Port knocking traditionally has been a technique used from external connections to convey information to or request services from an internal private network . UPnP as a standard allows for devices and services to open ports on network devices in order to enable functionality . By combining these two techniques it is possible to port knock internally, opening ports for an intended viewer on an external network device. This paper proposes a covert channel using this technique to exfiltrate data or broadcast messages from a system behind a UPnP device to any Internet connected system.
Date of creation, presentation, or exhibit
Department, Program, or Center
Department of Computing Security (GCCIS)
Monette, Steven; Johnson, Daryl; Lutz, Peter; and Yuan, Bo, "UPnp Port Manipulation as a Covert Channel" (2012). Accessed from
RIT – Main Campus