Security Engineering: A Guide to Building Dependable Distributed Systems
Security Engineering: A Guide to Building Dependable Distributed Systems
Web tap: detecting covert web traffic
Proceedings of the 11th ACM conference on Computer and communications security
IP covert timing channels: design and detection
Proceedings of the 11th ACM conference on Computer and communications security
Privacy management for secure mobility
Proceedings of the 5th ACM workshop on Privacy in electronic society
Embedding covert channels into TCP/IP
IH'05 Proceedings of the 7th international conference on Information Hiding
Hi-index | 0.00 |
IPv6 Stateless Address Autoconfiguration is used for autoconfiguring addresses without a server in IPv6 networks. The autoconfiguration mechanism consists of choosing an address candidate and verifying its uniqueness with Duplicate Address Detection. The autoconfiguration mechanism has privacy issues which have been identified before. However, we show that the autoconfiguration mechanisms can be used as a covert channel. The covert channel is a serious threat for communication security and privacy if used by malicious third party IPv6 vendors or malware implementors. We present practical attacks for divulging sensitive information such as secret keys of encryption protocols using the covert channel and lower layer information. The scheme can also be used for very effective Big Brother type surveillance.