Covert channels are communication channels to transmit information utilizing existing system resources without being detected by network security elements, such as firewalls. Thus, they can be utilized to leak confidential governmental, military, and corporate information. Malicious users, like terrorists, can use covert channels to exchange information without being detected by cyber-intelligence services. Therefore, covert channels can be a grave security concern, and it is important to detect, eliminate, and disrupt covert communications. Active network wardens can attempt to eliminate such channels by traffic modification, but such an implementation will also hamper innocuous traffic, which is not always acceptable. Owing to a large number of covert channel algorithms, it is not possible to deal with them on a case-by-case basis. Therefore, it necessitates a unified system model that can represent them. In this paper, we present an event-based model to represent timing covert channels. Based on our model, we calculate the capacity of various covert channels and evaluate their essential features, such as the impact of network jitter noise and packet losses. We also used simulations to obtain these parameters to verify its accuracy and applicability.
All Science Journal Classification (ASJC) codes
- Control and Systems Engineering
- Information Systems
- Computer Science Applications
- Computer Networks and Communications
- Electrical and Electronic Engineering