Title :
A Covert Timing Channel via Algorithmic Complexity Attacks: Design and Analysis
Author :
Sun, Xiaoshan ; Cheng, Liang ; Zhang, Yang
Author_Institution :
State Key Lab. of Inf. Security, Chinese Acad. of Sci., Beijing, China
Abstract :
A covert channel is a communication channel that bypasses the access controls of the system, and it is a threat to the system´s security. In this paper, we propose a new covert timing channel which exploits the algorithmic complexity vulnerabilities in the name lookup algorithm of the kernel. This covert channel has a high capacity and it is practically exploitable. In our experiments, the data rate reaches 2256 bps under a very low error rate. This data rate is high enough for practical use. So our covert channel is dangerous. To our knowledge, no previous works propose this covert channel nor implement it. We describe our design and implementation of the covert channel on a SELinux system, discuss the subtle issues that arose in the design, present performance data of the covert channel and analyse its capacity.
Keywords :
Linux; authorisation; communication complexity; computer network security; SELinux system; access control; algorithmic complexity attacks; communication channel; covert timing channel; data rate; error rate; lookup algorithm; system security; Channel capacity; Complexity theory; Error analysis; Kernel; Receivers; Security; Timing;
Conference_Titel :
Communications (ICC), 2011 IEEE International Conference on
Conference_Location :
Kyoto
Print_ISBN :
978-1-61284-232-5
Electronic_ISBN :
1550-3607
DOI :
10.1109/icc.2011.5962718
