You are here

HTML5ZEROCONFIGURATIONCOVERT CHANNELS:SECURITYRISKSANDCHALLENGES

Authors: 

Jason Farina, Mark Scanlon, Stephen Kohlmann, Tahar Kechadi

Publication Type: 
Refereed Conference Meeting Proceeding
Abstract: 
n recent months there has b een an increase in the p opularity and public awareness of secure, cloudless le transfer systems. The aim of these services is to facilitate the secure transfer of les in a p eer-to- p eer (P2P) fashion over the Internet without the need for centralized authentication or storage. These services can take the form of client installed applications or entirely web browser based interfaces. Due to their P2P nature, there is generally no limit to the le sizes involved or to the volume of data transmitted  and where these limitations do exist they will b e purely reliant on the capacities of the systems at either end of the transfer. By default, many of these services provide seamless, end-to-end encryption to their users. The cyb ersecurity and cyb erforensic consequences of the p otential criminal use of such services are signicant. The ability to easily transfer encrypted data over the Internet op ens up a range of opp ortunities for illegal use to cyb ercriminals requiring minimal technical know- how. This pap er explores a numb er of these services and provides an analysis of the risks they p ose to corp orate and governmental security. A numb er of metho ds for the forensic investigation of such transfers are discussed
Conference Name: 
The 10th ADFSL Conference on Digital Forensics, Security and Law (CDFSL 2015)
Digital Object Identifer (DOI): 
10.NA
Publication Date: 
19/05/2015
Conference Location: 
United States of America
Institution: 
National University of Ireland, Dublin (UCD)
Open access repository: 
No