].…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Creating and Developing a High-Throughput Covert Channel via Program Execution

Alhelal,

Al-Khatib

2024

IEEE Access

View full text Add to dashboard Cite

A covert communication channel facilitates direct data transfer between two parties through pre-communication knowledge agreements, ensuring secure and confidential transmission of information. However, the existing covert channels suffer from performance limitations, specifically in terms of throughput and speed. The encoding techniques employed in covert channels can be time-consuming and have limited data transfer capabilities. Furthermore, the ability of covert channels to handle files with different formats has not been sufficiently explored. This paper introduces a high-performance implementation of a covert channel that leverages Java exception handling during program execution. To optimize the covert channel's performance, this research explores the use of several encoding methods, including ASCII, Byte, Hexadecimal, Base64, and Huffman coding. The proposed covert channel's performance is evaluated and analyzed for various coding methods. To study the impact on performance, multiple file formats, including text, audio, and video, were used in the experiment. Experimental results showed that the hexadecimal coding method improves the throughput and decreases the time delay of the covert channel. This is attributed to its ability to minimize the number of tries before encountering an ''Index Out of Bounds'' exception. On the contrary, the Base64 method is found to be inefficient as it produces longer strings than the original inputs, resulting in increased time delays during data transfer. The best results are achieved when applying the hexadecimal method with Huffman coding. It takes 6241 milliseconds to transmit a 12.8-megabyte text file, with a throughput of 23116 bits per millisecond.INDEX TERMS Covert channel throughput, time, optimization, index out of bound, exception, ASCII, byte, hexadecimal, Base64, Huffman coding.

show abstract

Section: Related Work a Relevant Studiesmentioning

confidence: 99%

Section: A Experiments Environmentmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Creating and Developing a High-Throughput Covert Channel via Program Execution

Alhelal,

Al-Khatib

2024

IEEE Access

View full text Add to dashboard Cite

show abstract

“…The most important three categories of covert channels are storage covert channels, timing covert channels, and behaviorbased covert channels [3,8,9,10]. Fig.…”

Section: B Covert Channel Typesmentioning

confidence: 99%

“…As a result, they are more difficult to avoid and detect: identifying the message in a covert channel requires complete understanding of the application. Tamer Fatayer et al [4,9,12], proposed behavior based channel through exploiting memory address in Linux operating system, where this channel change the behavior of using system calls and redirect the system call to malicious code implement by attacker to perform specific tasks.…”

Section: ) Storage Covert Channelsmentioning

confidence: 99%

Systematic Analysis on the Effectiveness of Covert Channel Data Transmission

Alhelal¹,

Alkhatib²

2023

IJACSA

View full text Add to dashboard Cite

A covert channel is a communication channel that allows parties to communicate and transfer data indirectly. Covert channel types are storage, timing, and behavior channels. Covert channels can be used for malicious and benign applications. A covert channel is a mechanism for violating the communication security policy that was not anticipated by the system creator. Recently, covert channels are used to transfer text, video, and audio information between entities. This article, discusses studies related to the development of covert channels as well as the research works that focus on improving the performance/throughput of covert channels. Also, it analyzes the previous studies in terms of publication type, year of publication, article title, article purpose, transferring file format used in covert channel, coding technique, throughput performance, time needed to transfer files, and article limitations.

show abstract

Generated Un-detectability Covert Channel Algorithm for Dynamic Secure Communication Using Encryption and Authentication

Fatayer

2017

2017 Palestinian International Conference on Information and Communication Technology (PICICT)

View full text Add to dashboard Cite

OverCovert: Using Stack-Overflow Software Vulnerability to Create a Covert Channel

Cited by 5 publications

References 15 publications

Creating and Developing a High-Throughput Covert Channel via Program Execution

Creating and Developing a High-Throughput Covert Channel via Program Execution

Systematic Analysis on the Effectiveness of Covert Channel Data Transmission

Generated Un-detectability Covert Channel Algorithm for Dynamic Secure Communication Using Encryption and Authentication

Contact Info

Product

Resources

About