An Event-Based Unified System Model to Characterize and Evaluate Timing Covert Channels

Pradhumna L. Shrestha, Michael Hempel, Hamid Sharif, Hsiao Hwa Chen

Research output: Contribution to journalArticlepeer-review

5 Citations (Scopus)


Covert channels are communication channels to transmit information utilizing existing system resources without being detected by network security elements, such as firewalls. Thus, they can be utilized to leak confidential governmental, military, and corporate information. Malicious users, like terrorists, can use covert channels to exchange information without being detected by cyber-intelligence services. Therefore, covert channels can be a grave security concern, and it is important to detect, eliminate, and disrupt covert communications. Active network wardens can attempt to eliminate such channels by traffic modification, but such an implementation will also hamper innocuous traffic, which is not always acceptable. Owing to a large number of covert channel algorithms, it is not possible to deal with them on a case-by-case basis. Therefore, it necessitates a unified system model that can represent them. In this paper, we present an event-based model to represent timing covert channels. Based on our model, we calculate the capacity of various covert channels and evaluate their essential features, such as the impact of network jitter noise and packet losses. We also used simulations to obtain these parameters to verify its accuracy and applicability.

Original languageEnglish
Article number6851146
Pages (from-to)271-280
Number of pages10
JournalIEEE Systems Journal
Issue number1
Publication statusPublished - 2016 Mar

All Science Journal Classification (ASJC) codes

  • Control and Systems Engineering
  • Information Systems
  • Computer Science Applications
  • Computer Networks and Communications
  • Electrical and Electronic Engineering


Dive into the research topics of 'An Event-Based Unified System Model to Characterize and Evaluate Timing Covert Channels'. Together they form a unique fingerprint.

Cite this