Under the background that the network information security problem is serious increasingly,the communication mechanism of the network covert channel is studied. A method for establishing a network covert channel on the basis of multiple protocols is proposed,in which the communicating parties makes a key agreement according to ICMP protocol,and the covert in-formation is encrypted with the agreed key. The encrypted information is written into the 32 bit serial number field of the TCP protocol. The encrypted session key is written into the 16 bit serial number field of the IP protocol. The method was implemented and tested on the Linux platform. The experimental results show this covert channel has high concealment property and high transmission speed,and is feasible. It provides theoretical basis and technical support for the prevention of malicious attacks.%在网络信息安全问题日益突出的背景下,研究了网络隐蔽信道的通信机制.提出一种基于多重协议建立网络隐蔽信道的方法:通信双方通过ICMP协议进行密钥协商,用协商密钥加密传输的隐蔽信息,加密后的信息写入TCP协议的32位序列号字段,加密后的会话密钥写入IP协议的16位标识位字段.该方法在Linux平台下实现并检验.实验结果表明,此隐蔽信道隐蔽性高、传输速度快、切实可行,为防范隐蔽信道的恶意攻击提供了理论依据和技术支持.
展开▼
