A combinatorial approach to network covert communications with applications in Web Leaks

Xiapu Luo, Peng Zhou, Edmond W.W. Chan, Kow Chuen Chang, Wenke Lee

Research output: Chapter in book / Conference proceedingConference article published in proceeding or bookAcademic researchpeer-review

15 Citations (Scopus)

Abstract

Various effective network covert channels have recently demonstrated the feasibility of encoding messages into the timing or content of individual network objects, such as data packets and request messages. However, we show in this paper that more robust and stealthy network covert channels can be devised by exploiting the relationship of the network objects. In particular, we propose a combinatorial approach for devising a wide spectrum of covert channels which can meet different objectives based on the channel capacity and channel undetectability. To illustrate the approach, we design WebLeaks and ACKLeaks, two novel covert channels which can leak information through the data and acknowledgment traffic in a web session. We implement both channels and deploy them on the PlanetLab nodes for evaluation. Besides the channel capacity, we apply the state-of-the-art detection schemes to evaluate their camouflage capability. The experiment results show that their capacity can be boosted up by our combinatorial approach, and at the same time they can effectively evade the detection.
Original languageEnglish
Title of host publication2011 IEEE/IFIP 41st International Conference on Dependable Systems and Networks, DSN 2011
Pages474-485
Number of pages12
DOIs
Publication statusPublished - 26 Aug 2011
Event2011 IEEE/IFIP 41st International Conference on Dependable Systems and Networks, DSN 2011 - Hong Kong, Hong Kong
Duration: 27 Jun 201130 Jun 2011

Conference

Conference2011 IEEE/IFIP 41st International Conference on Dependable Systems and Networks, DSN 2011
Country/TerritoryHong Kong
CityHong Kong
Period27/06/1130/06/11

ASJC Scopus subject areas

  • Software
  • Hardware and Architecture
  • Computer Networks and Communications

Cite this