Covert Channel Detection Using Process Query Systems (White Paper)
September 2005 • White Paper
Vincent Berk (Dartmouth College)
In this FloCon 2005 presentation, the author uses traffic analysis to investigate a stealthy form of data exfiltration.
Abstract
<p>In this paper, presented at FloCon 2005, the author uses traffic analysis to investigate a
stealthy form of data exfiltration. The author presents an approach
to detect covert channels based on a Process
Query System (PQS), a new type of information retrieval
technology in which queries are expressed as process descriptions.