Software Index
Linux Software Security Tools  

Covert Channels Evaluation Framework

download download home home   report broken
important software information
company name:
Sebastian Zander
license: Freeware
minimum requirements: No special requirements.
functional limitations:
Covert Channels Evaluation Framework description
Covert Channels Evaluation Framework (CCHEF) is a software framework for empirically evaluating covert channels in network protocols running under Linux.

Using encryption is not sufficient to secure communication because the simple fact that communication exists is often enough to raise suspicion and take further actions. Covert channels aim to hide the very existence of communication by using means of communication not normally intended to be used. The huge amount of data and vast number of different protocols in the Internet makes it ideal as a high-bandwidth vehicle for covert channels in network protocols.

The de-facto standard covert channel communication model is the prisoner problem. Two people, Alice and Bob, are thrown into prison and intend to escape. To agree on an escape plan they need to communicate, but Wendy the warden monitors all their messages. If Wendy finds any signs of suspicious messages she will place Alice and Bob into solitary confinement -- making an escape impossible. Alice and Bob must exchange innocuous messages containing hidden information that (hopefully) Wendy will not notice.

We have developed a flexible software framework for empirically evaluating covert channels in network protocols called Covert Channels Evaluation Framework (CCHEF). CCHEF runs under Linux and can be used in real networks with real overt traffic, but can also emulate covert channels using overt traffic from trace files. Usually testing with real traffic is restricted to controlled testbeds where it is almost impossible to generate a realistic traffic mix from a larger number of hosts. Therefore, CCHEF also runs on single hosts emulating covert channels based on overt traffic from trace files.

CCHEF is not designed to be (mis)used for real covert channel communication. Therefore, we have made no attempts to disguise the sender or receiver in any way, illegally acquire superuser priviledges etc. The sender and receiver are normal user space applications. This allows us to focus on the actual covert channel methods (embedding of hidden information in network protocols), prevents possible misuse, and makes porting easier since techniques to hide executables etc. are very operating system dependent.

The central component of CCHEF is the Channel module that interfaces with multiple device modules. Covert data to be send is read from the Covert In device, while received covert data is written to the Covert Out device. The Overt In/Out device taps into a stream of IP packets to be used as carrier for the covert data. At the sender suitable overt packets are intercepted and passed to the Channel module. The Channel module encodes the covert data and passes the modified packet back to the device, which will re-inject it into the network. If an overt packet arrives at the receiver the Channel module decodes any covert information and removes the covert channel (if possible) before re-injecting the packet. (CCHEF also supports passive receivers that uses copies of overt packets and do not delay the actual traffic, if removing the covert channel is not necessary.) The Channel module has various sub-modules responsible for modulation, framing, reliable transport, encryption etc.. Swinburne ICT - Centre for Advanced Internet Architechtures (CAIA). Publisher of Covert Channels Evaluation Framework, Author of Covert Channels Evaluation Framework 0.1. Covert Channels Evaluation Framework (CCHEF) is a software framework for empirically evaluating covert channels in network protocols running under Linux. Using encryption is not sufficient t
Similar software
CryptoLib (Popularity: ) : CryptoLib is a library that provides the implementation of several cryptographic algorithms.

It is designed as an extension to the .Net Framework cryptographic library, and it is totally interoperable with its classes.. . Publisher of CryptoLib, Author of CryptoLib 0.1. CryptoLib ...

Trf (Popularity: ) : Trf is an extension library to the script language tcl, as created by John Ousterhout. It extends the language at the C-level with so-called "transformer"-procedures.

With the help of some patches to the core the package is able to intercept all ...

Avira AntiVir UNIX Workstation (Popularity: ) : Avira AntiVir UNIX Workstation is a superior antivirus solution, especially created to offer a virus-free Linux environment, for home and network users worldwide.

Avira benefits:

- Automatic updates of the virus signatures database and of the antivirus engine;
- Extensive Malware Recognition: aside ...

Apso (Popularity: ) : Apso project is a framework for adding secrecy to version control systems. Usually, version control systems support transfer of encrypted data between clients and the server (in centralized systems) or between clients (in distributed systems).

This, however, does not help one ...

Avira AntiVir UNIX Server (Popularity: ) : Avira AntiVir UNIX Server is a VB100 % award-winning antivirus solution for Linux file servers with a real-time scanner and multifunctional performance features, designed to ensure complete protection against viruses and unwanted network programs. Uncompromising protection: - Leading detection and ...
Astaro Security Linux (Popularity: ) : Astaro Security Linux is an award-winning, unique network security solution in an integrated and easy-to-use and manage package. Astaro Security Linux includes a combination of the following security applications:

- A Firewall with stateful packet inspection and application proxies guards Internet ...

Burp Suite (Popularity: ) : Burp Suite is an integrated platform for attacking web applications. It contains all of the Burp tools with numerous interfaces between them designed to facilitate and speed up the process of attacking an application. All tools share the same robust ...
Obol (Popularity: ) : Obol is part of a project to investigate properties of security protocols, what they are, how they behave, how they interact, how to deal with them. The Obol language grew out of a desire to escape the distractions of low-level ...
eCryptfs (Popularity: ) : eCryptfs is an POSIX-compliant enterprise-class stacked cryptographic filesystem for Linux. eCryptfs is derived from Erez Zadok's Cryptfs, implemented through the FiST framework for generating stacked filesystems.

eCryptfs extends Cryptfs to provide advanced key management and policy features. eCryptfs stores cryptographic metadata ...

Email Security through Procmail (Popularity: ) : Email Security through Procmail (the Procmail Sanitizer) provides methods to sanitize email, removing obvious exploit attempts and disabling the channels through which exploits are delivered.

Email Security through Procmail also provides facilities for detecting and blocking Trojan Horse exploits and worms.. ...

Colombia Radio Stations (Popularity: ) : Colombia Radio Stations is a simple script shamelessly recopied for Amarok 2. It offers you some Colombian radio streams.. Applications for your KDE-Desktop - KDE-Apps.org. Applications for your KDE-Desktop - KDE-Apps.org Community Portal for KDE Applications Software Office Multimedia Graphic ...
Cluster Tabs for Firefox (Popularity: ) : Cluster Tabs for Firefox is a Firefox extension to end tab overload, make your browser faster and share public & anonymous cluster tab web addresses with others.

Share more on the web

Every cluster tab you create or edit has a pubic ...

User reviews

Write a review:
1 2 3 4 5 6 7 8 9 10
1=poor 10=excellent
Write review*
Your name*
Email*
  (Comments are moderated, and will not appear on this site until the editor has approved them)
 
Similar scripts
MacEval (Popularity: ) : MacEval is part of an Evaluation Framework Suite to support usability evaluators with means of performing low-cost usability evaluations. The tool allows the evaluator to record, evaluate, and analyze data user tests.
Evaluation And Report Language (Popularity: ) : The Evaluation And Report Language is an RDF based framework for recording, transferring and processing data about automatic and manual evaluations of resources. The purpose of this is to provide a framework for generic evaluation description formats that can be ...
Aglyph Framework (Popularity: ) : Aglyph is a Dependency Injection framework for Python that supports Type 2 (setter) and Type 3 (constructor)injection, and programmatic or XML-based configuration. Features: - Support for lazy/eager evaluation of arguments and setters - Extended DTD support for almost all standard ...
Edit-X Content Control Framework (Popularity: ) : Edit-X Content Control Framework is a php based script and it requires Mysql database as backend. It allows developers to add powerful content management capability to any site. It is available in two versions which are professional and lite. Professional ...
Orbicon Framework Engine (Popularity: ) : Orbicon framework engine is a CMS engine available for licensing to experienced professional web developers. The framework has been developed for enterprise enviroments and has proven itself in three CMS products - Orbicon Lite, Xtreme and Enterprise. In addition to ...
crGUI PHP Framework (Popularity: ) : crGUI PHP Framework is based on PHP5 and Javascript 1.2 (or higher). It provides classes and function for develop easy and fast web applications/webpages with graphical components. It gives you more comfort in developing web application with high usability.
Simple Framework (Popularity: ) : Simple is a high performance XML serialization and configuration framework for Java. Its goal is to provide an XML framework that enables rapid development of XML configuration and communication systems. This framework aids the development of XML systems with minimal ...
P4A Framework (Popularity: ) : P4A is a PHP5 RAD and object oriented PHP framework for building event-driven stateful web applications. It is based on Zend Framework and features tableless HTML, accesskey support, auto data type recognition, transparent AJAX, UTF-8, i18n/l10n.

Features: - Written in the ...

TEC Framework 0.2 (Popularity: ) : This PHP/JavaScript/AJAX-driven framework was designed for fast and easy website building.

The web developer doesn’t need to implement or understand the JavaScript code behind the Ajax requests or the framework as a built-in Ajax mechanism.

Zend Framework (Popularity: ) : Zend Framework is based on simplicity, object-oriented best practices, corporate friendly licensing, and a rigorously tested agile codebase. Zend Framework is focused on building more secure, reliable, and modern Web 2.0 applications & web services, and consuming widely available APIs ...
Screenshot
Covert Channels Evaluation Framework
Rate me
supported os's
stats
downloads 18
version 0.1
size in Kb 543
popularity   
2672/1272475
user rating 5/10
our rating 0 Stars
share info
Recommend Covert Channels Evaluation Framework
Report spyware
New Software
Popular Software
Latest Reviews