Covert channels pose a significant threat for networking systems. In this paper, we examine the exploitation of Session Description Protocol (SDP) information residing in Session Initiation Protocol (SIP) requests with the aim to hide data in plain sight. While a significant mass of works in the literature cope with covert communication channels, only a very limited number of them rely on SIP to realize its goals. Also, none of them concentrates on SDP data contained in SIP messages to implement and evaluate such a hidden communication channel. Motivated by this fact, the work at hand proposes and demonstrates the feasibility of a simple but very effective in terms of stealthiness and simplicity SIP-based covert channel for botnet Command and Control (C&C). As a side contribution, we assess the soundness and the impact of such a deployment at the victim’s side via the use of two different types of flooding attacks.
CITATION STYLE
Tsiatsikas, Z., Anagnostopoulos, M., Kambourakis, G., Lambrou, S., & Geneiatakis, D. (2015). Hidden in plain sight. SDP-based covert channel for botnet communication. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 9264, pp. 48–59). Springer Verlag. https://doi.org/10.1007/978-3-319-22906-5_4
Mendeley helps you to discover research relevant for your work.