comp8045 - project report v.1.3
TRANSCRIPT
Encrypted Covert
Channel on
Mobile Devices COMP8045 - Project Report
BCIT BTech Program: Network Security Administration Option
Soon Zoo Kwon (James Kwon)
1
Table of Contents
EXECUTIVE SUMMARY ................................................................................................................................... 2
PROJECT BACKGROUND ................................................................................................................................ 4
PROBLEM STATEMENT .................................................................................................................................. 6
PROJECT OBJECTIVE....................................................................................................................................... 7
TECHNICAL DETAILS ..................................................................................................................................... 8
PROJECT PROCESS .......................................................................................................................................... 11
DATA STRUCTURE DESIGN .......................................................................................................................... 12
SYSTEM ANALYSIS AND DESIGN – UML DIAGRAMS ............................................................................... 14
PROJECT ACHIEVEMENT ............................................................................................................................ 25
IMPORTANT FINDINGS ................................................................................................................................ 28
INNOVATIONS ................................................................................................................................................ 29
FUTURE ENHANCEMENTS ......................................................................................................................... 30
UNACHIEVED PROJECT GOALS .................................................................................................................. 32
VULNERABILITY ANALYSIS OF PACKET FORGERY ............................................................................... 33
TEST RESULT .................................................................................................................................................. 39
CONCLUSION .................................................................................................................................................. 43
REFERENCES .................................................................................................................................................. 44
APPENDICES .................................................................................................................................................... 45
2
Executive Summary
The main objective of this project is to implement encrypted covert channels on mobile devices
using secrete data camouflage in a UDP packet. While the implementation of the software on
mobile devices and a server, the project compares the packet networking and cryptographic
software developing environment of each mobile platform and the development frameworks for
UDP packet communication. In addition, the mobile apps and the server programming
techniques are applied to each packet level mobile framework.
In the end, this project will apply packet level network programming skills which have been
taught through the CST BTech program at BCIT.
Functionalities implemented
In order to complete the objectives of this project, the following functionalities are to be
integrated into the client module and the server module.
Data encryption and decryption using cryptographic algorithms such as RSA (Rivest-
Shamir-Adleman cryptosystem) and AES (Advanced Encryption Standard).
Design and implement a covert channel using forged packets between client mobile
devices and a server host.
Splitting and hiding encrypted data bytes into a covert channel using forged DNS
packets.
Background worker process mechanism to send the encrypted bytes secretly on mobile
devices.
Acknowledgement mechanism of UDP packet transmission between client mobile
devices and a server module.
Reassembling on server the data being received in the form of numerous packets with
each packet containing very small piece of the data.
Real-time packet forgery and forwarding of the DNS query along with the DNS
response.
3
Figure 1 Encrypted Covert Channel using Mobile Phone
Development Methodology
This project adopts a model-driven software development methodology for design and agile
software development methodology to implement the server application. The exploration of this
project has two paths of software development:
1) Client mobile apps for three different mobile platforms are developed from a PIM
(Platform Independent Model) to the implementation of multiple PSMs (Platform
Specific Model) based on the PIM. To design the models, this project adopts rapid agile
methodology with UML (Unified Modeling Language).
2) Server application based on Windows platform is also developed using agile
methodology.
4
Project Background
As we know, mobile device technology varies across the mobile platforms. Each mobile
platform has different development environments that are updated on a regular basis. The
market share of the mobile device platforms is rapidly increasing. This project is primarily a
mobile covert channel using simple and fast packet encryption on various mobile platforms such
as Android, iOS, and Windows Phone. Packet encryption on laptops or desktops is very well
known with their cryptographic libraries; however, packet cryptography on mobile devices has
several limits to implement because mobile devices have limited resources such as CPU
performance, network speed, and memory. Nowadays, mobile communication using wireless
network is rapidly expanding. More and more apps on the mobile platforms require critical data
communication. Mobile banking and mobile financing markets are soaring, but mobile network
providers don’t guarantee network security. This project implements a customized Point-to-
Point Encryption (P2PE) to be used for the security purposes.
On the other hand, the customized Point-to-Point Encryption through a covert channel might
be needed for special purposes in specific fields. This project has implemented a covert channel
adopting this mobile packet cryptography.
Covert channel is a type of computer software attack that allows the communication of
information by secretly transferring data through existing information channels or networks. It
uses the structure of the existing medium to transmit the data in small parts. This technique
makes data transfer through a covert channel virtually undetectable by administrators or users.
Covert channels have been used to steal data from highly secure systems.
Covert channel can pass the undetected payload through most firewalls and IDS (Intrusion
Detection System) hiding its data in a packet header or payload. It camouflages its data as a part
of an ordinary packet header or a packet body so that packets pass most firewalls and IDSs.
However, it is possible for covert channels to be detected by an intelligent IDS or highly skilled
network administrators even though it can hide the data in Sequence number or ACK
(Acknowledge) of TCP/IP header reserved field or use a tool. The encrypted covert channel can
prevent extracting the encrypted payload in any case. This technique can be applied to both TCP
and UDP packets. This project implements a covert channel using the UDP protocol.
Covert channel is created by using some of the space available either within the padding or
within other parts of a network packet. Covert channels use any means where data can be added
to a data stream without affecting the main body of data being transmitted. This allows the
covert receiver to abstract data from a system without creating any type of data trail. A single
5
packet might only contain one or two bytes of the covert data stream, making it difficult to
detect the unauthorized transmission.
Creating a covert channel takes some ingenious programming. Having access to the file system
at the source end of the communication is also essential. This means that a covert channel can
only be instigated by infecting system with a malicious program or through a programming
effort that has administrative or other authorized access to the system.
Covert channel analysis is one of the few ways to detect a covert channel. System performance
degradation can be used to show covert channel use, but as computers have advanced, the
degradation is insignificant compared to the amount of data processed. This makes detection
more difficult. The primary way of defending against covert channel attacks is to examine the
source code running on the source machine, as well as monitor resource use by the system in
question.
This data encryption is also useful to transmit packets through a covert channel on mobile
devices because the encrypted packets of the covert channel could not be suspicious even if the
forged packets were caught by IDS. This makes the covert channel detection be almost
impossible. Therefore, this project develops methods to detect the forged and encrypted covert
channel though studying the packet communication.
6
Problem statement
Packet communication on computer network is easily detected by network experts or spoofed
by hackers using advanced tools. Even covert channel delivering secret data can be detected and
even stolen. To avoid a detection of IDS or network administrators, a more advanced solution is
needed to hide and deliver secret data so that even the forged packets are caught avoiding
suspicion by network administrators.
This solution will require techniques such as collecting and decrypting the encrypted data from
DNS question query packets and how to reassemble the original camouflaged data at the
receive-side server host. These skills are needed to hide secret data into regular DNS question
and response of UDP packets after the data is encrypted.
On the other hand, defenders do not have a method to detect the forged DNS packets on
encrypted covert channel. Especially, network administrators who will need an advanced method
to detect and to block suspicious and forged packet communication.
7
Project Objective
The objective of this project is to deliver a running software using encrypted covert channel on
mobile devices and a server program including the achievements, lessons learned from failures,
and important findings during this project. In addition, the knowledge of CST BTech program
such as UML modeling, SDLC (Software Development Life Cycle), is applied to build the
software. The encrypted covert channel has three major functional requirements
The first functional requirement is that packets should be encrypted by RSA or AES
cryptography. This project focuses on RSA which uses two different keys at once - a
combination of a private key and a public key. The private key is known only to a device, while
the public key is given to any device or system that wants to communicate securely with it. To
decode an encrypted message, a device must use the public key, provided by the originating
device, and its own private key. Although a message sent from one device to another won't be
secure since the public key used for encryption is published and available to anyone, anyone who
picks it up can't read it without the private key. The key pair is based on prime numbers
(numbers that only have divisors of itself and one, such as 2, 3, 5, 7, 11 and so on) of long
length. This makes the system extremely secure, because there is essentially an infinite number of
prime numbers available, meaning there are nearly infinite possibilities for keys.
The second functional requirement is that the encrypted data should be hidden or camouflaged
in a part of the header or its payload which is designated by the covert channel server to avoid
any doubts when the packets are caught, the packet payloads are designed using very ordinary
DNS packets with a “standard domain name query” requesting IP addresses of well-known
websites. Thus, the covert channel server can extract the camouflaged and encrypted data from
the designated offset of the header or the payload.
The final functional requirement is that the client mobile device should control the transmission
interval to avoid suspicions of IDSs and network administrators. The packet transmission of
covert channel should be controlled with irregular or regular interval. The best method to avoid
a doubt from IDS or network administration is that the mobile device checks the packet traffic
in a Wi-Fi zone and sends its encrypted covert packets during peak time.
8
Technical Details
As described earlier, covert channel is one of the effective methods to transmit secret data using
ordinary packets. Not only a network attacker but also a network security defender, covert
channel could be an option for secure packet transmission because the forged packets of covert
channel are hidden critical data into ordinary packet such as DNS (Domain Name System)
question or ICMP (Internet Control Message Protocol). However, the hidden secret data could
be collected if it is detected and found by IDS or network administrators.
Therefore, to cover the weakness of covert channel, to make it harder to see the data being
transmitted over covert channel. Consequently, the encrypted covert channel can hide critical
data using encryption algorithm and deliver using seemingly ordinary packet format without any
suspicions of IDS and network administrators.
However, for an attacker, UDP packet communication is a challenging programming because
DNS request and response packets of UDP are connectionless packet transmission which means
the socket does not guarantee the packets reach to a receive-side server host and there is no
acknowledge signal for a sending-side client host.
Therefore, this project has implemented the following two critical techniques:
Each encrypted covert packet should have an index number of the packet in its body
and the sequence number should have maximum 4 byte length. This 4 bytes can make
maximum 65535 index numbers which is enough to send large data.
The sending host should get back a DNS response packet with the acknowledge bytes of
a DNS response packet.
The server which is a receiver collecting forged DNS queries should return DNS response
packets to the sender, or should forward the DNS response packets in the middle of the two
hosts, the sender and a real DNS. This is similar to a delegation between low-level DNS and
high-level DNS server. When a DNS server doesn't have the contents of a zone, but knows how
to find the owner, it's said to delegate service of that zone to another DNS server. Informally,
it's a pass-the-buck mechanism. This project develops a forwarding module with a real-time
forging technique of the response packets returned from a well-known the Global Top Level
Domain (GTLD) such as Google DNS server.
It is a very well-known fact that DNS request and response UDP packets can easily pass through
IDS and firewalls in any case because the packets are used frequently and regularly to access
9
websites. This is the reason why this project has chosen DNS request and response packets as
forged UDP packets to implement encrypted covert channel.
This project has used the following core technique to implement the client and server module.
Cryptography ( Encryption and Decryption using RSA or AES algorithm)
Real-time Packet Forgery ( UDP packet, DNS query and response )
Parity Check Byte ( similar to parity check bit, but it is for acknowledge packet from the
server)
DNS query forwarding and real-time camouflage the DNS response packet
Three ways for packet camouflage
The main technique to implement a covert channel is UDP packet camouflage. The following
are three methods to achieve this technique:
1. IP Header camouflage
a. There are two different versions of IP headers which have been defined, IPv4
and IPv6.
b. This project adopts only IPv4 because of a camouflage issue of IPv6.
c. IPv4 Header consists of 13 fields and the final field “Option” can be modified by
socket methods in a raw packet library of Windows Phone and iOS platform.
2. UDP Header camouflage
a. It consists of four fields, source port, destination port, length and checksum. The
four fields are 4 bytes each. Source and destination ports are predefined by their
UDP socket. Therefore, port camouflage is not possible. Most well-known UDP
server ports are located under 1023 port. Length field is the number of bytes in
entire datagram including header. The three fields are used for correct
transmissions between hosts. However, the Checksum field is used to check the
payload parity check bytes.
3. UDP payload camouflage
a. UDP payload varies by the application protocol such as DHCP, DNS, or RIP
(Routing Information Protocol).
b. This project chooses DNS request and response headers because they are often
used in any case of the Internet access, especially, web browsing.
Unfortunately, it is found the fact that Android an iPhone platform doesn’t allow a raw socket
transmission unlike Windows Phone platform. Therefore, this project adopts the UDP payload
camouflage to implement.
10
Software modeling
This project adopts model-driven architecture approach for design and implement the
client modules.
Figure 2Model-driven approach - PIM and PSM
The model-driven architecture approach defines system functionality using a platform-
independent model using an appropriate domain-specific language (DSL). The PIM of this
project consists of six main UML diagrams such as Usecase, Sequence, Statechart, Activity,
Deployment, and Class diagram. The PIM is translated to the multiple platform-specific models
that mobile devices can be implemented. This requires mappings and transformations and
should be modeled too. The PSMs consist of Sequence, Deployment, and Class diagram for
each platform.
Through the PSMs, source codes are concretely designed for each mobile apps on each
platform. For instance, Java class diagram with specific methods are designed for Android
platform, Object-C class diagram with specific methods are designed for iOS 8, and C# class
diagram with specific methods are designed for Windows phone platform. The each source code
is implemented by the PSMs then.
11
Project Process
This project has been conducted since January, 2015 and took 8 months to finish and submit
the report. During the duration, this project has faced a lot of barriers and failures such as
obtaining device, applying the network and cryptographic API libraries of the platforms, and
setting up the development environments. Especially, the network and cryptographic API
libraries are very different on each platform even though the cryptographic algorithms are
same. In addition, the Appstore of Apple company requires a developer license to connect
an iPhone with the development tool, X-Code. They also do not allow debugging of a
mobile app on the iPhone device without the provisioning.
The detail process and the Gantt chart are attached on the appendices.
1. Researching and studying the mobile platforms and their network APIs
2. Analysis of the prototype for Android
3. Designing Data structure
4. Designing PIM( Platform Independent Model) using UML
5. Designing PSM( Platform Specific Model) using UML
6. Designing User Interface of mobile devices and server
7. Setting up the developing environment
8. Prototyping
9. Designing and Programming
10. Testing and Debugging
11. Documentation and Final Report
12
Data Structure Design
This project designs the data structure to be applied on the mobile apps.
Target File (Any file type)
o The target file to send through the encrypted covert channel.
Unencrypted Data (byte array)
o In-memory byte array data from the target file to be encrypted
Encrypted Data(byte array)
o In-memory byte array data from unencrypted data by any cipher algorithms
Decrypted Data(byte array)
o In-memory byte array data from encrypted data by any cipher algorithms
DNS question query list ( Hexadecimal )
o Packet payload of DNS request for query various websites
o To generate forged DNS request packet, mobile devices read the list file and
insert encrypted data and its index number into packet header or payload.
Figure 3 DNSRequestQueryList.txt
Forged DNS query (UDP packet)
o Made by mobile devices (clients) from the randomly selected forged DNS
request in the forged DNS request list.
Forged DNS response (UDP packet)
o Made in real-time by the target server using the real DNS response packet.
RSA key pair - private and public keys(Binary or XML)
e235010000010000000000000377777706676f6f676c650263610000010001 d3120100000100000000000003777777057961686f6f03636f6d0000010001 a4f701000001000000000000037777770766697265666f7803636f6d0000010001 992a010000010000000000000232370e636c69656e742d6368616e6e656c06676f6f676c6503636f6d0001 70d2010000010000000000000777696e646f777308706f6c6963696573046c697665036e657400001c0001 a66f01000001000000000000037777770362626302636f02756b0000010001 2532010000010000000000000773657276696365096d6178796d69736572036e65740000010001 7f3001000001000000000000056963686566046262636902636f02756b0000010001 ff9601000001000000000000037777770362626303636f6d0000010001 4a3f01000001000000000000056e6f64653106626263696d6702636f02756b0000010001 6bb7010000010000000000000473686f700362626303636f6d0000010001 b7e7010000010000000000000273610362626302636f02756b0000010001 9452010000010000000000000470696e6709636861727462656174036e65740000010001 d0ab0100000100000000000002676f096d6963726f736f667403636f6d0000010001 2100010000010000000000000377777703636e6e03636f6d0000010001
13
o Pre-generated and encoded binary byte data file or XML file to be used for RSA
algorithm by the server and installed into mobile device module (public key) and
the server module (private key).
Figure 4 public.key.xml
Figure 5private.key.xml
AES(Advanced Encryption Standard) key (string)
o Pre-generated a simple string data to be used for AES algorithm and installed
into mobile device module and the server module.
o The same strings are used to encrypt by the sender and to decrypt by the receiver
both.
o The length of the string does not matter because it is pointless if the string is
more than 100 bytes.
<RSAKeyValue>
<Modulus>gPWPquMFSu7XcBBZC9ulml3ifNpPe3RB4gcnH5ZBdNKxlm+Bza96ZsIWoQIcjdSl3mxDyqz
xxKFLSHPKuHZOzckhRuqOv+A6bvgS5KPXlFlwtQ491H7qhutMVMEsIBzXlecMK2b7beVirPRcuiNFkPQm+iDTOL
FrKd3TivcxHec= </Modulus>
<Exponent>AQAB</Exponent>
</RSAKeyValue>
<RSAKeyValue> <Modulus>gPWPquMFSu7XcBBZC9ulml3ifNpPe3RB4gcnH5ZBdNKxlm+Bza96ZsIWoQIcjdSl3mxDyqzxxKFLSHPKuHZOzckhRuqOv+A6bvgS5KPXlFlwtQ491H7qhutMVMEsIBzXlecMK2b7beVirPRcuiNFkPQm+iDTOLFrKd3TivcxHec=</Modulus> <Exponent>AQAB</Exponent> <P>ucjt4wW1baoPE5XVx6iMr0XonIXL4oedQL4/zl5yZVd8GGCQ+DzwUZnQeqo66lvtHIrBE9kmGYkdtx34zgyP0w==</P> <Q>sbKh4jCLwUGqxqmooHmFsH3jFuuCCWYQb0YMrg2hnWiU7Srzq/gSVZDOj6COFXPqX5riT6bXfkwD++/nc9cBHQ==</Q> <DP>k7gUlfb7C+g0tqDjay40NkTCsHmd5E9qFIlw2Fi2YqfN7uARRJ/HgUpovq/NynwvKwuUe4CkT5d7fhchtku8qw==</DP> <DQ>G77xqfi8iaNwP+7TxqLS7hjp8XU6a69FF6rPZgn41zQyNMoFHC/y5OtkZWbDaLQdv2nWtmstsKm74YW3FQ5YPQ==</DQ> <InverseQ>XQjfWmxsuGU8UbhX6cIITZBoHnoRtjMWlI48ZcyPh9nZo9k+wPfPL12BYA05EjQ7Yg4e5wRtjF3KtmjiBnB+hQ==</InverseQ> <D>VPNupL/QKMCVovjh7/HNcZcPL/gQC99V1zOnDiPJEtAItHTYKUrDcxXAGmhtrvC6I39mWQj8au9lzGCa1lD5L58xHyi21x6uHpl7PQlwVCLJSR/LQ4tojSGEHg5MBKzbeWmjejcsxlDCVEgxcYxObNMk7qLhRTlhoBetBvtQDuE=</D> </RSAKeyValue>
14
System Analysis and Design – UML Diagrams
Through the analysis of encrypted covert channel usage, there are two types of users are defined
– sender and receiver. The followings are analysis and design diagrams using UML.
Analysis – Use case Diagram
A mobile device as a sender module consists of four use cases and target server consists of five
use cases based on the above scenario.
Figure 6Analysis – Use case Diagram
Basic scenario If a sender chooses a file to send, then main Usecase includes a file reader module and an encryption module. Receiver side host waits the transmissions from a sender side host then receives the encrypted packets. After receiving, the server extracts and collects the encrypted data, then decrypts the data. Finally, the data is saved to a file.
15
Analysis – Activity Diagram
Activity Diagram shows the detail process of the mobile device and the target server.
Figure 7Analysis – Activity Diagram
16
Analysis – Sequence Diagram for Mobile Device (Platform Independent Model)
Mobile device module consists of three major modules:
Encrypted Covert Channel Client: the main module to combine other module and to
make a forged DNS packets.
Cipher module: includes encryption and decryption methods
Socket UDP Packet Library: packet transmission API of a platform library
Figure 8Analysis – Sequence Diagram for Mobile Device (Platform Independent Model)
17
Analysis - Sequence Diagram for Android (Platform Specific Model)
Android platform specific model is designed based on the Platform Independent Model of
mobile device module.
Encrypted Covert Channel Client: MainAcitivity contains the most of all the functions of
the PIM.
Cipher module: includes encryption and decryption methods using Android API.
Socket UDP Packet Library: packet transmission API of a platform library
Figure 9Analysis - Sequence Diagram for Android (Platform Specific Model)
18
Analysis - Sequence Diagram for Windows Phone (Platform Specific Model)
Figure 10Analysis - Sequence Diagram for Windows Phone (Platform Specific Model)
Analysis - Sequence Diagram for the Server (Platform Independent Model)
Figure 11Analysis - Sequence Diagram for the Server (Platform Independent Model)
19
Analysis - Sequence Diagram for Server (Platform Specific Model)
Figure 12Analysis - Sequence Diagram for Server (Platform Specific Model)
Analysis – State Chart Diagram
State Chart Diagram shows asynchronous communication between the mobile device and the
target server. When the mobile device is ready to send, the target server is waiting for the first
initial packet from the mobile device.
When the mobile device starts sending forged DNS question query packets to the target server,
the target server receives the packets then it sends response packets to the mobile devices. This
circular state continues until there is no more packets to send from the mobile device.
20
Design – Deployment Diagram
Deployment Diagram shows four nodes which are consisted of the system. Internal firewall is
between the mobile device and the target server opening DNS port 53. The internal firewall
could be a mobile firewall of each platform or an intranet firewall. Top-level DNS server is for
responding real DNS response packets.
Figure 13Design – Deployment Diagram
21
Design – Class Diagram for Android
During the design process, Exception Handler class is added to handle the exceptions and error
of classes. Most of the functions are located in the MainActivity1 class and only Crypto1 class
includes the encryption and decryption methods.
Figure 14Design – Class Diagram for Android
22
Design – Class Diagram for Windows Phone
Encrypted Covert Channel on Windows Phone platform consists of five classes. MainPage and
Crypto Classes are same as Android version; however, Protocol Class contains the all raw IPv4
and IPv6 Protocol Header format. In addition, FileReader Class reads the data files. Creating a
socket client and sending and receiving packet classes is separated from the MainPage Class
unlike Android version.
Figure 15Design – Class Diagram for Windows Phone
23
Design – Class Diagram for iPhone
Figure 16 Class Diagram for iPhone
24
Design – Class Diagram for the Server on Windows
The server module is designed for Windows Platform to be implemented. It consists of six
classes.
Figure 17 Design – Class Diagram for the Server on Windows
25
Project Achievement
Micro-Byte level packet manipulation
o This project has brought very useful experiences of micro level packet handling.
Especially, inserting encrypted data into ordinary IP header, UDP header and
UDP payload is the most critical programming because each mobile platform
and its library is very sensitive validation of the packets which pass through the
mobile networking modules.
o Unfortunately, there are not many explanations on the mobile platform APIs and
books about the packet validation.
o Therefore, the failures in this project have formed the lessons learned by
experience.
Forging DNS query and response packets
o Making DNS query on mobile devices is one of critical problems because it
should be randomized and automatically generated by the module.
o This project makes a DNS query list file which contains DNS request query and
randomly fetches for each hexadecimal data of them.
o After fetching a hexadecimal data, forging logic inserts two following important
byte data: the first data is one byte size of encrypted data to be transmitted to the
server module, and the second one is 4 byte size of index number of the
encrypted data byte in the encrypted data array.
Encryption and Decryption on mobile platforms
o RSA (Rivest-Shamir-Adleman cryptosystem) and AES (Advanced Encryption
Standard) algorithms are very well-known cryptographic algorithms; however,
each mobile platform adopts different implementations and APIs.
o For instance, Android platform using Java programming language adopts and
supports binary and XML key pair (pubic key and private key) both, while
Windows Phone only supports string based XML key pair.
o This project applies both, but AES algorithm with string based XML key pair has
given “invalid padding property value exception” on Windows platform when
Android client module sends encrypted bytes.
o The cause was the encrypted bytes are different between Java API and Windows
API.
o Therefore, this project applies RSA algorithms to implement both sides of the
client and server module cryptography.
26
Real-time UDP packet forgery
o As it is mentioned, an important factor of UDP packet communication is a
connectionless transmission model with a minimum of protocol mechanism
unlike TCP. It doesn’t have a handshaking dialogues, and no guarantee of
delivery, ordering, or duplicate protection. It has checksums for data integrity.
o Because DNS packet communication is the most believable and unsuspicious
method to pass through firewall systems and IDS, this project chooses DNS
query and response packets which are UDP application protocol.
o However, the DNS packets should be transmitted asynchronously.
o This project uses a forged DNS server to fabricate the DNS response packet in
real-time.
o Following simple process describes the real-time UDP packet fabrication on the
target server.
Acknowledge technique using connectionless packet transmissions.
o There is an IP identification field and DNS Query ID field to check the packet
delivery without loss; however, encrypted covert channel requires another
acknowledge methods to confirm safe delivery. Using the DNS request and
response packets does not guarantee it. Therefore, this project covers the issues
of no guarantee of delivery.
1. Receive a forged DNS query packet from a client module of a test
mobile device.
2. Fetch the specific camouflage bytes of the packets to reassemble an
encrypted data.
3. Keep the socket with the source port number of the sender client
module.
4. Forward the camouflage DNS packet to a well-known the Global
Top Level Domain (GTLD) DNS server such as Google DNS
server. ( IP address : 8.8.8.8 or 8.8.4.4 )
5. Wait and receive the DNS response packet from the top-level DNS
server.
6. Insert an index byte and parity check bytes to be used as a guarantee
of delivery and ordering of the whole encrypted packets in real-time.
7. Forward the camouflage packet to the client module of test mobile
device using the socket and the source port number which are kept at
step 3.
27
o Each DNS query packet delivers a specific value using reserved bytes such as
encrypted packet index number, and expects the value in the DNS response
packet from the forged DNS server module.
o A function in the client module of mobile device compares the two values and
decides to resend or decides to send next packet.
o However, to avoid a suspicion of IDS, the two values of DNS request and
response can be different during the acknowledge process. To implement the
acknowledge technique, it requires a simple f(x) = y formula to compare the two
acknowledge values. For instance, if the client sends x value, then the server
returns y value using the simple f(x) = y formula.
Background worker process technique on mobile devices.
o During the forged DNS packet transmission process technique of the client apps
on mobile devices, the program allows that users can send the process to the
back of a touch screen.
o This background worker process technique supports the secret transmissions on
the mobile devices without intervention of a user.
o However, it also allows a user to stop the background process by touching the
“Cancel” button whenever the user wants.
o This background worker process technique can be applied for many purpose of
mobile applications such as machine-to-machine communication or data
buffering.
28
Important Findings
In the beginning of this project, the deep knowledge of each mobile platform and cryptography
API were required in advance. Especially, the low-level packet networking environment of each
mobile platform was analyzed very carefully. After the research, some important facts were
found.
Android, Windows Phone and iPhone platform don’t allow the source IP address
forgery: IP packets are not sent if the source IP address of the packet is different from a
given host IP address by DHCP (Dynamic Host Configuration Protocol) server.
Encryption and decryption APIs of each platform are not compatible: Windows Phone
doesn’t have any API to read encoded binary RSA key pairs (public and private keys);
however, Android doesn’t support XML based RSA key pairs. Therefore, this project
generated two different types of RSA key pairs for Windows Phone and Android
Platform.
AES Encryption and decryption API using password are similar and easily compatible.
Android and iPhone doesn’t allow mobile app developers to forge IP packet header, but
Windows Phone OS allows it. However, native code which is a binary module of mobile
OS can make it possible, if the native code can be installed into the mobile OS. Mobile
device producers modify and customize the mobile OS installing their own module into
the native code.
29
Innovations
During this project, three innovative skills have been developed and adopted.
Byte-level packet fabrication
o This project implements packet camouflage replacing the ordinary bytes of the
typical DNS request and response to encrypted secret bytes.
Real-time DNS packet fabrication
o DNS response packets from a real DNS server are forged by an encrypted covert
channel server and forwarded to a client mobile device in real-time.
o Of course, there is a slight time gap between request and response transmission
comparing to a normal transmission; however, the time gap can be overcome if
the server and network environment support higher speed to minimize the time
gap.
Methodology of forged packet detection
o Through the research of the potential vulnerabilities of DNS packets and the
forging techniques, this project develops the methods to detect forged packets.
o This may be useful to develop and to improve an advanced IDS or a firewall.
30
Future Enhancements
IPv6 packet fabrication and camouflage
o More and more devices and hosts has already adopted IPv6. This project
implements the client and server program using IPv4 only because there was a
camouflage issue and there was not much time to adopt IPv6. However, it is
easily implemented if the PIM (Platform Independent Model) of this project is
used for extending to IPv6.
Multi-to-multi encrypted covert channel
o This project implements only one-to-one encrypted covert channel at one time.
The server and clients could create one channel at a time. However, if multi-
thread technique is adopted, the server and clients could create multiple
encrypted covert channels.
Byte-level packet camouflage with the packet header and payload forging can be
extended to create the securest covert channel to transmit maximum secret data. It is
suitable for small and critical packet transmission between devices and a host, or
between devices such as IoT (Internet of Things) technology.
Figure 18 Multi-to-multi encrypted covert channel
31
On the other hand, the detection technique of encrypted covert channel is useful to
improve IDS functionalities using detection algorithms which is implemented based on
the technique of byte-level camouflage and detection.
In addition, mobile devices upgrading their network modules can be extended to validate
and block the packets which are forged by hackers.
32
Unachieved Project Goals
A forged DNS server on Linux platform
o To implement the server module, this project chose Linux platform at the
beginning. However, this project changes to Windows platform after comparing
the development environment between Linux and Windows.
o Server programming on Windows using Visual Studio and C# is more effective
and productive than a server programming on Linux.
o However, the program can be easily converted to other platforms because this
project designs the PIM (Platform Independent Model) to transfer the
implementation.
Two mobile client version on Tizen and FireOS platform
o This project had a plan to implement client modules on Tizen and FireOS
platforms; however, obtaining the devices was not easy, and the development
environment of socket communication are not stable yet because the platforms
are relatively new.
33
Vulnerability analysis of packet forgery
The other goal of this project is how to detect the forged and encrypted packets using covert
channel and prove that the covert channel packets contain critical data. As a network security
defender or a hacker, this goal is more difficult than the first goal because the attacker’s spear is
too strong and the defender’s shield cannot conduct its duty. On the other hand the spear, the
encrypted covert channel does perfectly conduct its duty; therefore, the shield, IDS might not
easily conduct its duty. The only way to detect the encrypted covert channel is by analyzing each
of the packets and finding the suspicious patterns of the forged packets.
Network administrators are concerned as a defender, worry about system security such as
potential data leaking or heart bleeding through the Internet. Advanced detection techniques or
solutions are required. Encrypted covert channel is an attack that is difficult to detect because
the packet is forged to look a typical DNS request query and response. However, there is are
some ways to detect the encrypted covert channel.
During the course of this project, it is found that there are many potential vulnerabilities through
packet forgery. This chapter explains the each forgery and camouflage detection method.
IP Header forgery and camouflage detection
Figure 19 IPv4 Header Structure
o IP header contains important information of IP version, source IP, destination IP, time-to-
live, etc.
o In the structure, The Internet Header Length (IHL) (4bits), Total Length (16 bits),
Identification (16 bits), Fragment Offset (13 bits) and Header Checksum (16 bits) have
possibilities of forgery to hide and to deliver secrete data passing an IDS and a firewall.
34
Internet Header Length (IHL) – 4 bits o Internet Header Length of IPv4 header may contain a variable number of options, this
field specifies the size of the header. It can defines a minimum of 20byte size using 5 bits (5 bit×32bits = 160 bits = 20 bytes) to a maximum of 60 byte length of 15 words (15×32 bits) or 480 bits. All mobile platforms already have the validation mechanism for IHL field. Socket libraries of each platform assign the IHL value when the packet is generated automatically. However, there is a small window to forge the IHL field using native code for each platform.
o To detect the forgery of the field, IHL should be compared to the real length of a header.
Total Length – 16 bits o Total Length defines the total IP datagram length in bytes. Since the header length gives
the length of header and this field gives the total length, so the length of data and its starting point can easily be calculated using these two fields. In addition, this is a 16 bit field and it represents length of IP datagram; therefore, the maximum size of IP datagram is 65535 bytes. When IP fragmentation takes place over the network then value of this field also changes. There are cases when IP datagrams are very small in length but some data links like Ethernet pad these small frames to be of a minimum length, 46 bytes. To know the exact length of IP header in case of Ethernet padding, this field is very useful.
o However, total length field also has a possibility of being forged into the same as IHL.
o To detect the forgery of Total Length, it should be compared to the total length of the IP datagram.
Identification field – 16 bits o Identification field is used for uniquely identifying the IP datagrams. This value is
incremented every-time an IP datagram is sent from source to the destination host. This field is used while reassembling the fragmented IP data grams. However, this field is easily forged to hide secret data bytes because it is hard to detect if the field contains a fake fragmented IP data gram ID to reassemble them. Therefore, the field can easily be used to deliver a secrete data.
o In order to detect the forgery of Identification field, it is needed that the value should be traced while the packet has the same source IP address and destination IP address; however, it is technically impossible because IDS should keep the source IP address and destination IP address of each packet and check the Identification field value comparing to the previous Identification field value while the packet is passing through the IDS. Therefore, the Identification field forgery is the hardest one to detect.
35
Fragment Offset – 12 bits o Fragment Offset field, measured in units of eight-byte blocks (64 bits), is 13 bits long
and specifies the offset of a particular fragment relative to the beginning of the original none-fragmented IP datagram. The first fragment has an offset of zero. This allows a maximum offset of (213 – 1) × 8 = 65,528 bytes, which would exceed the maximum IP packet length of 65,535 bytes with the header length included (65,528 + 20 = 65,548 bytes).
o This field has a possibility to be forged delivering secrete bytes instead of Fragment Offset of datagram because it is hard to detect the field calculating the offset of each packet datagram.
o To detect the field forged, IDS should trace the offsets of the each datagram for the same source IP address and same destination IP address of each packet.
Header Checksum – 16 bits o Header Checksum (16bits) represents a value that is calculated using an algorithm
covering all the fields in header (assuming this very field to be zero). This value is calculated and stored in the header when IP data gram is sent from source to destination and at the destination side this checksum is again calculated and verified against the checksum present in the header. If the value is same then the datagram was not corrupted else it’s assumed that datagram was received corrupted. So this field is used to check the integrity of an IP datagram.
o However, the Header Checksum can be forged to deliver a secrete data if the source and destination host determine the field as a covert channel field.
o To detect the Header Checksum forgery, IDS should calculate and verify against the checksum present in the header. It is easy to calculate, but it might occur packet transmission delay.
Options field – variable o Options has a variable length and represents a list of options that are active for a
particular IP datagram. This is an optional field that may or may not be used. If any option is present in the header then the first byte is represented as follows :
class number length description
0 0 – end of option list
0 1 – no operation
0 2 11 security
0 3 var. loose source routing
0 9 var. strict source routing
0 7 var. record route
0 8 4 stream id
2 4 var. INTERNET time stamp Figure 20Options Table
36
o Options field is easily forged if the field is not used for the original purpose, and it is hard to detect the field is forged because there are a lot of possibilities to be used.
o Only way to detect the forgery is the option number and its length should be compared and matched.
UDP Header forgery and camouflage detection
Figure 21 UDP Header Structure
o UDP Header represents 4 default fields: Source Port (2bytes), Destination Port (16bits),
Length (16bits), and UDP Checksum (16bits); however, Java and iPhone platform do not
allow UDP packet header forgery.
o Among the fields, UDP Length (16bits) and UDP Checksum (16bits) have possibilities to be
forged and to deliver secure data bytes.
UDP Length – 16 bits o UDP Length represents the length of UDP Header and payload data in bytes. This
means the minimum value of the length is the UDP Header size, 8 bytes and maximum value is 65,535 bytes.
o To detect UDP Length forgery, the real length of the UDP should be compared to UDP Length value.
UDP Checksum – 16 bits o UDP Checksum is computed as the 16-bit one's complement of the one's complement
sum of a pseudo header of information from the IP header, the UDP header, and the data, padded as needed with zero bytes at the end to make a multiple of two bytes. If the checksum is cleared to zero, then it is disabled.
o UDP Checksum forgery is similar to UDP Length forgery. It is easily forged but should be checked to see if the validation is detected.
37
UDP Payload forgery and camouflage detection
o Numerous key Internet applications use UDP, including: the Domain Name System (DNS),
where queries must be fast and only consist of a single request followed by a single reply
packet, the Simple Network Management Protocol (SNMP), the Routing Information
Protocol (RIP) and the Dynamic Host Configuration Protocol (DHCP).
o This project deals with DNS payload which consists of 14 fields.
DNS Query ID – 16 bits o DNS Query ID is a 16bits and unique identifier created in the query packet and left
intact by the server sending the reply; it allows the server making the request to associate the answer with the question. A DNS server might have many queries outstanding at one time. Even multiple queries to the same server; therefore, this Query ID helps match the answers with the awaiting questions. This is also sometimes called the Transaction ID (TXID). This project forges the field to deliver an encrypted byte because it is easily forged using ordinary socket API on mobile platforms and almost impossible to detect the forgery.
o Query ID is only related a client host and a DNS server; therefore, an IDS doesn’t have any method to detect if it is forged or not.
Figure 22 DNS query packet and Payload Structure
38
Question Record Count – 16 bits o Question Record Count is filled by the client host in the next section with a single
"question" record that specifies what it's looking for: it includes the name (www.bcit.ca), the type (A, NS, MX, etc.), and the class (virtually always IN=Internet). The server repeats the question in the response packet, so the question count is almost always 1. It is a major barrier to forge the field.
o Question Record Count forgery is easily detected by checking the value. It should be 1.
DNS Question/Answer – variable o DNS Question/Answer data is the field that holds the question/answer data referenced
by the count fields above. This field is the most vulnerable to be forged by the client and the DNS server host because the payloads are varied by the DNS query and the response answer.
o There is no way to detect if the field is forged or not because there is no fixed pattern to detect the forgery.
39
Test result
In order to test the mobile apps and the server, testing is conducted in two phases:
1. Module test is conducted in data encryption module, covert channel module and server
module.
1) Encryption module is tested on each platform
a. Encryption module on Android
b. Encryption module on Windows phone
c. Encryption module on iOS
2) The covert channel module is tested on each platform
3) Decryption server module is tested on Windows 8.
2. Integration test is conducted the developed apps with the server.
1) Integration test in Wi-Fi zone by the developer, myself, and a third party tester
2) Integration test in 3G/4G cellphone zone by the developer, myself, and a third party
tester
During the integration test, the testers conduct following steps:
1) Tester installs the developed encrypted covert channel app on each mobile device in
advance.
2) Tester works in a Wi-Fi-zone, 3G/4G and LTE zone that are distant from the
designated covert channel server.
3) Tester chooses the data file that is a normal plain text or binary/media contents (image,
sound, video) in the mobile device.
4) Tester touches the “send” button of the covert channel app.
5) The app irregularly or regularly sends the generated packets using the encryption module
to the designated covert channel server.
6) During the data transmission, an IDS and a packet capture application which is installed
in advance for the test, capture and analyze the packets.
7) The covert channel server receives the encrypted packets from the mobile devices and
extracts the encrypted data from the packets.
8) The server decrypts the extracted data and writes it to a local file.
9) The receiver opens the saved file.
40
Module Test
Encrypted Covert Channel – Android Client
Functions Tested Comments
Installing successful Download from Playstore
Encrypting successful
File selecting successful
Packet sending on Covert Channel successful
Job canceling successful Response time 2.5 seconds
Encrypted Covert Channel – Windows Phone Client
Functions Tested Comments
Installing successful Download from Windows store
Encrypting successful
File selecting successful
Packet sending on Covert Channel successful
Job canceling successful Response time1.5 seconds
Encrypted Covert Channel – Target Server on Windows Platform
Functions Tested Comments
Installing successful
Decrypting successful
File saving successful
Server Starting successful
Server Stopping successful
Integration Test
WiFi – Zone Test
Functions Tested Comments
Encryption successful
File selecting successful
Packet sending on Covert Channel successful
Job canceling successful Response time 2.5 seconds
Decryption successful
File saving successful
Server Starting successful
Server Stopping successful
41
3G, 4G and LTE Zone Test
Functions Tested Comments
Encryption successful
File selecting successful
Packet sending on Covert Channel successful
Job canceling successful Response time 2.5 seconds
Decryption successful
File saving successful
Server Starting successful
Server Stopping successful
Packets captured
Figure 23 Captured DNS packets
The above picture shows the DNS packet transmission between the target server (IP address:
142.232.129.48) and the mobile device (IP address: 142.232.129.137). The target server forwards
the DNS queries from the mobile device to the top-level DNS server of Google (IP Address:
8.8.4.4).
42
Figure 24 Encrypted covert Channel Packet Transmission
Each set of the transmission consists of four packets:
①. Sending a DNS question query from the mobile device to the target server
②. Forwarding a DNS question query from the target server to the Google DNS server
③. Responding a DNS answer for the query from Google DNS server to the target server
④. Forwarding a DNS answer from the target server to the mobile device
In any case, the packets look ordinary DNS question query and answer packets; therefore, the
internal firewall between the mobile device and the target server lets the packets pass through.
43
Conclusion
As described earlier, Encrypted Covert Channel is the most secure method to transmit critical
data using ordinary packets. This project has implemented encrypted covert channels on mobile
devices using secrete data camouflage in UDP packets. Through the implementation of the
software on mobile devices and the server, this project conducted a comparative study of the
packet networking and cryptographic software developing environment of each mobile platform
and the development frameworks for UDP packet communication. Furthermore, the mobile
apps and the server programming techniques have been applied to each packet level mobile
framework. Consequently, this project adopts packet level software development skills which
have been taught through the CST BTech program.
Last but not least, this project recommends further actions or skills with the encrypted covert
channel attack and countermeasures against it.
For Ethical attacker or Network security software developer
To make a perfect encrypted covert channel, ethical attackers or network security software
developers can transmit the packets during the peak time of an intranet or LAN adding a
module which checks packet I/O amount. Hiding the covert packets among ordinary packets is
a good strategy that make the suspicious packets harder to detect.
Sniffing and sending a password after installing the module into a target device is another useful
way to use encrypted covert channel because a firewall would not block port 53 being used for
DNS. It could be a perfect crime.
For Defender or Network security administrator
To prevent an attack using an encrypted covert channel and to prevent critical data leaks,
network security administrators as defenders should operate a local delegation DNS server
between intranet clients and higher-level DNS server in the LAN, which means only a local
delegation DNS server could go through port 53(DNS request port). Eventually, all other client
hosts in an Intranet should query the local delegation DNS server to obtain IP addresses of
domain names. However, if attacker’s mobile devices connect to a 3G or 4G wireless
connection, the local delegation DNS server may be useless because the local delegation DNS
server influences the hosts which are accessing the DNS server in the LAN.
44
References
Sean Petterson (2013) “Mobile Encryption Market to Hit $230 Million This Year”,
WebProNews. Retrieved from
http://www.webpronews.com/mobile-encryption-market-to-hit-230-million-this-year-
2013-10
Vanessa Pegueros (2011) “Security of Mobile Banking and Payments,” SANS Institute.
Jim Tanous (2012) “iSuppli Predicts Windows Phone’s Edge Over iOS by 2015”, the
MacObserver.com
45
Pro
ject P
rocess a
nd
Sch
ed
ule
Gan
tt Ch
art
Appendices
46
Screen Capture – Server Module
Screen Capture – Android version
47
Screen Capture – Windows Phone version
Screen Capture – iPhone version