-
A Case Study on Covert Channel Establishment via Software Caches in High-Assurance Computing Systems
Authors:
Wolfgang Schmidt,
Michael Hanspach,
Jörg Keller
Abstract:
Covert channels can be utilized to secretly deliver information from high privileged processes to low privileged processes in the context of a high-assurance computing system. In this case study, we investigate the possibility of covert channel establishment via software caches in the context of a framework for component-based operating systems. While component-based operating systems offer securi…
▽ More
Covert channels can be utilized to secretly deliver information from high privileged processes to low privileged processes in the context of a high-assurance computing system. In this case study, we investigate the possibility of covert channel establishment via software caches in the context of a framework for component-based operating systems. While component-based operating systems offer security through the encapsulation of system service processes, complete isolation of these processes is not reasonably feasible. This limitation is practically demonstrated with our concept of a specific covert timing channel based on file system caching. The stability of the covert channel is evaluated and a methodology to disrupt the covert channel transmission is presented. While these kinds of attacks are not limited to high-assurance computing systems, our study practically demonstrates that even security-focused computing systems with a minimal trusted computing base are vulnerable for such kinds of attacks and careful design decisions are necessary for secure operating system architectures.
△ Less
Submitted 21 August, 2015;
originally announced August 2015.
-
On Covert Acoustical Mesh Networks in Air
Authors:
Michael Hanspach,
Michael Goetz
Abstract:
Covert channels can be used to circumvent system and network policies by establishing communications that have not been considered in the design of the computing system. We construct a covert channel between different computing systems that utilizes audio modulation/demodulation to exchange data between the computing systems over the air medium. The underlying network stack is based on a communica…
▽ More
Covert channels can be used to circumvent system and network policies by establishing communications that have not been considered in the design of the computing system. We construct a covert channel between different computing systems that utilizes audio modulation/demodulation to exchange data between the computing systems over the air medium. The underlying network stack is based on a communication system that was originally designed for robust underwater communication. We adapt the communication system to implement covert and stealthy communications by utilizing the ultrasonic frequency range. We further demonstrate how the scenario of covert acoustical communication over the air medium can be extended to multi-hop communications and even to wireless mesh networks. A covert acoustical mesh network can be conceived as a meshed botnet or malnet that is accessible via inaudible audio transmissions. Different applications of covert acoustical mesh networks are presented, including the use for remote keylogging over multiple hops. It is shown that the concept of a covert acoustical mesh network renders many conventional security concepts useless, as acoustical communications are usually not considered. Finally, countermeasures against covert acoustical mesh networks are discussed, including the use of lowpass filtering in computing systems and a host-based intrusion detection system for analyzing audio input and output in order to detect any irregularities.
△ Less
Submitted 4 June, 2014;
originally announced June 2014.
-
A Taxonomy for Attack Patterns on Information Flows in Component-Based Operating Systems
Authors:
Michael Hanspach,
Jörg Keller
Abstract:
We present a taxonomy and an algebra for attack patterns on component-based operating systems. In a multilevel security scenario, where isolation of partitions containing data at different security classifications is the primary security goal and security breaches are mainly defined as undesired disclosure or modification of classified data, strict control of information flows is the ultimate goal…
▽ More
We present a taxonomy and an algebra for attack patterns on component-based operating systems. In a multilevel security scenario, where isolation of partitions containing data at different security classifications is the primary security goal and security breaches are mainly defined as undesired disclosure or modification of classified data, strict control of information flows is the ultimate goal. In order to prevent undesired information flows, we provide a classification of information flow types in a component-based operating system and, by this, possible patterns to attack the system. The systematic consideration of informations flows reveals a specific type of operating system covert channel, the covert physical channel, which connects two former isolated partitions by emitting physical signals into the computer's environment and receiving them at another interface.
△ Less
Submitted 5 March, 2014;
originally announced March 2014.
-
Service-Fingerprinting mittels Fuzzing
Authors:
Michael Hanspach,
Ralf Schumann,
Stefan Schemmer,
Sebastian Vandersee
Abstract:
Service fingerprinting (i.e. the identification of network services and other applications on computing systems) is an essential part of penetration tests. The main contribution of this paper is a study on the improvement of fingerprinting tools. By applying mutation-based fuzzing as a fingerprint generation method, subtle differences in response messages can be identified. These differences in re…
▽ More
Service fingerprinting (i.e. the identification of network services and other applications on computing systems) is an essential part of penetration tests. The main contribution of this paper is a study on the improvement of fingerprinting tools. By applying mutation-based fuzzing as a fingerprint generation method, subtle differences in response messages can be identified. These differences in response messages provide means for the differentiation and identification of network services. To prove the feasibility of the approach, an implementation of a fingerprinting tool for ftp servers is presented and compared to preexisting fingerprinting tools. As a result of this study it is shown that mutation-based fuzzing is an appropriate method for service fingerprinting that even offers advantages over preexisting methods.
△ Less
Submitted 4 March, 2014;
originally announced March 2014.
-
Verbesserung von OS- und Service-Fingerprinting mittels Fuzzing
Authors:
Michael Hanspach
Abstract:
Fingerprinting of services and operating systems is an essential part of penetration tests. In order to successfully penetrate the computing system's security measurements, preexisting fingerprinting methods are described and the paradigm of fingerprinting with mutation-based fuzzing is established. A case study about operating system and FTP server fingerprinting is presented whereby the feasibil…
▽ More
Fingerprinting of services and operating systems is an essential part of penetration tests. In order to successfully penetrate the computing system's security measurements, preexisting fingerprinting methods are described and the paradigm of fingerprinting with mutation-based fuzzing is established. A case study about operating system and FTP server fingerprinting is presented whereby the feasibility of the approach is demonstrated. The research results show that the developed tools can be used for even more precise fingerprinting than the preexisting tools.
△ Less
Submitted 3 March, 2014;
originally announced March 2014.
