SoftwareX (Jan 2022)
IPv6CC: IPv6 covert channels for testing networks against stegomalware and data exfiltration
Abstract
IPv6CC is a suite of network covert channels targeting the IPv6 protocol. Its main scope is supporting penetration test campaigns to evaluate the security of a system against emerging information-hiding-capable attacks or steganographic malware. This paper presents the techniques used to inject data within IPv6 packets, the reference use case and the software architecture of the suite. It also showcases a performance evaluation of the different covert channels offered by IPv6CC, as well as an analysis of their ability to bypass some de-facto standard security tools.