Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: Stego in TCP retransmissions SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Stego in TCP retransmissions

I just started reading an interesting new paper out of the Warsaw University of Technology entitled Hiding Information in Retransmission.  This got me to thinking, even those of us who have extensive monitoring of our network rarely will have the capability to compare retransmitted packets to the original to detect this.  A really interesting idea.  The abstract can be found here and the paper itself here.

I will be teaching next: Reverse-Engineering Malware: Malware Analysis Tools and Techniques - SANS San Antonio 2020

Jim

409 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!