Skip to main content

New Constructive Approach to Covert Channel Modeling and Channel Capacity Estimation

  • Conference paper
Information Security (ISC 2005)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 3650))

Included in the following conference series:

  • 1387 Accesses

Abstract

In this paper, we examine general mechanisms that a covert channel may exploit and derive new minimum requirements for setting up a covert channel. We also propose a new classification of covert channels based on our analysis. Unlike the non-interference approaches, our approach is constructive, allowing the direct examination of system architectures at different abstraction levels for the presence or absence of the mechanisms that can be exploited to create covert channels. Also, unlike past research on covert channel capacity estimation which employed a synchronous channel model, we point out that covert channels are generally non-synchronous. To capture the asynchronous nature of covert channels, we propose the deletion-insertion channel model as a more general basis for covert channel capacity estimation. This enables modeling the effects of system behavior on covert channel capacity, leading to a more accurate upper bound of the resulting channel capacity.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Kemmerer, R.A.: Shared Resource Matrix Methodology: An Approach to Identifying storage and Timing Channels. ACM Transactions on Computer Systems 1(3), 256–277 (1983)

    Article  Google Scholar 

  2. Lampson, B.W.: A Note on the Confinement Problem. Communications of the ACM 16(10), 613–615 (1973)

    Article  Google Scholar 

  3. Millen, J.: 20 Years of Covert Channel Modeling and Analysis. In: Proceedings of the IEEE Symposium on Security and Privacy, May 1999, pp. 113–114 (1999)

    Google Scholar 

  4. National Computer Security Center, A Guide to Understanding Covert Channel Analysis of Trusted Systems, NCSC-TG-30 (November 1993), Available at http://www.radium.ncsc.mil/tpep/library/rainbow/

  5. McHugh, J.: Covert Channel Analysis: A Chapter of the Handbook for the Computer Security Certification of Trusted Systems (December 1995), Available at http://chacs.nrl.navy.mil/publications/handbook/

  6. Goguen, J.A., Meseguer, J.: Security Policies and Security Models. In: Proceedings of the IEEE Symposium on Security and Privacy, April 1982, pp. 11–20 (1982)

    Google Scholar 

  7. Haigh, J.T., Kemmerer, R.A., McHugh, J., Young, W.D.: An Experience of Using Two Covert Channel Analysis Techniques. IEEE Trans. on Software Engineering 13(2), 157–168 (1987)

    Article  MATH  Google Scholar 

  8. Millen, J.K.: Covert Channel Capacity. In: Proceedings of the IEEE Symposium on Research in Security and Privacy, April 1987, pp. 60–66 (1987)

    Google Scholar 

  9. Moskowitz, I.S., Miller, A.R.: Simple Timing Channels. In: Proceedings of IEEE Computer Symposium on Research in Security and Privacy, May 1994, pp. 56–64 (1994)

    Google Scholar 

  10. Moskowitz, I.S., Greenwald, S.J., Kang, M.H.: An Analysis of the Timed-Z Channel. In: Proceedings of IEEE Computer Symposium on Security and Privacy, May 1996, pp. 2–11 (1996)

    Google Scholar 

  11. Davey, M.C., Mackey, D.J.C.: Reliable Communication over Channels with Insertions, Deletions, and Substitutions. IEEE Trans. on Information Theory 47(2), 687–698 (2001)

    Article  MATH  Google Scholar 

  12. Millen, J.K.: Finite-State Noiseless Covert Channels. In: Proceedings of the Computer Security Foundations Workshop II, June 1989, pp. 81–86 (1989)

    Google Scholar 

  13. Wray, J.C.: An analysis of covert timing channels. In: Proceedings of IEEE Computer Symposium on Research in Security and Privacy, May 1991, pp. 2–7 (1991)

    Google Scholar 

  14. Wang, Z., Lee, R.: Separating data and signaling channels in modeling covert channels. Princeton University Department of Electrical Engineering Technical Report CE-L2004-003 (November 2004)

    Google Scholar 

  15. Wang, Z., Lee, R.B.: Capacity Estimation of Non-Synchronous Covert Channels. In: Proceedings of the 2nd International Workshop on Security in Distributed Computing Systems (June 2005)

    Google Scholar 

  16. Wang, Z., Lee, R.B.: New Constructive Approach to Covert Channel Modeling and Channel Capacity Estimation (full paper). Princeton University Department of Electrical Engineering Technical Report CE-L2005-004 (April 2005)

    Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Wang, Z., Lee, R.B. (2005). New Constructive Approach to Covert Channel Modeling and Channel Capacity Estimation. In: Zhou, J., Lopez, J., Deng, R.H., Bao, F. (eds) Information Security. ISC 2005. Lecture Notes in Computer Science, vol 3650. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11556992_37

Download citation

  • DOI: https://doi.org/10.1007/11556992_37

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-29001-8

  • Online ISBN: 978-3-540-31930-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics