Title :
A combinatorial approach to network covert communications with applications in Web Leaks
Author :
Luo, Xiapu ; Zhou, Peng ; Chan, Edmond W W ; Chang, Rocky K C ; Lee, Wenke
Author_Institution :
Hong Kong Polytech. Univ., Hong Kong, China
Abstract :
Various effective network covert channels have recently demonstrated the feasibility of encoding messages into the timing or content of individual network objects, such as data packets and request messages. However, we show in this paper that more robust and stealthy network covert channels can be devised by exploiting the relationship of the network objects. In particular, we propose a combinatorial approach for devising a wide spectrum of covert channels which can meet different objectives based on the channel capacity and channel undetectability. To illustrate the approach, we design WebLeaks and ACKLeaks, two novel covert channels which can leak information through the data and acknowledgment traffic in a web session. We implement both channels and deploy them on the PlanetLab nodes for evaluation. Besides the channel capacity, we apply the state-of-the-art detection schemes to evaluate their camouflage capability. The experiment results show that their capacity can be boosted up by our combinatorial approach, and at the same time they can effectively evade the detection.
Keywords :
Internet; channel capacity; combinatorial mathematics; security of data; ACKLeaks; Web leaks; combinatorial approach; detection schemes; network covert communications; stealthy network covert channels; Algorithm design and analysis; Channel capacity; Decoding; Encoding; Indexes; Partitioning algorithms; Timing;
Conference_Titel :
Dependable Systems & Networks (DSN), 2011 IEEE/IFIP 41st International Conference on
Conference_Location :
Hong Kong
Print_ISBN :
978-1-4244-9232-9
Electronic_ISBN :
1530-0889
DOI :
10.1109/DSN.2011.5958260
