Towards a Unified Model for the Analysis of Timing-based Covert Channels

Keywords:

Abstract:

Covert channels are a network security risk growing both in sophistication and utilization, and thus posing an increasing threat. They leverage benign and overt network activities, such as the modulation of packet inter-arrival time, to covertly transmit information without detection by current network security approaches such as firewalls. This makes them a grave security concern. Thus, researching methods for detecting and disrupting such covert communication is of utmost importance. Understanding and developing analytical models is an essential requirement of covert channel analysis. Unfortunately, due to the enormous range of covert channel algorithms available it becomes very inefficient to analyze them on a case-by-case basis. Hence, a unified model that can represent a wide variety of covert channels is required, but is not yet available. In other publications, individual models to analyze the capacity of interrupt-related covert channels have been discussed. In our work, we present a unique model to unify these approaches. This model has been analyzed and we have presented the results and verification of our approach using MATLAB simulations.