Covert timing channels over HTTP cache-control headers

D. N. Kolegov; O. V. Broslavsky; N. E. Oleksov

Geodesic

Parcourir par

Covert timing channels over HTTP cache-control headers

D. N. Kolegov ; O. V. Broslavsky ; N. E. Oleksov

Prikladnaâ diskretnaâ matematika, no. 2 (2015), pp. 71-85.

Voir la notice de l'article provenant de la source Math-Net.Ru

Résumé

We introduce and discuss a new family of timing covert channels based on HTTP cache headers. We propose a general scheme of the timing covert channels in terms of access control models and data flow diagrams and suggest two base threat models for them. We then consider peculiarities of program implementation of the timing covert channels and their bandwidth depending on a HTTP cache header, a threat model, a programming language (C, JavaScript, Python, Ruby), and an environment. Finally we provide the basic characteristics of the implemented covert channels in web browsers and BeEF.

Keywords: computer security, HTTP, cache-control headers, covert channels, web application security, web browsers security, botnets.

@article{PDM_2015_2_a7,
     author = {D. N. Kolegov and O. V. Broslavsky and N. E. Oleksov},
     title = {Covert timing channels over {HTTP} cache-control headers},
     journal = {Prikladna\^a diskretna\^a matematika},
     pages = {71--85},
     publisher = {mathdoc},
     number = {2},
     year = {2015},
     language = {ru},
     url = {http://geodesic.mathdoc.fr/item/PDM_2015_2_a7/}
}

TY  - JOUR
AU  - D. N. Kolegov
AU  - O. V. Broslavsky
AU  - N. E. Oleksov
TI  - Covert timing channels over HTTP cache-control headers
JO  - Prikladnaâ diskretnaâ matematika
PY  - 2015
SP  - 71
EP  - 85
IS  - 2
PB  - mathdoc
UR  - http://geodesic.mathdoc.fr/item/PDM_2015_2_a7/
LA  - ru
ID  - PDM_2015_2_a7
ER  -

%0 Journal Article
%A D. N. Kolegov
%A O. V. Broslavsky
%A N. E. Oleksov
%T Covert timing channels over HTTP cache-control headers
%J Prikladnaâ diskretnaâ matematika
%D 2015
%P 71-85
%N 2
%I mathdoc
%U http://geodesic.mathdoc.fr/item/PDM_2015_2_a7/
%G ru
%F PDM_2015_2_a7

D. N. Kolegov; O. V. Broslavsky; N. E. Oleksov. Covert timing channels over HTTP cache-control headers. Prikladnaâ diskretnaâ matematika, no. 2 (2015), pp. 71-85. http://geodesic.mathdoc.fr/item/PDM_2015_2_a7/

Bibliographie
Cité par

[1] Lampson B. W., “A note on the confinement problem”, Comm. ACM, 16:10 (1973), 613–615

[2] Information Technology. Protection of Information Technology and Automated Systems from Threats to Information Security Implemented using Covert Channels. Part 1. General Provisions, GOST R 53113.1–2008 (in Russian)

[3] Information Technology. Protection of Information Technology and Automated Systems from Threats to Information Security Implemented using Covert Channels. Part 2. Recommendations on the Organization of Information Security and Information Technology, GOST R 53113.2–2009 (in Russian)

[4] Timing Channels, http://www.multicians.org/timing-chn.html

[5] CWE-514. Covert Channel https://cwe.mitre.org/data/definitions/514.html

[6] CWE-385. Covert Timing Channel, https://cwe.mitre.org/data/definitions/385.html

[7] Alkorn W., Frichot C., Orru M., The Browser Hacker's Handbook, John Wiley Sons, Indianapolis, 2014, 648 pp.

[8] Brown E., Yuan B., Johnson D., Lutz P., “Covert channels in the HTTP network protocol: Channel characterization and detecting Man-in-the-Middle attacks”, Proc. 5th Intern. Conf. Inform. Warfare and Security (Ohio, USA, April 8–9, 2010), The Air Force Institute of Technology, 2010, 56–65

[9] Cabuk S., Brodley C. E., Shield C., “IP covert timing channels: design and detection”, Proc. 11th ACM Conf. on Computer and Communication Security, Washington, DC, USA, 2004, 178–187

[10] RFC 2616. Hypertext Transfer Protocol HTTP 1.1, http://www.w3.org/Protocols/rfc2616/rfc2616-sec13.html

[11] Apache Core Features Documentation. FileETag Directive, http://httpd.apache.org/docs/2.2/mod/core.html#fileetag

[12] Devyanin P. N., Models of the Computer Systems Security. Access and Information Flow Control, 2 ed., Goryachaya Liniya-Telekom Publ., Moscow, 2013, 338 pp. (in Russian)

[13] Application Threat Modelling, https://www.owasp.org/index.php/Application_Threat_Modeling

[14] The Browser Exploitation Framework Project, http://beefproject.com/

[15] Born K., Browser-Based Covert Data Exfiltration, arXiv: 1004.4357

[16] Source Code BeEF, https://github.com/beefproject/beef

[17] Top 10 Web Hacking Techniques of 2014, https://blog.whitehatsec.com/top-10-web-hacking-techniques-of-2014/