New viewpoints of covert channels are presented in this work. First, the origin of covert channels is traced back to access control and a new class of covert channel, air-gap covert channels, is presented. Second, we study the design of covert channels and provide novel insights that differentiate the research area of undetectable communication from that of covert channels. Third, we argue that secure systems can be characterized as fixed-source systems or continuoussource systems, i.e., systems whose security is compromised if their design allows a covert channel to communicate a small, fixed amount of information or communicate information at a sufficiently high, continuous rate, respectively. Consequently, we challenge the traditional method for measuring covert channels, which is based on Shannon capacity, and propose that a new measure, steganographic capacity, be used to accurately assess the risk posed by covert channels, particularly those affecting fixed-source systems. Additionally, our comprehensive review of covert channels has led us to the conclusion that important properties of covert channels have not been captured in previous taxonomies. We, therefore, present novel extensions to existing taxonomies to more accurately characterize covert channels.
A novel class of covert channel, out-of-band covert channels, is presented by extending Simmons' prisoners' problem. This new class of covert channel is established by surveying the existing covert channel, device pairing and side channel research. Terminology as well as a taxonomy for out-of-band covert channels is also given. Additionally, a more comprehensive adversarial model based on a knowledgeable passive adversary and a capable active adversary is proposed in place of the current adversarial model, which relies on an oblivious passive adversary. Lastly, general protection mechanisms are presented and an argument for a general measure of "covertness" to effectively compare covert channels is given.
A methodology for characterizing and measuring out-of-band covert channels (OOB-CCs) is proposed and used to evaluate covert-acoustic channels (i.e., covert channels established using speakers and microphones). OOB-CCs are lowprobability of detection/low-probability of interception channels established using commodity devices that are not traditionally used for communication (e.g., speaker and microphone, display and FM radio, etc.). To date, OOB-CCs have been declared "covert" if the signals used to establish these channels could not be perceived by a human adversary. This work examines OOB-CCs from the perspective of a passive adversary and argues that a different methodology is required in order to effectively assess OOB-CCs.Traditional communication systems are measured by their capacity and bit error rate; while important parameters, they do not capture the key measures of OOB-CCs: namely, the probability of an adversary detecting the channel and the amount of data that two covertly communicating parties can exchange without being detected. As a result, the adoption of the measure steganographic capacity is proposed and used to measure the amount of data (in bits) that can be transferred through an OOB-CC before a passive adversary's probability of detecting the channel reaches a given threshold. The theoretical steganographic capacity for discrete memoryless channels as well as additive white Gaussian noise channels is calculated in this paper and a case study is performed to measure the steganographic capacity of OOB covert-acoustic channels, when a passive adversary uses an energy detector to detect the covert communication. The case study reveals the conditions under which the covertly communicating parties can achieve perfect steganography (i.e., conditions under which data can be communicated without risk of detection).
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.