Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/cdpxe/NELphase
Network Environment Learning (NEL) Phase for Covert Channels (with a Feedback Channel)
https://github.com/cdpxe/NELphase
covert-channel firewall firewalls information-hiding network-security network-steganography performance-analysis research research-paper research-project research-tool scientific-publications security-tools steganography
Last synced: 21 days ago
JSON representation
Network Environment Learning (NEL) Phase for Covert Channels (with a Feedback Channel)
- Host: GitHub
- URL: https://github.com/cdpxe/NELphase
- Owner: cdpxe
- License: gpl-3.0
- Created: 2017-05-04T08:51:13.000Z (over 7 years ago)
- Default Branch: master
- Last Pushed: 2024-10-29T18:40:52.000Z (about 1 month ago)
- Last Synced: 2024-11-18T16:57:11.770Z (24 days ago)
- Topics: covert-channel, firewall, firewalls, information-hiding, network-security, network-steganography, performance-analysis, research, research-paper, research-project, research-tool, scientific-publications, security-tools, steganography
- Language: C
- Homepage: http://ih-patterns.blogspot.de/p/nel-tool.html
- Size: 95.7 KB
- Stars: 3
- Watchers: 3
- Forks: 1
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- License: LICENSE
- Citation: CITATION.cff
Awesome Lists containing this project
- awesome-hacking-lists - cdpxe/NELphase - Network Environment Learning (NEL) Phase for Covert Channels (with a Feedback Channel) (C)
README
# Network Environment Learning (NEL) Phase for Covert Channels (incl. a Feedback Channel and Warden Simulator).
In *Network Steganography* research, a covert channel is a stealthy communication channel. Some covert channels are capable of performing a so-called [**Network Environment Learning** phase](https://www.researchgate.net/publication/229091999_The_Problem_of_Traffic_Normalization_Within_a_Covert_Channel%27s_Network_Environment_Learning_Phase?ev=srch_pub&_sg=yiWm%2Fl1DEUeQDayeMTW0oEMG5Uyxo4zfcmAAOkr6NkJtTx6g7xucnaWMAIFkzvlq_n6tx%2Fpj8MwJkZ%2FDhSCYZtVcY3G8XFjtuD0wGGY97liDms58KUp77JmWf%2F2uLjaFg_9rtZQe80mfDWVt%2BOxdHhJvIgvvSP8%2FJUpvi9Tx32b%2BASAG60z5JBglEJw%2Fx0RbUK) (or: **NEL** phase). Such covert channels can determine how data can be covertly exchanged in a way that countermeasures (firewalls, traffic normalizers, active wardens) can be bypassed.
For instance, a typical covert channel technique is to embed secret data in reserved or unused bits of protocol headers. A typical firewall filter could simply clear the bit to prevent such a covert channel. During the NEL phase, communicating covert channel peers can determine such a filter rule and switch to alternative covert channels.
Although the NEL phase was originally discussed in academia about ten years ago, *no implementation was made available by other researchers*. With *NEL*, **we provide the first public implementation of a NEL phase** on the basis of *scapy* and *libpcap*. In addition, NEL can simulate the influence of regular (static), dynamic and adaptive wardens on the NEL phase. NEL is written in C and runs best under Linux.
**Requirements:**
- Scapy must be installed
- gcc and make
- pcap library, incl. libpcap-dev, must be installed
- pthreads library**Documentation:** Please have a look at the *[documentation](https://github.com/cdpxe/NELphase/blob/master/documentation/README.md)*.
**My open online class on Network Covert Channels:** available [here](https://github.com/cdpxe/Network-Covert-Channels-A-University-level-Course).
**Other Covert Channel Tools:** See my repository on [network covert channel tools](https://github.com/cdpxe/NetworkCovertChannels).
**Feedback:** Please send requests and feedback to the author ([Steffen Wendzel](https://www.wendzel.de)).