Abstract
Various effective network covert channels have recently demonstrated the feasibility of encoding messages into the timing or content of individual network objects, such as data packets and request messages. However, we show in this paper that more robust and stealthy network covert channels can be devised by exploiting the relationship of the network objects. In particular, we propose a combinatorial approach for devising a wide spectrum of covert channels which can meet different objectives based on the channel capacity and channel undetectability. To illustrate the approach, we design WebLeaks and ACKLeaks, two novel covert channels which can leak information through the data and acknowledgment traffic in a web session. We implement both channels and deploy them on the PlanetLab nodes for evaluation. Besides the channel capacity, we apply the state-of-the-art detection schemes to evaluate their camouflage capability. The experiment results show that their capacity can be boosted up by our combinatorial approach, and at the same time they can effectively evade the detection.
| Original language | English |
|---|---|
| Title of host publication | 2011 IEEE/IFIP 41st International Conference on Dependable Systems and Networks, DSN 2011 |
| Pages | 474-485 |
| Number of pages | 12 |
| DOIs | |
| Publication status | Published - 26 Aug 2011 |
| Event | 2011 IEEE/IFIP 41st International Conference on Dependable Systems and Networks, DSN 2011 - Hong Kong, Hong Kong Duration: 27 Jun 2011 → 30 Jun 2011 |
Conference
| Conference | 2011 IEEE/IFIP 41st International Conference on Dependable Systems and Networks, DSN 2011 |
|---|---|
| Country/Territory | Hong Kong |
| City | Hong Kong |
| Period | 27/06/11 → 30/06/11 |
ASJC Scopus subject areas
- Software
- Hardware and Architecture
- Computer Networks and Communications