Creator:
Date:
Abstract:
Covert channnels are a class of techniques for hiding the presence of communication between parties. In the context of cybersecurity, covert channels can be used by attackers to evade detection and to exfiltrate sensitive data. In so doing, they create a need for effective detection techniques for the use of covert channels. In this thesis, we present the conception, design and implementation of a system for detecting covert messages stored in the headers of network protocols in real time. We start by identifying statistical tests that can distinguish network traffic containing certain types of covert channels with high accuracy. We then leverage that information to build a system that analyses network traffic by tapping ethernet cables in order to detect the use of covert channels with very low latency.