Covert channel research I did within the last years

In my research focus where 3 special topics of that area: 1. Covert channels that are able to change their underlying network protocol while the covert channel exists (so called Protocol Hopping Covert Channels), 2. Covert channels that only transfer information by changing a used protocol while transfering no modified content within the network data itself (so called Protocol Channels) and a technique to prohibit network storage channels within protocol headers (called header structure changing).

2008-2009: Diploma Thesis: 'Protokollwechselbasierte Covert Channels und Headerstrukturveränderungen zur Vermeidung von Covert Channels'

My diploma thesis is available in german only, sorry -- you can find it here. The thesis focuses Header Structure Changing, Protocol Channels and Protocol Hopping Covert Channels. It provides the most detailed information available on these topics so far (this is because the topics are all new and two of them where introduced in the thesis first). It also includes different proof of concept codes for all of this research topics.

2008-2009: Header Structure Changing

Header Structure Changing (HSC) makes it possible to prohibit different header based storage channels within network protocols by randomizing the network protocols header structure after a normalization happened. Note: Information on HSC is only available in my diploma thesis (available here) so far.

2008-2009: Protocol Channels

Protocol Channels are completely different from protocol hopping covert channels. More ...

2007-2008: Protocol Hopping Covert Channels

Protocol Hopping Covert Channels (PHCC) are a way to realize covert channels that switch between different protocols while a covert channel is established. PHCCs even can use a randomized protocol order and a mixed packet order to transfer packets what makes them hard to detect. More ...