Ira S. Moskowitz scite author profile

Communication from a low-to a high-level system without acknowledgements will be unreliable; with acknowledgements, it can be insecure. We propose to provide quantifiable security, acceptable reliability, and minimal performance penalties by interposing a device (called the Pump) to push messages to the high system and provide a controlled stream of acknowledgements to the low system. This paper describes how the Pump supports the transmission of messages upward and limits the capacity of the covert timing channel in the acknowledgement stream without affecting the average acknowledgement delay seen by the low system or the message delivery delay seen by the high system in the absence of actual Trojan horses. By adding random delays to the acknowledgment stream, we show how to further reduce the covert channel capacity even in the presence of cooperating Trojan horses in both the high and low systems. We also discuss engineering tradeotis relevant to practical use of the Pump.

show abstract

Covert channels-here to stay?

Moskowitz

Kang

View full text Add to dashboard Cite

A network pump

Kang

Moskowitz

Lee

1996

IIEEE Trans. Software Eng.

View full text Add to dashboard Cite

A designer of reliable multi-level secure (MLS) networks must consider covert channels and denial of service attacks in addition to traditional network Performance measures such as throughput, fairness, and reliability. In this paper we show how to extend the NRL data Pump to a certain MLS network architecture in order to balance the requirements of congestion control, fairness, good performance, and reliability against those of minimal threats from covert channels and denial of service attacks. We back up our claims with simulation results.

show abstract

Quasi-Anonymous Channels

Moskowitz¹,

Newman²,

Syverson³

2003

View full text Add to dashboard Cite

Although both anonymity and covert channels are part of the larger topic of information hiding, there also exists an intrinsic linkage between anonymity and covert channels. This linkage was illustrated in [1]; however, [1] just scratched the surface of the interplay between covert channels and anonymity, without a formal analysis of the related issues. This paper begins the process of formalizing the linkage between anonymity and covert channels via the study of quasi-anonymous channels. We also discuss and contrast some of the existing formal mathematical models of anonymity.

show abstract

Covert channels and anonymizing networks

Moskowitz

Newman

Crepeau

et al. 2003

View full text Add to dashboard Cite

There have long been threads of investigation into covert channels, and threads of investigation into anonymity, but these two closely related areas of information hiding have not been directly associated. This paper represents an initial inquiry into the relationship between covert channel capacity and anonymity, and poses more questions than it answers. Even this preliminary work has proven difficult, but in this investigation lies the hope of a deeper understanding of the nature of both areas. MIXes have been used for anonymity, where the concern is shielding the identity of the sender or the receiver of a message, or both. In contrast to traffic analysis prevention methods which conceal larger traffic patterns, we are concerned with how much information a sender to a MIX can leak to an eavesdropping outsider, despite the concealment efforts of MIXes acting as firewalls.

show abstract

Simple timing channels

Moskowitz

Miller

View full text Add to dashboard Cite

Algebraic information theory for binary channels

Martin

Moskowitz

Allwein

2010

Theoretical Computer Science

View full text Add to dashboard Cite

a b s t r a c tWe study the algebraic structure of the monoid of binary channels and show that it is dually isomorphic to the interval domain over the unit interval with the operation from Martin (2006) [4]. We show that the capacity of a binary channel is Scott continuous as a map on the interval domain and that its restriction to any maximally commutative submonoid of binary channels is an order isomorphism onto the unit interval. These results allows us to solve an important open problem in the analysis of covert channels: a provably correct method for injecting noise into a covert channel which will reduce its capacity to any level desired in such a way that the practitioner is free to insert the noise at any point in the system.Published by Elsevier B.V.

show abstract

Parsimonious downgrading and decision trees applied to the inference problem

Chang

Moskowitz

1998

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

334 Leonard St

Brooklyn, NY 11211

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Ira S. Moskowitz

A pump for rapid, reliable, secure communication

Covert channels-here to stay?

A network pump

Quasi-Anonymous Channels

Covert channels and anonymizing networks

Simple timing channels

Algebraic information theory for binary channels

Parsimonious downgrading and decision trees applied to the inference problem

Contact Info

Product

Resources

About