Abstract
The increasing diffusion of malware endowed with steganographic techniques requires to carefully identify and evaluate a new set of threats. The creation of a covert channel to hide a communication within network traffic is one of the most relevant, as it can be used to exfiltrate information or orchestrate attacks. Even if network steganography is becoming a well-studied topic, only few works focus on IPv6 and consider real network scenarios. Therefore, this paper investigates IPv6 covert channels deployed in the wild. Also, it presents a performance evaluation of six different data hiding techniques for IPv6 including their ability to bypass some intrusion detection systems. Lastly, ideas to detect IPv6 covert channels are presented.
Authors
- Wojciech Mazurczyk
This email address is being protected from spambots. You need JavaScript enabled to view it.
Warsaw University of Technology
Warsaw, Poland - Krystian Powójski
This email address is being protected from spambots. You need JavaScript enabled to view it.
Warsaw University of Technology
Warsaw, Poland - Luca Caviglione
This email address is being protected from spambots. You need JavaScript enabled to view it.
National Research Council of Italy
Genoa, Italy