Sonntag, 21. Oktober 2012

Printausgabe von Tunnel und verdeckte Kanäle im Netz

Ich habe gerade gesehen, dass mittlerweile die Druckversion von Tunnel und verdeckte Kanäle im Netz verfügbar ist. Leider verfüge ich nur über wenige Autorenexemplare und konnte auf den ersten Schlag daher nur 7 weitere Personen versorgen, die in Kürze Besuch von der deutschen Post erhalten werden.
Die restlichen Personen auf der Liste folgen Anfang/Mitte November (geht leider momentan nicht schneller).
Tunnel und verdeckte Kanäle im Netz, 1. Aufl., 2012

Freitag, 19. Oktober 2012

Dynamic Routing in Covert Channel Overlays Based on Control Protocols

A new paper got accepted at the International Workshop on Information Security, Theory and Practice (ISTP-2012) in conjunction with The 7th International Conference for Internet Technology and Secured Transactions (ICITST-2012).

Peter Backs, Steffen Wendzel, Jörg Keller: Dynamic Routing in Covert Channel Overlays Based on Control Protocols, IEEE, 2012 (to appear).

Abstract:

Covert channels aim to carry information in a way prohibited by the security policy and can be used to bypass censorship (e.g. by journalists). To establish secure covert channel communications, overlay networks with internal control protocols can be built.
We present a design method for control protocols within covert channels. Our protocol design provides the advantage of space-efficiency (in comparison to existing control protocols) and the advantage of dynamic extensibility. We apply the protocol design to realize OLSR-based dynamic routing for covert channel overlays. Our algorithm provides different optimization means to maximize the covertness and the connection quality of the channel. The approach is validated by an extensible  prototype.

Donnerstag, 4. Oktober 2012

Tunnel und verdeckte Kanäle im Netz: Online-Version verfügbar

Die Onlineversion meines neuen Titels Tunnel und verdeckte Kanäle im Netz (Springer-Vieweg, 2012) ist gerade erschienen. In Kürze wird auch die gedruckte Version verfügbar sein.

Ich wünsche allen Lesern viel Spaß bei der Lektüre und freue mich über positives Feedback!

Montag, 1. Oktober 2012

Covert Channels and their Prevention in Building Automation Protocols

A new paper got accepted at the 2nd Workshop on Security of Systems and Software Resilience in Besancon, France:

S. Wendzel, B. Kahler, T. Rist: Covert Channels and their Prevention in Building Automation Protocols -- A Prototype Exemplified Using BACnet in Proc. 2nd Workshop on Security of Systems and Software Resilience, IEEE, 2012 (to appear).

 The paper is based on my previous work on covert channels in building automation systems.

Abstract:

Security in building automation systems (BAS) recently became a topic in the security community. BAS form a part of enterprise networks and can be utilized to gain access to a company network or to violate a security policy.

Up to now, the threat of covert channels in BAS protocols was not discovered. While a first available solution can limit ``high level'' covert channels in BAS, there is no solution available to prevent covert channels on the lower level (i.e., in BAS protocols).

In this paper, we present network covert storage and network covert timing channels in the network and application layer of the BACnet protocol stack to show that protocol-level covert channels in BAS are feasible.
Additionally, we introduce the first means enabling a BAS to become multi-level secure on the network and application layer to prevent covert channels.
We built a prototype based on the BACnet firewall router (BFR) to implement multi-level security in BACnet environments.


Keywords:
access control; covert channels; network security; building automation