IPv6 Covert Channels in the Wild

Download paper

Abstract

The increasing diffusion of malware endowed with steganographic techniques requires to carefully identify and evaluate a new set of threats. The creation of a covert channel to hide a communication within network traffic is one of the most relevant, as it can be used to exfiltrate information or orchestrate attacks. Even if network steganography is becoming a well-studied topic, only few works focus on IPv6 and consider real network scenarios. Therefore, this paper investigates IPv6 covert channels deployed in the wild. Also, it presents a performance evaluation of six different data hiding techniques for IPv6 including their ability to bypass some intrusion detection systems. Lastly, ideas to detect IPv6 covert channels are presented.

Authors

  • Wojciech Mazurczyk
    This email address is being protected from spambots. You need JavaScript enabled to view it.
    Warsaw University of Technology
    Warsaw, Poland
  • Krystian Pow√≥jski
    This email address is being protected from spambots. You need JavaScript enabled to view it.
    Warsaw University of Technology
    Warsaw, Poland
  • Luca Caviglione
    This email address is being protected from spambots. You need JavaScript enabled to view it.
    National Research Council of Italy
    Genoa, Italy