{"title":"The Implementation of TCP Sequence Number Reference Model in Linux Kernel","authors":"Dr. Dhananjay M Dakhane, P. Deshmukh","doi":"10.1109/CICN.2014.104","DOIUrl":null,"url":null,"abstract":"It is observed that covert channels can be easily implemented in TCP/IP stack. It is easily achieved by embedding the covert message in the various header fields seemingly filled with \"Random\" data such as TCP Sequence Number (SQN), IP Identification (ID) etc. Such manipulation of these fields which seems \"random\" at first sight but might be detected with the help of various techniques. In this research paper we are proposing Sequence Number Reference Model as a Proof-of-Concept for sending the covert message using TCP Sequence Number (SQN) field without changing the semantics of its header field. Covert message in the packet cannot be detected by the conventional covert channel detection techniques since not a single bit of this header field is modified. We are providing a mechanism by which sender can send the covert message and receiver can interpret the same in spite of the fact that the actual covert message will not be carried by the sequence number field of TCP header.","PeriodicalId":6487,"journal":{"name":"2014 International Conference on Computational Intelligence and Communication Networks","volume":"23 1","pages":"444-447"},"PeriodicalIF":0.0000,"publicationDate":"2014-11-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2014 International Conference on Computational Intelligence and Communication Networks","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CICN.2014.104","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
It is observed that covert channels can be easily implemented in TCP/IP stack. It is easily achieved by embedding the covert message in the various header fields seemingly filled with "Random" data such as TCP Sequence Number (SQN), IP Identification (ID) etc. Such manipulation of these fields which seems "random" at first sight but might be detected with the help of various techniques. In this research paper we are proposing Sequence Number Reference Model as a Proof-of-Concept for sending the covert message using TCP Sequence Number (SQN) field without changing the semantics of its header field. Covert message in the packet cannot be detected by the conventional covert channel detection techniques since not a single bit of this header field is modified. We are providing a mechanism by which sender can send the covert message and receiver can interpret the same in spite of the fact that the actual covert message will not be carried by the sequence number field of TCP header.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
