Donnerstag, 3. Januar 2019

New paper on a new type of active warden

Our new paper `Countering adaptive network covert communication with dynamic wardens' introduces a new type of active warden to combat sophisticated network covert channels, in particular those covert channels that are adaptive in the sense that they constantly probe which covert channel is un-blocked to communicate with a peer. Such covert channels determine changed filter rules of firewalls and can dynamically utilize other covert channel techniques than the blocked ones on demand. Moreover does this paper introduce a novel warden taxonomy. It just appeared in FGCS Vol. 94:

Wojciech Mazurczyk, Steffen Wendzel, Mehdi Chourib, Jörg Keller: Countering Adaptive Network Covert Communication with Dynamic Wardens, Future Generation Computer Systems (FGCS), Vol. 94, pp. 712-725, Elsevier, 2019.
Impact factor: 4.639 (at time of publication).

Just e-mail me in case you have no access to the article. 

Abstract
Network covert channels are hidden communication channels in computer networks. They influence several factors of the cybersecurity economy. For instance, by improving the stealthiness of botnet communications, they aid and preserve the value of darknet botnet sales. Covert channels can also be used to secretly exfiltrate confidential data out of organizations, potentially resulting in loss of market/research advantage. Considering the above, efforts are needed to develop effective countermeasures against such threats. Thus in this paper, based on the introduced novel warden taxonomy, we present and evaluate a new concept of a dynamic warden. Its main novelty lies in the modification of the warden’s behavior over time, making it difficult for the adaptive covert communication parties to infer its strategy and perform a successful hidden data exchange. Obtained experimental results indicate the effectiveness of the proposed approach.

Keine Kommentare:

Kommentar veröffentlichen