We introduce and discuss a new family of timing covert channels based on HTTP cache headers. We propose a general scheme of the timing covert channels in terms of access control models and data flow diagrams and suggest two base threat models for them. We then consider peculiarities of program implementation of the timing covert channels and their bandwidth depending on a HTTP cache header, a threat model, a programming language (C, JavaScript, Python, Ruby), and an environment. Finally we provide the basic characteristics of the implemented covert channels in web browsers and BeEF.
Download file
Counter downloads: 542
- Title Covert timing channels over HTTP cache-control headers
- Headline Covert timing channels over HTTP cache-control headers
- Publesher
Tomsk State University - Issue Prikladnaya Diskretnaya Matematika - Applied Discrete Mathematics 2 (28)
- Date:
- DOI
Keywords
компьютерная безопасность, анализ защищённости, HTTP, информационные потоки, скрытые каналы, безопасность веб-приложений, безопасность веб-браузеров, бот-сети, computer security, HTTP, cache-control headers, covert channels, web application security, web browsers security, botnetsAuthors
References
Lampson B. W. A note on the confinement problem // Comm. ACM. 1973. No. 16(10). P. 613-615.
ГОСТ Р 53113.1 - 2008 Информационная технология. Защита информационных технологий и автоматизированных систем от угроз информационной безопасности, реализуемых с использованием скрытых каналов. Ч. 1. Общие положения.
ГОСТ Р 53113.2 - 2009 Информационная технология. Защита информационных технологий и автоматизированных систем от угроз информационной безопасности, реализуемых с использованием скрытых каналов. Ч.2. Рекомендации по организации защиты информации, информационных технологий.
Timing Channels. http://www.multicians.org/timing-chn.html
CWE-514. Covert Channel. https://cwe.mitre.org/data/definitions/514.html
CWE-385. Covert Timing Channel. https://cwe.mitre.org/data/definitions/385.html
Alkorn W., Frichot C., and Orru M. The Browser Hacker's Handbook. Indianapolis: John & Wiley Sons, 2014. 648 p.
Brown E., Yuan B., Johnson D., and Lutz P. Covert channels in the HTTP network protocol: Channel characterization and detecting Man-in-the-Middle attacks // Proc. 5th Intern. Conf. Inform. Warfare and Security. Ohio, USA, April 8-9. The Air Force Institute of Technology, 2010. P. 56-65.
Cabuk S., Brodley C.E., and Shield C. IP covert timing channels: design and detection // Proc. 11th ACM Conf. on Computer and Communication Security. Washington DC, USA, 2004. P. 178-187.
RFC 2616. Hypertext Transfer Protocol HTTP 1.1. http://www.w3.org/Protocols/ rfc2616/rfc2616-sec13.html
Apache Core Features Documentation. FileETag Directive. http://httpd.apache.org/ docs/2.2/mod/core.html#fileetag
Девянин П. Н. Модели безопасности компьютерных систем. Управление доступом и информационными потоками: учеб. пособие для вузов. 2-е изд., испр. и доп. М.: Горячая линия-Телеком, 2013. 338 с.
Application Threat Modelling. https://www.owasp.org/index.php/Application_Threat_ Modeling
The Browser Exploitation Framework Project. http://beefproject.com/
Born K. Browser-Based Covert Data Exfiltration. http://arxiv.org/ftp/arxiv/papers/ 1004/1004.4357.pdf
Исходный код BeEF. https://github.com/beefproject/beef
Top 10 Web Hacking Techniques of 2014. https://blog.whitehatsec.com/ top-10-web-hacking-techniques-of-2014/
Covert timing channels over HTTP cache-control headers | Prikladnaya Diskretnaya Matematika - Applied Discrete Mathematics. 2015. № 2 (28).
Download full-text version
Counter downloads: 1302