Skip to main content
USENIX
  • Conferences
  • Students
Sign in

connect with us


  •  Twitter
  •  Facebook
  •  LinkedIn
  •  Google+
  •  YouTube

twitter

Tweets by @usenix

usenix conference policies

  • Event Code of Conduct
  • Conference Network Policy
  • Statement on Environmental Responsibility Policy

You are here

Home ยป Keyboards and Covert Channels
Tweet

connect with us

Keyboards and Covert Channels

Abstract: 

This paper introduces JitterBugs, a class of inline interception mechanisms that covertly transmit data by perturbing the timing of input events likely to affect externally observable network traffic. JitterBugs positioned at input devices deep within the trusted environment (e.g., hidden in cables or connectors) can leak sensitive data without compromising the host or its software. In particular, we show a practical Keyboard JitterBug that solves the data exfiltration problem for keystroke loggers by leaking captured passwords through small variations in the precise times at which keyboard events are delivered to the host. Whenever an interactive communication application (such as SSH, Telnet, instant messaging, etc) is running, a receiver monitoring the host's network traffic can recover the leaked data, even when the session or link is encrypted. Our experiments suggest that simple Keyboard JitterBugs can be a practical technique for capturing and exfiltrating typed secrets under conventional OSes and interactive network applications, even when the receiver is many hops away on the Internet.

Gaurav Shah, University of Pennsylvania

Andres Molina, University of Pennsylvania

Open Access Media

USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.

BibTeX
@inproceedings {268903,
author = {Gaurav Shah and Andres Molina},
title = {Keyboards and Covert Channels},
booktitle = {15th USENIX Security Symposium (USENIX Security 06)},
year = {2006},
address = {Vancouver, B.C. Canada},
url = {https://www.usenix.org/conference/15th-usenix-security-symposium/keyboards-and-covert-channels},
publisher = {USENIX Association},
month = jul
}
Download

Presentation Video

Presentation Audio

MP3 Download OGG Download

Download Audio

Links

Paper: 
http://usenix.org/events/sec06/tech/shah/shah.pdf
Paper (HTML): 
http://usenix.org/events/sec06/tech/shah/shah_html/index.html
  • Log in or    Register to post comments

© USENIX

  • Privacy Policy
  • Contact Us