Steffen Wendzel

Learn More
Covert channels enable a policy-breaking communication not foreseen by a system's design. Recently, covert channels in Android were presented and it was shown that these channels can be used by malware to leak confidential information (e.g., contacts) between applications and to the Internet. Performance aspects as well as means to counter these covert(More)
Security in building automation systems (BAS) recently became a topic in the security community. BAS form a part of enterprise networks and can be utilized to gain access to a company network or to violate a security policy. Up to now, the threat of covert channels in BAS protocols was not discovered. While a first available solution can limit ``high(More)
A building automation system (BAS) is the IT equipment within a building that monitors and controls the building (e.g., measuring temperature in a room to configure the heating level within the same room). We discuss the potential and the use of botnets in the context of BAS. Our botnet concept and scenario is novel in the sense that it takes advantage of(More)
In this paper we propose a new method for the evaluation of network steganography algorithms based on the new concept of “the moving observer”. We considered three levels of undetectability named: “good”, “bad”, and “ugly”. To illustrate this method we chose Wi-Fi steganography as a solid family of information hiding protocols. We present the state of the(More)
Network covert channels are used to hide communication inside network protocols. Various techniques for covert channels have arisen in the past few decades. We surveyed and analyzed 109 techniques developed between 1987 and 2013 and show that these techniques can be reduced to only 11 different patterns. Moreover, the majority (69.7%) of techniques(More)
Covert channels aim to carry information in a way prohibited by the security policy and can be used to bypass censorship (e.g. by journalists). To establish secure covert channel communications, overlay networks with internal control protocols can be built. We present a design method for control protocols within covert channels. Our protocol design provides(More)
Network covert channels are policy-breaking and stealthy communication channels in computer networks. These channels can be used to bypass Internet censorship, to exfiltrate data without raising attention, to allow a safe and stealthy communication for members of political oppositions and for spies, to hide the communication of military units at the(More)
In a real-world network, different hosts involved in covert channel communication run different covert channel software as well as different versions of such software, i.e. these systems use different network protocols for a covert channel. A program that implements a network covert channel for mobile usage thus must be capable of utilizing multiple network(More)