Publications in Scientific Journals:
T. Zseby, F. Iglesias Vazquez, V. Bernhardt, D. Frkat, R. Annessi:
"A Network Steganography Lab on Detecting TCP/IP Covert Channels";
IEEE Transactions on Education,
This paper presents a network security laboratory
to teach data analysis for detecting TCP/IP covert channels.
The laboratory is mainly designed for students of electrical
engineering but is open to students of other technical disciplines
with similar background. Covert channels provide a method
for leaking data from protected systems, which is a major
concern for big enterprises and governments. The inclusion of
covert channels in the curricula of network security students
and network data analysts is therefore considered a valuable
extension. In the lab exercises presented, students learn how
covert channels in TCP/IP network traffic can be hidden and
detected. Since the detection of covert channels requires an in-
depth understanding of protocol standards and typical behavior
of TCP/IP flows, the lab also provides a "playground" in which
students can deepen their communication networks knowledge.
Students learn how to use and interpret statistical analysis to
discover abnormal patterns and footprints in network data. They
are also trained to deal with noisy scenarios which increase
ambiguity and uncertainty. The laboratory was first implemented
during the winter semester 2014 with a class of 18 students at TU
Wien, Austria. This experience showed that students consolidated
the targeted skills as well as increased their interest in the topics
explored. All exercises and datasets for the introduced "Network
Security Advanced" lab are made publicly available.
Communication system security;data analysis;engineering education;steganography;covert channels
"Official" electronic version of the publication (accessed through its Digital Object Identifier - DOI)
Created from the Publication Database of the Vienna University of Technology.