Evaluating the Possibility to Perpetrate
Tunneling Attacks Exploiting Short-Message-Service Institute of Electronics, Information Engineering and
Telecommunications, National Research Council of Italy (CNR-IEIIT), Via De Marini 6,
16149, Genoa, Italy
Abstract In the cyber-security context, tunneling systems are
exploited to bypass network restrictions to communicate outside of the
targeted perimeter, without being detected. Such attacks represent a serious
threat for the victim network, as they exploit legitimate protocols,
encapsulating malicious payloads. In this paper, we design a tunneling
architecture based on Short-Message-Service (SMS) and evaluate the possibility
to adopt such communication medium for tunneling purposes. In order to
evaluate the feasibility to set up an efficient SMS tunneling system, we
perform some simulations, by varying both the payload size (from 10 Bytes to
1 MegaByte) and the SMS sending rate (up to 60 SMSs per minute). Results
allow us to model the performance of a tunneling system, in terms of sending
time. We derive indeed the underlying reference model through a mathematical
analysis on the collected data. Results show that overall performance
increases for an SMS sending rate greater or equal to 10 SMSs per minute,
regardless of the message size. Keywords: cyber-security, covert channel, data
exfiltration, cyber-attacks, SMS +: Corresponding author: Sara Narteni
Journal of Internet Services and Information Security (JISIS), 11(3): 30-46, August 2021 |
Received:
June 1, 2021; Accepted: July 26, 2021; Published: August 31, 2021
DOI: 10.22667/JISIS.2021.08.31.030 [pdf]