Loading…

Cross-Router Covert Channels

Many organizations protect secure networked devices from non-secure networked devices by assigning each class of devices to a different logical network. These two logical networks, commonly called the host network and the guest network, use the same router hardware, which is designed to isolate the...

Full description

Saved in:
Bibliographic Details
Published in:arXiv.org 2019-08
Main Authors: Adar Ovadya, Rom Ogen, Mallah, Yakov, Gilboa, Niv, Oren, Yossi
Format: Article
Language:English
Subjects:
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
cited_by
cites
container_end_page
container_issue
container_start_page
container_title arXiv.org
container_volume
creator Adar Ovadya
Rom Ogen
Mallah, Yakov
Gilboa, Niv
Oren, Yossi
description Many organizations protect secure networked devices from non-secure networked devices by assigning each class of devices to a different logical network. These two logical networks, commonly called the host network and the guest network, use the same router hardware, which is designed to isolate the two networks in software. In this work we show that logical network isolation based on host and guest networks can be overcome by the use of cross-router covert channels. Using specially-crafted network traffic, these channels make it possible to leak data between the host network and the guest network, and vice versa, through the use of the router as a shared medium. We performed a survey of routers representing multiple vendors and price points, and discovered that all of the routers we surveyed are vulnerable to at least one class of covert channel. Our attack can succeed even if the attacker has very limited permissions on the infected device, and even an iframe hosting malicious JavaScript code can be used for this purpose. We provide several metrics for the effectiveness of such channels, based on their pervasiveness, rate and covertness, and discuss possible ways of identifying and preventing these leakages.
format article
fullrecord <record><control><sourceid>proquest</sourceid><recordid>TN_cdi_proquest_journals_2269761998</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>2269761998</sourcerecordid><originalsourceid>FETCH-proquest_journals_22697619983</originalsourceid><addsrcrecordid>eNpjYuA0MjY21LUwMTLiYOAtLs4yMDAwMjM3MjU15mSQcS7KLy7WDcovLUktUnDOL0stKlFwzkjMy0vNKeZhYE1LzClO5YXS3AzKbq4hzh66BUX5haWpxSXxWfmlRXlAqXgjIzNLczNDS0sLY-JUAQAmPiuu</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2269761998</pqid></control><display><type>article</type><title>Cross-Router Covert Channels</title><source>Publicly Available Content Database</source><creator>Adar Ovadya ; Rom Ogen ; Mallah, Yakov ; Gilboa, Niv ; Oren, Yossi</creator><creatorcontrib>Adar Ovadya ; Rom Ogen ; Mallah, Yakov ; Gilboa, Niv ; Oren, Yossi</creatorcontrib><description>Many organizations protect secure networked devices from non-secure networked devices by assigning each class of devices to a different logical network. These two logical networks, commonly called the host network and the guest network, use the same router hardware, which is designed to isolate the two networks in software. In this work we show that logical network isolation based on host and guest networks can be overcome by the use of cross-router covert channels. Using specially-crafted network traffic, these channels make it possible to leak data between the host network and the guest network, and vice versa, through the use of the router as a shared medium. We performed a survey of routers representing multiple vendors and price points, and discovered that all of the routers we surveyed are vulnerable to at least one class of covert channel. Our attack can succeed even if the attacker has very limited permissions on the infected device, and even an iframe hosting malicious JavaScript code can be used for this purpose. We provide several metrics for the effectiveness of such channels, based on their pervasiveness, rate and covertness, and discuss possible ways of identifying and preventing these leakages.</description><identifier>EISSN: 2331-8422</identifier><language>eng</language><publisher>Ithaca: Cornell University Library, arXiv.org</publisher><subject>Channels ; Communications traffic ; Electronic devices ; Networks ; Routers ; Technological planning</subject><ispartof>arXiv.org, 2019-08</ispartof><rights>2019. This work is published under http://arxiv.org/licenses/nonexclusive-distrib/1.0/ (the “License”). Notwithstanding the ProQuest Terms and Conditions, you may use this content in accordance with the terms of the License.</rights><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://www.proquest.com/docview/2269761998?pq-origsite=primo$$EHTML$$P50$$Gproquest$$Hfree_for_read</linktohtml><link.rule.ids>780,784,25753,37012,44590</link.rule.ids></links><search><creatorcontrib>Adar Ovadya</creatorcontrib><creatorcontrib>Rom Ogen</creatorcontrib><creatorcontrib>Mallah, Yakov</creatorcontrib><creatorcontrib>Gilboa, Niv</creatorcontrib><creatorcontrib>Oren, Yossi</creatorcontrib><title>Cross-Router Covert Channels</title><title>arXiv.org</title><description>Many organizations protect secure networked devices from non-secure networked devices by assigning each class of devices to a different logical network. These two logical networks, commonly called the host network and the guest network, use the same router hardware, which is designed to isolate the two networks in software. In this work we show that logical network isolation based on host and guest networks can be overcome by the use of cross-router covert channels. Using specially-crafted network traffic, these channels make it possible to leak data between the host network and the guest network, and vice versa, through the use of the router as a shared medium. We performed a survey of routers representing multiple vendors and price points, and discovered that all of the routers we surveyed are vulnerable to at least one class of covert channel. Our attack can succeed even if the attacker has very limited permissions on the infected device, and even an iframe hosting malicious JavaScript code can be used for this purpose. We provide several metrics for the effectiveness of such channels, based on their pervasiveness, rate and covertness, and discuss possible ways of identifying and preventing these leakages.</description><subject>Channels</subject><subject>Communications traffic</subject><subject>Electronic devices</subject><subject>Networks</subject><subject>Routers</subject><subject>Technological planning</subject><issn>2331-8422</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2019</creationdate><recordtype>article</recordtype><sourceid>PIMPY</sourceid><recordid>eNpjYuA0MjY21LUwMTLiYOAtLs4yMDAwMjM3MjU15mSQcS7KLy7WDcovLUktUnDOL0stKlFwzkjMy0vNKeZhYE1LzClO5YXS3AzKbq4hzh66BUX5haWpxSXxWfmlRXlAqXgjIzNLczNDS0sLY-JUAQAmPiuu</recordid><startdate>20190807</startdate><enddate>20190807</enddate><creator>Adar Ovadya</creator><creator>Rom Ogen</creator><creator>Mallah, Yakov</creator><creator>Gilboa, Niv</creator><creator>Oren, Yossi</creator><general>Cornell University Library, arXiv.org</general><scope>8FE</scope><scope>8FG</scope><scope>ABJCF</scope><scope>ABUWG</scope><scope>AFKRA</scope><scope>AZQEC</scope><scope>BENPR</scope><scope>BGLVJ</scope><scope>CCPQU</scope><scope>DWQXO</scope><scope>HCIFZ</scope><scope>L6V</scope><scope>M7S</scope><scope>PIMPY</scope><scope>PQEST</scope><scope>PQQKQ</scope><scope>PQUKI</scope><scope>PTHSS</scope></search><sort><creationdate>20190807</creationdate><title>Cross-Router Covert Channels</title><author>Adar Ovadya ; Rom Ogen ; Mallah, Yakov ; Gilboa, Niv ; Oren, Yossi</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-proquest_journals_22697619983</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2019</creationdate><topic>Channels</topic><topic>Communications traffic</topic><topic>Electronic devices</topic><topic>Networks</topic><topic>Routers</topic><topic>Technological planning</topic><toplevel>online_resources</toplevel><creatorcontrib>Adar Ovadya</creatorcontrib><creatorcontrib>Rom Ogen</creatorcontrib><creatorcontrib>Mallah, Yakov</creatorcontrib><creatorcontrib>Gilboa, Niv</creatorcontrib><creatorcontrib>Oren, Yossi</creatorcontrib><collection>ProQuest SciTech Collection</collection><collection>ProQuest Technology Collection</collection><collection>Materials Science &amp; Engineering Collection</collection><collection>ProQuest Central (Alumni)</collection><collection>ProQuest Central</collection><collection>ProQuest Central Essentials</collection><collection>ProQuest Central</collection><collection>Technology Collection</collection><collection>ProQuest One Community College</collection><collection>ProQuest Central Korea</collection><collection>SciTech Premium Collection</collection><collection>ProQuest Engineering Collection</collection><collection>Engineering Database</collection><collection>Publicly Available Content Database</collection><collection>ProQuest One Academic Eastern Edition (DO NOT USE)</collection><collection>ProQuest One Academic</collection><collection>ProQuest One Academic UKI Edition</collection><collection>Engineering Collection</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Adar Ovadya</au><au>Rom Ogen</au><au>Mallah, Yakov</au><au>Gilboa, Niv</au><au>Oren, Yossi</au><format>book</format><genre>document</genre><ristype>GEN</ristype><atitle>Cross-Router Covert Channels</atitle><jtitle>arXiv.org</jtitle><date>2019-08-07</date><risdate>2019</risdate><eissn>2331-8422</eissn><abstract>Many organizations protect secure networked devices from non-secure networked devices by assigning each class of devices to a different logical network. These two logical networks, commonly called the host network and the guest network, use the same router hardware, which is designed to isolate the two networks in software. In this work we show that logical network isolation based on host and guest networks can be overcome by the use of cross-router covert channels. Using specially-crafted network traffic, these channels make it possible to leak data between the host network and the guest network, and vice versa, through the use of the router as a shared medium. We performed a survey of routers representing multiple vendors and price points, and discovered that all of the routers we surveyed are vulnerable to at least one class of covert channel. Our attack can succeed even if the attacker has very limited permissions on the infected device, and even an iframe hosting malicious JavaScript code can be used for this purpose. We provide several metrics for the effectiveness of such channels, based on their pervasiveness, rate and covertness, and discuss possible ways of identifying and preventing these leakages.</abstract><cop>Ithaca</cop><pub>Cornell University Library, arXiv.org</pub><oa>free_for_read</oa></addata></record>
fulltext fulltext
identifier EISSN: 2331-8422
ispartof arXiv.org, 2019-08
issn 2331-8422
language eng
recordid cdi_proquest_journals_2269761998
source Publicly Available Content Database
subjects Channels
Communications traffic
Electronic devices
Networks
Routers
Technological planning
title Cross-Router Covert Channels
url http://sfxeu10.hosted.exlibrisgroup.com/loughborough?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-23T00%3A51%3A41IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest&rft_val_fmt=info:ofi/fmt:kev:mtx:book&rft.genre=document&rft.atitle=Cross-Router%20Covert%20Channels&rft.jtitle=arXiv.org&rft.au=Adar%20Ovadya&rft.date=2019-08-07&rft.eissn=2331-8422&rft_id=info:doi/&rft_dat=%3Cproquest%3E2269761998%3C/proquest%3E%3Cgrp_id%3Ecdi_FETCH-proquest_journals_22697619983%3C/grp_id%3E%3Coa%3E%3C/oa%3E%3Curl%3E%3C/url%3E&rft_id=info:oai/&rft_pqid=2269761998&rft_id=info:pmid/&rfr_iscdi=true