HTML5 Zero Configuration Covert Channels: Security Risks and Challenges

Files in This Item:
File Description SizeFormat 
insight_publication.pdf306.99 kBAdobe PDFDownload
Title: HTML5 Zero Configuration Covert Channels: Security Risks and Challenges
Authors: Farina, Jason
Scanlon, Mark
Kohlmann, Stephen
Le-Khac, Nhien-An
Kechadi, Tahar
Permanent link: http://hdl.handle.net/10197/6807
Date: 21-May-2015
Abstract: In recent months there has been an increase in the popularity and public awareness of secure, cloudless file transfer systems. The aim of these services is to facilitate the secure transfer of files in a peer-to- peer (P2P) fashion over the Internet without the need for centralised authentication or storage. These services can take the form of client installed applications or entirely web browser based interfaces. Due to their P2P nature, there is generally no limit to the file sizes involved or to the volume of data transmitted – and where these limitations do exist they will be purely reliant on the capacities of the systems at either end of the transfer. By default, many of these services provide seamless, end-to-end encryption to their users. The cyber security and cyber forensic consequences of the potential criminal use of such services are significant. The ability to easily transfer encrypted data over the Internet opens up a range of opportunities for illegal use to cyber criminals requiring minimal technical know-how. This paper explores a number of these services and provides an analysis of the risks they pose to corporate and governmental security. A number of methods for the forensic investigation of such transfers are discussed.
Type of material: Conference Publication
Publisher: ADFSL
Keywords: Machine learning;Statistics;Covert transfers;Encrypted data transmission;Counter-forensics
Language: en
Status of Item: Peer reviewed
Conference Details: The 10th ADFSL Conference on Digital Forensics, Security and Law (CDFSL 2015), Florida Embry-Riddle Aeronautical University, United States, 19-21 May 2015
Appears in Collections:Insight Research Collection

Show full item record

Download(s) 20

358
checked on May 25, 2018

Google ScholarTM

Check


This item is available under the Attribution-NonCommercial-NoDerivs 3.0 Ireland. No item may be reproduced for commercial purposes. For other possible restrictions on use please refer to the publisher's URL where this is made available, or to notes contained in the item itself. Other terms may apply.