UYR Second level Third level Under Your Radar Fourth level Fifth - - PowerPoint PPT Presentation

uyr
SMART_READER_LITE
LIVE PREVIEW

UYR Second level Third level Under Your Radar Fourth level Fifth - - PowerPoint PPT Presentation

Jun 30, 2023 27 likes •279 views

Click to edit Master title style Click to edit Master text styles UYR Second level Third level Under Your Radar Fourth level Fifth level Covert Channel & Exfiltration Ali Hadi / Mariam Khader Princess Sumaya

slide-1
SLIDE 1
  • Click to edit Master text styles

— Second level

  • Third level

— Fourth level » Fifth level

Click to edit Master title style

Ali Hadi / Mariam Khader

Princess Sumaya University for Technology (PSUT) Amman/Jordan

“UYR” Under Your Radar

Covert Channel & Exfiltration

slide-2
SLIDE 2
  • Click to edit Master text styles

— Second level

  • Third level

— Fourth level » Fifth level

Click to edit Master title style

Outline

  • Intro
  • What
  • Usage
  • Idea
  • How it Works
  • Why Under Radar
  • Action 
slide-3
SLIDE 3
  • Click to edit Master text styles

— Second level

  • Third level

— Fourth level » Fifth level

Click to edit Master title style Quick Intro.

  • Steganography

– Hiding the existence of the data

  • Covert Channel

– Unseen “secret” communication

  • Exfiltration (aka Exfil)

– Illegal retrieval of data from a compromised computer

slide-4
SLIDE 4
  • Click to edit Master text styles

— Second level

  • Third level

— Fourth level » Fifth level

Click to edit Master title style

Why Social Networks & Multimedia?

slide-5
SLIDE 5
  • Click to edit Master text styles

— Second level

  • Third level

— Fourth level » Fifth level

Click to edit Master title style

slide-6
SLIDE 6
  • Click to edit Master text styles

— Second level

  • Third level

— Fourth level » Fifth level

Click to edit Master title style

slide-7
SLIDE 7
  • Click to edit Master text styles

— Second level

  • Third level

— Fourth level » Fifth level

Click to edit Master title style

slide-8
SLIDE 8
  • Click to edit Master text styles

— Second level

  • Third level

— Fourth level » Fifth level

Click to edit Master title style

slide-9
SLIDE 9
  • Click to edit Master text styles

— Second level

  • Third level

— Fourth level » Fifth level

Click to edit Master title style

slide-10
SLIDE 10
  • Click to edit Master text styles

— Second level

  • Third level

— Fourth level » Fifth level

Click to edit Master title style

Hackers Exfiltrating Data with Video Steganography via Cloud Video Services [1]

KEN WESTIN @TripeWire

slide-11
SLIDE 11
  • Click to edit Master text styles

— Second level

  • Third level

— Fourth level » Fifth level

Click to edit Master title style

What: UYR?

  • New application layer covert channel and

exfil system

  • Applies multimedia stego techniques
  • Hard for Radars to detect what’s being sent
slide-12
SLIDE 12
  • Click to edit Master text styles

— Second level

  • Third level

— Fourth level » Fifth level

Click to edit Master title style

Usages?

  • Covert Communications
  • Exfiltrating Data
slide-13
SLIDE 13
  • Click to edit Master text styles

— Second level

  • Third level

— Fourth level » Fifth level

Click to edit Master title style

Idea?

  • No real data is transmitted!
  • Only data transmitted is a bunch of

numbers (key)!

slide-14
SLIDE 14
  • Click to edit Master text styles

— Second level

  • Third level

— Fourth level » Fifth level

Click to edit Master title style

How it works?

slide-15
SLIDE 15
  • Click to edit Master text styles

— Second level

  • Third level

— Fourth level » Fifth level

Click to edit Master title style

Protocol Agreements

  • Social Media Used
  • Video Used
slide-16
SLIDE 16
  • Click to edit Master text styles

— Second level

  • Third level

— Fourth level » Fifth level

Click to edit Master title style

slide-17
SLIDE 17
  • Click to edit Master text styles

— Second level

  • Third level

— Fourth level » Fifth level

Click to edit Master title style

slide-18
SLIDE 18
  • Click to edit Master text styles

— Second level

  • Third level

— Fourth level » Fifth level

Click to edit Master title style

slide-19
SLIDE 19
  • Click to edit Master text styles

— Second level

  • Third level

— Fourth level » Fifth level

Click to edit Master title style

slide-20
SLIDE 20
  • Click to edit Master text styles

— Second level

  • Third level

— Fourth level » Fifth level

Click to edit Master title style

slide-21
SLIDE 21
  • Click to edit Master text styles

— Second level

  • Third level

— Fourth level » Fifth level

Click to edit Master title style

Extract Hidden Message/Data

slide-22
SLIDE 22
  • Click to edit Master text styles

— Second level

  • Third level

— Fourth level » Fifth level

Click to edit Master title style

Why Hard to Detect?

Evade current detection techniques

  • UYR has no signature
  • No pattern or anomaly
  • No proof to correlate between the

video + image used

slide-23
SLIDE 23
  • Click to edit Master text styles

— Second level

  • Third level

— Fourth level » Fifth level

Click to edit Master title style

slide-24
SLIDE 24
  • Click to edit Master text styles

— Second level

  • Third level

— Fourth level » Fifth level

Click to edit Master title style

References

[1] http://tripwire.com/state-of-security/incident-detection/hackers- exfiltrating-data-with-video-steganography-via-cloud-video- services/ [2] Youtube, Cisco, and Google Stats, http://jlbmedia.com/online- video-impact-2014 [3] https://www.youtube.com/watch?v=QfVVfB_UHeA [4] Twitter Stats, http://www.statisticbrain.com/twitter-statistics/ [5] UYR, https://github.com/Mariam118/UYR Ali Hadi @binaryz0ne Mariam Khader @MariamKhader118

slide-25
SLIDE 25
  • Click to edit Master text styles

— Second level

  • Third level

— Fourth level » Fifth level

Click to edit Master title style

Special Thanks

Princess Sumaya University for Technology (PSUT), our families, friends, security4arabs, and all those who supported us!