Quote
M. Schneider, D. Spiekermann, and J. Keller, "Network Covert Channels in Routing Protocols," in ARES '23: Proceedings of the 18th International Conference on Availability, Reliability and Security, 2023, pp. 1-8.
Content
Computer networks play a key role in everyday lives. To guarantee fail-safe operation, routing protocols are used that enable dynamic routing via redundant paths. Because of this, routing protocols like RIP or OSPF play an important role in modern network infrastructures. The widespread use together with the mostly missing traffic monitoring of these protocols provide a possible base to exploit these protocols for network steganographic channels. In this paper, we present a novel storage covert channel based on the OSPF routing protocol. We analyzed the protocol in detail with the help of hiding patterns to identify protocol fields that might be suitable for covert communication. We provide a proof-of-concept implementation of our covert channel inside a simulated network, which demonstrates the possibility of covert communication in a routing protocol. Our evaluation covers detectability and countermeasures, steganographic bandwidth and robustness. Furthermore, we sketch an application scenario where such a covert channel can be deployed.
Keywords
OSPF
hiding patterns
network steganography
routing protocols
storage covert channels