Paper Info
Title
Exploiting Content Delivery Networks for covert channel communications.
Abstract
We proposed a CDN-based covert channel communication attack.We performed experiments on a commercial CDN to show that such an attack is possible.We discussed possible countermeasures against such an attack. Content Delivery Networks (CDNs) became an important infrastructure in today's Internet architecture. More and more content providers use CDNs to improve their service quality and reliability. However, providing better quality of service (QoS) by using CDNs could also be abused by attackers to commit network crimes. In this paper, we show that CDNs can be used as a covert communication channel to circumvent network censorships. Specifically, we propose the CDN covert channel attack, where accessing contents through different CDN nodes can form a unique pattern, which can be used in encoding secret messages. We implemented a proof-of-concept covert channel based on our proposed attack on CloudFront, a commercial CDN service provided by Amazon Web Service. We showed that our constructed covert channel can transmit messages with various lengths with an average transmission efficiency as 2.29 bits per request (i.e., each penetration request transmits 2.29 bits of secret message on average). After presenting the CDN covert channel attack, we also discuss possible countermeasures.
Year
DOI
Venue
2017
10.1016/j.comcom.2016.07.011
Computer Communications
Keywords
Field
DocType
Content Delivery Networks,Covert channel,Information hiding
Content delivery,Service quality,Computer security,Computer science,Commit,Information hiding,Covert channel,Quality of service,Computer network,Communication channel,Encoding (memory)
Journal
Volume
Issue
ISSN
99
C
0140-3664
Citations 
PageRank 
References 
1
0.36
9
Authors
7
Name
Order
Citations
PageRank
yongzhi wang1165.79
Yulong Shen223550.62
Xiaopeng Jiao3389.90
Tao Zhang441.75
Xu Si510.36
Ahmed Salem610.70
Jia Liu77221.41