Data

Tools

Indexes

Applications

Experiments

Open Source Science

nelphase

Network Environment Learning (NEL) Phase for Covert Channels (with a Feedback Channel)

https://github.com/cdpxe/nelphase

Science Score: 54.0%

This score indicates how likely this project is to be science-related based on various indicators:

  • CITATION.cff file
    Found CITATION.cff file
  • codemeta.json file
    Found codemeta.json file
  • .zenodo.json file
    Found .zenodo.json file
  • DOI references
  • Academic publication links
    Links to: researchgate.net
  • Academic email domains
  • Institutional organization owner
  • JOSS paper metadata
  • Scientific vocabulary similarity
    Low similarity (10.3%) to scientific vocabulary

Keywords

covert-channel firewall firewalls information-hiding network-security network-steganography performance-analysis research research-paper research-project research-tool scientific-publications security-tools steganography
Last synced: 6 months ago · JSON representation ·

Repository

Network Environment Learning (NEL) Phase for Covert Channels (with a Feedback Channel)

Basic Info
Statistics
  • Stars: 3
  • Watchers: 2
  • Forks: 1
  • Open Issues: 0
  • Releases: 2
Topics
covert-channel firewall firewalls information-hiding network-security network-steganography performance-analysis research research-paper research-project research-tool scientific-publications security-tools steganography
Created almost 9 years ago · Last pushed 11 months ago
Metadata Files
Readme Changelog License Citation

README.md

Network Environment Learning (NEL) Phase for Covert Channels (incl. a Feedback Channel and Warden Simulator).

In Network Steganography research, a covert channel is a stealthy communication channel. Some covert channels are capable of performing a so-called Network Environment Learning phase (or: NEL phase). Such covert channels can determine how data can be covertly exchanged in a way that countermeasures (firewalls, traffic normalizers, active wardens) can be bypassed.

For instance, a typical covert channel technique is to embed secret data in reserved or unused bits of protocol headers. A typical firewall filter could simply clear the bit to prevent such a covert channel. During the NEL phase, communicating covert channel peers can determine such a filter rule and switch to alternative covert channels.

Although the NEL phase was originally discussed in academia about ten years ago, no implementation was made available by other researchers. With NEL, we provide the first public implementation of a NEL phase on the basis of scapy and libpcap. In addition, NEL can simulate the influence of regular (static), dynamic and adaptive wardens on the NEL phase. NEL is written in C and runs best under Linux.

Requirements:

  • Scapy must be installed
  • gcc and make
  • pcap library, incl. libpcap-dev, must be installed
  • pthreads library

Documentation: Please have a look at the documentation.

My open online class on Network Covert Channels: available here.

Other Covert Channel Tools: See my repository on network covert channel tools.

Feedback: Please send requests and feedback to the author (Steffen Wendzel).

Owner

  • Name: Steffen Wendzel
  • Login: cdpxe
  • Kind: user
  • Location: Worms, Germany

Professor at HS Worms, author of several books on InfoSec and Linux. OSS developer. #Networking #BSD #InformationHiding #Steganography #ReplicationStudies

Citation (CITATION.cff) 

cff-version: 1.2.0
message: "If you use this software, please cite it as below."
authors:
- family-names: "Wendzel"
  given-names: "Steffen"
  orcid: "https://orcid.org/0000-0002-1913-5912"
title: "The problem of traffic normalization within a covert channel’s network environment learning phase"
version: 1.0.0
date-released: 2012-04-01
url: "https://github.com/cdpxe/NELphase/tree/master"
preferred-citation:
  type: conference-paper
  authors:
  - family-names: "Wendzel"
    given-names: "Steffen"
    orcid: "https://orcid.org/0000-0002-1913-5912"
  conference:
      name: "SICHERHEIT 2012 – Sicherheit, Schutz und Zuverlässigkeit"
  start: 149 # First page number
  end: 161 # Last page number
  title: "The problem of traffic normalization within a covert channel’s network environment learning phase"
  url: "https://dl.gi.de/handle/20.500.12116/18270"
  year: 2012

GitHub Events

Total
  • Push event: 3
Last Year
  • Push event: 3

Issues and Pull Requests

Last synced: over 1 year ago

All Time
  • Total issues: 0
  • Total pull requests: 0
  • Average time to close issues: N/A
  • Average time to close pull requests: N/A
  • Total issue authors: 0
  • Total pull request authors: 0
  • Average comments per issue: 0
  • Average comments per pull request: 0
  • Merged pull requests: 0
  • Bot issues: 0
  • Bot pull requests: 0
Past Year
  • Issues: 0
  • Pull requests: 0
  • Average time to close issues: N/A
  • Average time to close pull requests: N/A
  • Issue authors: 0
  • Pull request authors: 0
  • Average comments per issue: 0
  • Average comments per pull request: 0
  • Merged pull requests: 0
  • Bot issues: 0
  • Bot pull requests: 0
View more stats
Top Authors
Issue Authors
Pull Request Authors
Top Labels
Issue Labels
Pull Request Labels