Covert channels exploit open overt communication as the carrier to transmit secret messages. The plethora of Internet traffic offers an ideal high bandwidth carrier for covert communication. A specific type of a covert channel is a covert timing channel (CTC) in which, when the Internet traffic is used as a medium, the sender encodes a message by manipulating the transmission time of packets produced by legitimate applications. The receiver observes the arrival times of the packets and using a shared code-book decodes the message. The focus of this research project is on such covert timing channels (CTCs). There are two main requirements in the design of CTCs. One is robustness and the other is security. The robustness requirement stems from the fact that the covert channel established between two hosts must be able to tolerate packet loss, delay, and jitter introduced by both the network and by an active adversary employing timing jammers. The security requirement originates from the goal that a passive adversary should neither be able to detect the CTC nor decode the covert message. Undetectibilty implies that the inter-packet delays of the covert traffic mimic, and ideally match, the inter-packet delay distribution of the overt traffic. The primary goal of this research is to build upon the current work, and design and implement robust and secure CTCs for overt traffic generated by real applications.
Rennie Archibald (UCDavis)
Dipak Ghosal (UC Davis)
Cherita Corbett (JHUIPL)
Tracy Liu (AT&T Labs)
- Yali Liu, Dipak Ghosal, Biswanath Mukherjee and
Ahmad-Reza Sadeghi. Video Streaming Forensic - Content Identification
with Traffic Snooping, 13th Information Security Conference (ISC 2010),
Boca-Raton, Florida, October 25-28, 2010.
- Y. Liu, F. Armknecht, D. Ghosal, S. Katzenbeisser, A. Sadeghi, S. Schulz, “Robust and Undetectable Covert Timing Channels for i.i.d. Traffic,” 12th Information Hiding Conferences (IH10), 2010.
- Yali Liu, Frederik Armknecht, Dipak Ghosal, Stefan
Katzenbeisser, Ahmad-Reza Sadeghi, Steffen Schulz, Hide and Seek in
Time - Robust Covert Timing Channels, 14th European Symposium on
Research in Computer Security Saint Malo, France | September 21-25,
- Y. Liu, K. Chiang, C. Corbett, R. Archibald, B.
Mukherjee, and D. Ghosal, A Novel Audio Steganalysis Based on High-Order
Statistics of a Distortion Measure with Hausdorff Distance. Information
Security Conference (ISC) 2008, pp. 487-501
- Y. Liu, C. Corbett, K. Chiang, R. Archibald, B.
Mukherjee, D. Ghosal, Detecting Sensitive Data Exfiltration by an
Insider Attack, Proc. the 4th Annual Workshop on Cyber Security and
Information Intelligence Research (CSIIRW '08), pp. 1-3, New York, 2008.