• 中国计算机学会会刊
  • 中国科技核心期刊
  • 中文核心期刊

J4 ›› 2014, Vol. 36 ›› Issue (06): 1072-1076.

• 论文 • Previous Articles     Next Articles

Research of the network covert channel
technique based on TCP protocol header          

ZHANG Lingtong1,2,LUO Senlin2   

  1. (1.College of Engineering,Dali University,Dali 671003;
    2.Lab for Information Security and Countermeasures,Beijing Institute of Technology,Beijing 100081,China)
  • Received:2012-12-05 Revised:2013-04-07 Online:2014-06-25 Published:2014-06-25

Abstract:

Through studying the mechanism established by network covert channel, a network covert channel implementation method using TCP protocol header is proposed. The firewall and intrusion detection system are penetrated by the following procedure: Firstly, certain AESencrypted secret information is embedded into the sequence number/confirm number fields of the TCP header. Secondly,TCP data packets are constructed by web behavior simulating technique. Finally, information transferring and remote controlling can be implemented through this covert channel.A prototype system is also implemented.The experimental results show that, the system has some advantages such as high concealment performance, fast transmission speed, good expansibility, etc. The transmission of privacy information can be achieved. Theory basis and technical support are also provided for the network information security problem solving.

Key words: covert channel;TCP protocol;network security;information transmission;remote control