With PQDT Open, you can read the full text of open access dissertations and theses free of charge.
About PQDT Open
Search
Unauthorized data removal and modification from information systems represents a major and formidable threat in modern computing. Security researchers are engaged in a constant and escalating battle with the writers of malware and other methods of network intrusion to detect and mitigate this threat. Advanced malware behaviors include encryption of communications between the server and infected client machines as well as various strategies for resilience and obfuscation of infrastructure. These techniques evolve to use any and all available mechanisms. As the Internet has grown, DNS has been expanded and has been given security updates. This study analyzed the potential uses of DNSSEC as a covert channel by malware writers and operators. The study found that changing information regarding the Start of Authority (SOA) and resigning the zone can create a covert channel. The study provided a proof of concept for this previously undocumented covert channel that uses DNSSEC.
Advisor: | Yang, Baijan |
Commitee: | Rogers, Marcus K., Xu, Dongyan |
School: | Purdue University |
Department: | Computer and Information Technology |
School Location: | United States -- Indiana |
Source: | MAI 56/01M(E), Masters Abstracts International |
Source Type: | DISSERTATION |
Subjects: | Information Technology, Computer science |
Keywords: | Covert channel, DNSSEC, Data breach |
Publication Number: | 10181541 |
ISBN: | 978-1-369-30126-7 |