cceap
The Covert Channel Educational Analysis Protocol (CCEAP) is a network protocol designed for teaching covert channels to professionals and students in higher education. It is also an easy-to-use covert channel traffic generator. The basis for CCEAP are so-called `hiding patterns'.
Science Score: 57.0%
This score indicates how likely this project is to be science-related based on various indicators:
-
✓CITATION.cff file
Found CITATION.cff file -
✓codemeta.json file
Found codemeta.json file -
✓.zenodo.json file
Found .zenodo.json file -
✓DOI references
Found 5 DOI reference(s) in README -
○Academic publication links
-
○Academic email domains
-
○Institutional organization owner
-
○JOSS paper metadata
-
○Scientific vocabulary similarity
Low similarity (13.2%) to scientific vocabulary
Keywords
Repository
The Covert Channel Educational Analysis Protocol (CCEAP) is a network protocol designed for teaching covert channels to professionals and students in higher education. It is also an easy-to-use covert channel traffic generator. The basis for CCEAP are so-called `hiding patterns'.
Basic Info
- Host: GitHub
- Owner: cdpxe
- License: gpl-3.0
- Language: C
- Default Branch: master
- Homepage: https://patterns.ztt.hs-worms.de/cceap/
- Size: 4.5 MB
Statistics
- Stars: 14
- Watchers: 4
- Forks: 3
- Open Issues: 0
- Releases: 5
Topics
Metadata Files
README.md
CCEAP: Covert Channel Educational Analysis Protocol
The Covert Channel Educational Analysis Protocol (CCEAP) is a simple network protocol designed for teaching covert channels (network steganography) to professionals and students. It is also an easy-to-use covert channel traffic generator.
The protocol is explicitly vulnerable against several hiding patterns, i.e. patterns that represent hiding methods (steganographic methods that create covert channels, see here for my GitHub online class on network steganography/covert channels). The protocol's structure is simple and self-explanatory and its implementation is kept at a minimum level of code lines to make it especially accessible to students. There is also a documentation and an academic publication (published under the umbrella of ACM CCS 2016, download link is also in the documentation) available.
Please send requests and feedback to the author: Steffen Wendzel, www.wendzel.de (steffen (at) wendzel (dot) de).
How to Cite this Work?
Steffen Wendzel, Wojciech Mazurczyk: Poster: An Educational Network Protocol for Covert Channel Analysis Using Patterns, in Proc. 2016 ACM SIGSAC Conference on Computer and Communications Security (CCS 2016). ACM, New York, NY, USA, pp. 1739–1741, DOI: 10.1145/2976749.2989037.
Kickstart - a few Examples:
1. A First Start
First, start the server, e.g. on your local host: ./server -P 9999. This lets the server run on IP 127.0.0.1, port 9999.
Then, connect with the client: ./client -D 127.0.0.1 -P 9999. This will make the client send ten simple standard messages to your server. The server should display the received packets' meta-data.
2. Covert Timing Channel
Now, let us create a simple covert timing channel that we use to transfer the file /etc/hosts. And we want to encode 1 and 0 bits with 500ms and 1000ms. Therefore, we start the server again, and then run the client as follows using CCEAP's iat_encode tool which encodes files into inter-arrival times (this would represent the Inter-arrival Time pattern):
./client -D 127.0.0.1 -P 9999 -t ´./iat_encode /etc/hosts 500 1000´
3. Simple Covert Channel Traffic Generator
Of course, one could also use dd together with /dev/random as a source of randomness to create a file with random bits and use this file instead of /etc/hosts.
Similarly, the Manipulated Message Ordering pattern can be represented using ./seq_encode /etc/hosts 256 2 instead of ./iat_encode /etc/hosts 500 1000. Check the documentation for details.
More parameters of client can be obtained by running ./client -h.
More Examples
Additional examples can be found in the sample_exercises directory and in the documentation.
Owner
- Name: Steffen Wendzel
- Login: cdpxe
- Kind: user
- Location: Worms, Germany
- Website: https://www.wendzel.de
- Twitter: cdp_xe
- Repositories: 1
- Profile: https://github.com/cdpxe
Professor at HS Worms, author of several books on InfoSec and Linux. OSS developer. #Networking #BSD #InformationHiding #Steganography #ReplicationStudies
Citation (CITATION.cff)
cff-version: 1.2.0
message: "If you use this software, please cite it as below."
authors:
- family-names: "Wendzel"
given-names: "Steffen"
orcid: "https://orcid.org/0000-0002-1913-5912"
- family-names: "Mazurczyk"
given-names: "Wojciech"
orcid: "https://orcid.org/0000-0002-8509-4127"
title: "Poster: An Educational Network Protocol for Covert Channel Analysis Using Patterns"
doi: "10.1145/2976749.2989037"
version: 1.0.0
date-released: 2016-10-01
url: "https://github.com/cdpxe/CCEAP"
preferred-citation:
type: conference-paper
authors:
- family-names: "Wendzel"
given-names: "Steffen"
orcid: "https://orcid.org/0000-0002-1913-5912"
- family-names: "Mazurczyk"
given-names: "Wojciech"
orcid: "https://orcid.org/0000-0002-8509-4127"
conference:
name: "Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security (CCS 2016)"
date-start: "2021-07-27"
start: 1739 # First page number
end: 1741 # Last page number
title: "Poster: An Educational Network Protocol for Covert Channel Analysis Using Patterns"
url: "https://github.com/cdpxe/CCEAP"
doi: "10.1145/2976749.2989037"
year: 2012
publisher: "ACM"
volume-title: "Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security (CCS 2016)"
GitHub Events
Total
- Watch event: 6
- Push event: 4
Last Year
- Watch event: 6
- Push event: 4
Issues and Pull Requests
Last synced: over 1 year ago
All Time
- Total issues: 0
- Total pull requests: 1
- Average time to close issues: N/A
- Average time to close pull requests: 1 minute
- Total issue authors: 0
- Total pull request authors: 1
- Average comments per issue: 0
- Average comments per pull request: 0.0
- Merged pull requests: 1
- Bot issues: 0
- Bot pull requests: 0
Past Year
- Issues: 0
- Pull requests: 0
- Average time to close issues: N/A
- Average time to close pull requests: N/A
- Issue authors: 0
- Pull request authors: 0
- Average comments per issue: 0
- Average comments per pull request: 0
- Merged pull requests: 0
- Bot issues: 0
- Bot pull requests: 0
Top Authors
Issue Authors
Pull Request Authors
- cdpxe (1)