Abstract
The ability of setting up a covert channel, which allows any two nodes with Internet connections to engage in secretive communication, clearly causes a very serious security concern. A number of recent studies have indeed shown that setting up such covert channels is possible by exploiting the protocol fields in the IP, TCP, or application layer. However, the quality of these covert channels is susceptible to unpredictable network condition and active wardens. In this paper, we propose CLACK, a new covert channel which encodes covert messages into the TCP acknowledgments (ACKs). Since the message encoding is performed in a TCP data channel, CLACK is reliable and resilience to adverse network conditions. Moreover, CLACK is very difficult to detect in practice, because the TCK ACKs encoded by CLACK cannot be easily distinguished from the normal ACKs. We have implemented and tested CLACK in a test-bed to validate its correctness.
Original language | English |
---|---|
Title of host publication | Proceedings - 2009 IEEE International Conference on Communications, ICC 2009 |
DOIs | |
Publication status | Published - 19 Nov 2009 |
Event | 2009 IEEE International Conference on Communications, ICC 2009 - Dresden, Germany Duration: 14 Jun 2009 → 18 Jun 2009 |
Conference
Conference | 2009 IEEE International Conference on Communications, ICC 2009 |
---|---|
Country/Territory | Germany |
City | Dresden |
Period | 14/06/09 → 18/06/09 |
ASJC Scopus subject areas
- Computer Networks and Communications
- Electrical and Electronic Engineering