Today I re-read a covert channel paper of which I only read the 'abstract' in the past. It is called 'Practical data hiding in TCP/IP' and describes a cool and different way of making covert channels possible.

Autor/Author: Dipl.-Inform. (FH) Steffen Wendzel (Date/Datum: 2008-09-22-21:32, Hits: 863)

This paper describes how to build a covert channel just by changing the order of objects to send. I made use of a un-sorted sending technique in protocol hopping covert channels for another use: making the forensic analysis harder. They use the modification of the packet sending order to transfer bit combinations what is just damn cool! (At least for a covert channel guy like me)

Let's say that one has to transfer the two packets A and B. Then one could send A,B or B,A. The first order could be interpreted as a '1' the second order as a '0' and vice versa. This is a gread idea and it pretty much the same base thinking behind my idea of protocol channels. The difference is that protocol channels use protocols instead of "objects to transfer" to transfer hidden bit combinations. Because of this I added the paper of these two researchers to the 'References' part of a new version of my protocol channel my paper (you can find the old 1,5 page version here; my current version contains more than 6 pages) to show a similar covert channel technique. I keep you up to date about the release (and presentation, if possible) of my new work.