PSCAN : a port scanning network covert channel

Mohamed, Emad Eldin; Mnaouer, Adel Ben; Barka, Ezedin

PSCAN : a port scanning network covert channel

Files

Access Instruction 124.pdf(102.84 KB)

Date

2016

Authors

Mohamed, Emad Eldin

Mnaouer, Adel Ben

Barka, Ezedin

Publisher

IEEE Computer Society

Abstract

This paper introduces PSCAN, a port scanning-based network covert channel that violates non-discretionary system security policy that does not allow data transfer from a given process (the sender) to another given process (the receiver). Using PSCAN, the sender opens and closes network ports in a way that encodes covert data. The receiver performs a synchronized port scanning procedure on the sender's host to determine which ports are open and which ones are closed then decodes the data. The paper defines the covert channel and analyzes its data rate, stealthiness, and robustness. In addition, the paper investigates countermeasures against the channel. © 2016 IEEE.

Description

This conference paper is not available at CUD collection. The version of scholarly record of this conference paper is published in 2016 IEEE 41st Conference on Local Computer Networks (LCN) (2016), available online at: https://doi.org/10.1109/LCN.2016.109.

Keywords

Computer networks , Data transfer , Scanning , Covert channel , Information hiding , ITS data , Network covert channel , Port scanning , System security , Network security

Citation

Mohamed, E. E., Mnaouer, A. B., & Barka, E. (2016). PSCAN: A port scanning network covert channel. In Proceedings - Conference on Local Computer Networks, LCN (pp. 631–634). https://doi.org/10.1109/LCN.2016.109

URI

http://dx.doi.org/10.1109/LCN.2016.109
20.500.1251https://hdl.handle.net/9/124

Collections

Department of Computer Engineering and Computational Sciences

Full item page