Covert Channel Analysis and Detection using Reverse Proxy Servers

Buchanan, W., Llamas, D. (2004). Covert Channel Analysis and Detection using Reverse Proxy Servers. 3rd International Conference on Electronic Warfare and Security (EIWC, , (), .



Data hiding methods can be used by intruders to communicate over open data channels (Wolf 1989; McHugh 1995; deVivo, deVivo et al. 1999), and can be used to overcome firewalls, and most other forms of network intrusion detection systems. In fact, most detection systems can detect hidden data in the payload, but struggle to cope with data hidden in the IP and TCP packet headers, or in the session layer protocol. This paper contains proposes a novel architecture for data hiding, and pre-sents methods which can be used to detect the hidden data and prevent the use of covert channels for its transmission. It also presents the method used in creating a system for Microsoft Windows.
[Read More]


William Buchanan
Director of CDCS
+44 131 455 2759

Areas of Expertise

Electronic information now plays a vital role in almost every aspect of our daily lives. So the need for a secure and trustworthy online infrastructure is more important than ever. without it, not only the growth of the internet but our personal interactions and the economy itself could be at risk.
Our future society, and its economy, will be built within a seamless environment of networked information resources. IIDI's Network Theme has been created to meet the demands of this society. Dr Ahmed Al-Dubai leads the Network Theme, which seeks to develop local human capital in the fields of...

Associated Projects