Detection of covert channel communications based on intentionally corrupted frame check sequences
Date
2011-07-01
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
Abstract
This thesis presents the establishment of a covert-channel in wireless networks in the form
of frames with intentionally corrupted Frame Check Sequences (FCSs). Previous works had
alluded to the possibility of using this kind of covert-channel as an attack vector. We modify
a simulation tool, called Sinalgo, which is used as a test bed for generating hypothetical
scenarios for establishing a covert-channel. Single and Multi-Agent systems have been
proposed as behaviour-based intrusion detection mechanisms, which utilize statistical
information about network traffic. This utilized statistical information is used to detect
covert-channel communications. This work highlights the potential impact of having this
attack perpetrated in communications equipment with a low chance of being detected, if
properly crafted.
Description
Keywords
Wireless networks, Covert-channel, Hidden-channel, Behavioural intrusion detection