Segurança Em Redes De Comunicações

Aggregation and Exfiltration Phase

Data is transferred from machine to machine.

Internally [Aggregation] it can be done using existing channels.

Externally [Exfiltration].

  • It can be done directly using existing channels.

    • File copy, email, file sharing, etc ...

    • Can be detected.

  • It can be done by hiding information within existing/allowed channels and licit communications.

    • Slower data transfer, harder (impossible ?) to detect.

    • Examples:

      • Usage of steganography in photos (via social networking).

      • Usage of embedded data in text and voice messages.

      • ...

PreviousPropagation PhaseNextDefenses

Last updated