NIST 800-53 SC-31 Mappings

Developers are in the best position to identify potential areas within systems that might lead to covert channels. Covert channel analysis is a meaningful activity when there is the potential for unauthorized information flows across security domains, such as in the case of systems that contain export-controlled information and have connections to external networks (i.e., networks that are not controlled by organizations). Covert channel analysis is also useful for multilevel secure systems, multiple security level systems, and cross-domain systems.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
SC-31 Covert Channel Analysis Protects T1041 Exfiltration Over C2 Channel
SC-31 Covert Channel Analysis Protects T1048 Exfiltration Over Alternative Protocol
SC-31 Covert Channel Analysis Protects T1048.002 Exfiltration Over Asymmetric Encrypted Non-C2 Protocol
SC-31 Covert Channel Analysis Protects T1048.003 Exfiltration Over Unencrypted/Obfuscated Non-C2 Protocol
SC-31 Covert Channel Analysis Protects T1071 Application Layer Protocol
SC-31 Covert Channel Analysis Protects T1071.001 Web Protocols
SC-31 Covert Channel Analysis Protects T1071.002 File Transfer Protocols
SC-31 Covert Channel Analysis Protects T1071.003 Mail Protocols
SC-31 Covert Channel Analysis Protects T1071.004 DNS
SC-31 Covert Channel Analysis Protects T1567 Exfiltration Over Web Service