Description

This paper presents a new behavior based covert channel utilizing the database update mechanism of anti-virus software. It is highly covert due to unattended, frequent, automatic signature database update operations performed by the software. The design of the covert channel is described; its properties are discussed and demonstrated by a reference implementation. This paper uses these points to strengthen the inclusion of behavior-based covert channels within standard covert channel taxonomy.

Date of creation, presentation, or exhibit

2012

Comments

The 2012 International Conference on Security and Management Note: imported from RIT’s Digital Media Library running on DSpace to RIT Scholar Works in February 2014.

Document Type

Conference Paper

Department, Program, or Center

Department of Computing Security (GCCIS)

Recommended Citation

Anthony, D.; Johnson, D.; Lutz, P.; and Yuan, B., "A Behavior Based Covert Channel within Anti-Virus Updates" (2012). Accessed from
https://repository.rit.edu/other/755

Campus

RIT – Main Campus

Download

COinS

Presentations and other scholarship

A Behavior Based Covert Channel within Anti-Virus Updates

Description

Date of creation, presentation, or exhibit

Comments

Document Type

Department, Program, or Center

Recommended Citation

Campus

Search

Browse

Author Corner

RIT Links

Presentations and other scholarship

A Behavior Based Covert Channel within Anti-Virus Updates

Authors

Description

Date of creation, presentation, or exhibit

Comments

Document Type

Department, Program, or Center

Recommended Citation

Campus

Share

Search

Browse

Author Corner

RIT Links