A Covert Timing Channel Based on Fountain Codes

A model-based Covert Timing Channel (CTC) embeds a covert message into the inter-packet delays (IPDs) of the network traffic generated by a legitimate overt application. The modulated IPDs are generated to follow a well known statistical model of the overt application´s network traffic. This provides non-detectability of the covert channel using certain statistical tests and hence the modulation is referred to as model-secure. However, jitter, introduced by the network or an adversary, can disrupt the timing channel. In this work, we improve the CTC´s robustness without prior knowledge of the channel error characteristics. We encode the covert message using Fountain codes, continuously generating encoded symbols until transmission is successful. Additionally, we reduce bit error with an IPD guard band between the intervals that represent the binary alphabet. While the guard band reduces bit error, it also alters the IPD distribution, resulting in degraded model-security. We measure the loss in model-security using the Kolmogorov-Smirnov (KS) test and the Kullback-Leibler (KL) divergence measure and study the trade-off between security, robustness, and throughput. We describe the implementation of the Fountain code based covert communication system, which we refer to as the Covert Fountain, and extensively study the performance under multiple network settings.