Skip to main content
SpringerLink
Log in

Improving Performance of Virtual Machine Covert Timing Channel Through Optimized Run-Length Encoding

  • Regular Paper
  • Published:
Journal of Computer Science and Technology Aims and scope Submit manuscript

Abstract

With its wider acceptability, cloud can host a diverse set of data and applications ranging from entertainment to personal to industry. The foundation of cloud computing is based on virtual machines where boundaries among the application data are very thin, and the potential of data leakage exists all the time. For instance, a virtual machine covert timing channel is an aggressive mechanism to leak confidential information through shared components or networks by violating isolation and security policies in practice. The performance of a covert timing channel (covert channel) is crucial to adversaries and attempts have been made to improve the performance of covert timing channels by advancing the encoding mechanism and covert information carriers. Though promising, the redundancy of the covert message is mainly overlooked. This paper applies three encoding schemes namely run-length, Huffman, and arithmetic encoding schemes for data compression of a virtual machine covert timing channel by exploiting redundancy. Accordingly, the paper studies the performance of such channels according to their capacity. Unfortunately, we show that these encoding schemes still contain redundancy in a covert channel scenario, and thereby a new encoding scheme namely optimized Runlength encoding (OptRLE) is presented that greatly enhances the performance of a covert timing channel. Several optimizations schemes adopted by OptRLE are also discussed, and a mathematical model of the behavior of an OptRLE-based covert timing channel is proposed. The theoretical capacity of a channel can be obtained using the proposed model. Our analysis reveals that OptRLE further improves the performance of a covert timing channel, in addition to the effects of the optimizations. Experimental result shows how OptRLE affects the size of covert data and the capacity of covert timing channels, and why the performance of the covert timing channel is improved.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

References

  1. Gao F, Zhu L H, Gai K K, Zhang C, Liu S. Achieving a covert channel over an open blockchain network. IEEE Network, 2020, 34(2): 6–13. https://doi.org/10.1109/MNET.001.1900225.

    Article  Google Scholar 

  2. Li Y Z, Zhang X S, Xu X T, Tan Y A. A robust packetdropout covert channel over wireless networks. IEEE Wireless Communications, 2020, 27(3): 60–65. https://doi.org/10.1109/MWC.001.1900431.

    Article  Google Scholar 

  3. Wang Y J, Wu J Z, Zeng H T, Ding L P, Liao X F. Covert channel research. Journal of Software, 2010, 21(9): 2262–2288. https://doi.org/10.3724/SP.J.1001.2010.03880. (in Chinese)

    Article  Google Scholar 

  4. Zhu Y, Yu M Y, Hu H X Ahn G J, Zhao H J. Efficient construction of provably secure steganography under ordinary covert channels. Science China Information Sciences, 2012, 55(7): 1639–1649. https://doi.org/10.1007/s11432-012-4598-3.

    Article  MathSciNet  MATH  Google Scholar 

  5. Guri M. MAGNETO: Covert channel between air-gapped systems and nearby smartphones via CPU-generated magnetic fields. Future Generation Computer Systems, 2021, 115: 115–125. https://doi.org/10.1016/j.future.2020.08.045.

    Article  Google Scholar 

  6. Betz J, Westhoff D, Müller G. Survey on covert channels in virtual machines and cloud computing. Transactions on Emerging Telecommunications Technologies, 2017, 28(6): e3134. https://doi.org/10.1002/ett.3134.

    Article  Google Scholar 

  7. Luo Y, Luo W, Sun X N, Shen Q N, Ruan A B, Wu Z H. Whispers between the containers: High-capacity covert channel attacks in Docker. In Proc. the 2016 IEEE Trustcom/BigDataSE/ISPA, Aug. 2016, pp.630–637. https://doi.org/10.1109/TrustCom.2016.0119.

  8. Liu F F, Yarom Y, Ge Q, Heiser G, Lee R B. Last-level cache side-channel attacks are practical. In Proc. the 2015 IEEE Symposium on Security and Privacy, May 2015, pp.605–622. https://doi.org/10.1109/SP.2015.43.

  9. Wu Z Y, Xu Z, Wang H N. Whispers in the hyper-space: High-bandwidth and reliable covert channel attacks inside the cloud. IEEE/ACM Transactions on Networking, 2015, 23(2): 603–615. https://doi.org/10.1109/TNET.2014.2304439.

    Article  Google Scholar 

  10. Lu X R, Huang L S, Yang W, Shen Y. Concealed in the Internet: A novel covert channel with normal traffic imitating. In Proc. the 2016 Int. IEEE Conferences on Ubiquitous Intelligence & Computing, Advanced and Trusted Computing, Scalable Computing and Communications, Cloud and Big Data Computing, Internet of People, and Smart World Congress (UIC/ATC/ScalCom/CBDCom/IoP/SmartWorld), Jul. 2016, pp.285–292. https://doi.org/10.1109/UIC-ATC-ScalCom-CBDCom-IoP-SmartWorld.2016.0060.

  11. Hussein O, Hamza N, Hefny H. A proposed covert channel based on memory reclamation. In Proc. the 17th IEEE International Conference on Intelligent Computing and Information Systems (ICICIS), Dec. 2015, pp.343–347. https://doi.org/10.1109/IntelCIS.2015.7397244.

  12. Ameri A, Johnson D. Covert channel over network time protocol. In Proc. the 2017 International Conference on Cryptography, Security and Privacy, Mar. 2017, pp.62–65. https://doi.org/10.1145/3058060.3058082.

  13. Vines P, Kohno T. Rook: Using video games as a lowbandwidth censorship resistant communication platform. In Proc. the 14th ACM Workshop on Privacy in the Electronic Society, Oct. 2015, pp.75–84. https://doi.org/10.1145/2808138.2808141.

  14. Epishkina A, Kogos K. Protection from binary and multisymbol packet length covert channels. In Proc. the 8th International Conference on Security of Information and Networks, Sept. 2015, pp.196–202. https://doi.org/10.1145/2799979.2799994.

  15. Yao F, Venkataramani G, Doroslovački M. Covert timing channels exploiting non-uniform memory access based architectures. In Proc. the on Great Lakes Symposium on VLSI 2017, May 2017, pp.155–160. https://doi.org/10.1145/3060403.3060417.

  16. Lin Y Q, Malik S U R, Bilal K, Yang Q S, Wang Y J, Khan S U. Designing and modeling of covert channels in operating systems. IEEE Trans. Computers, 2016, 65(6): 1706–1719. https://doi.org/10.1109/TC.2015.2458862.

    Article  MathSciNet  MATH  Google Scholar 

  17. Tahir R, Khan M T, Gong X, Ahmed A, Ghassami A, Kazmi H, Caesar M, Zaffar F, Kiyavash N. Sneak-peek: High speed covert channels in data center networks. In Proc. the 35th Annual IEEE International Conference on Computer Communications, Apr. 2016. https://doi.org/10.1109/INFOCOM.2016.7524467.

  18. Liguori A, Benedetto F, Giunta G, Kopal N, Wacker A. Analysis and monitoring of hidden TCP traffic based on an open-source covert timing channel. In Proc. the 2015 IEEE Conference on Communications and Network Security (CNS), Sept. 2015, pp.667–674. https://doi.org/10.1109/CNS.2015.7346885.

  19. Wu J Z, Wang Y J, Ding L P, Liao X F. Improving performance of network covert timing channel through Huffman coding. Mathematical and Computer Modelling, 2012, 55(1/2): 69–79. https://doi.org/10.1016/j.mcm.2011.01.051.

    Article  MathSciNet  MATH  Google Scholar 

  20. Classen J, Schulz M, Hollick M. Practical covert channels for WiFi systems. In Proc. the 2015 IEEE Conference on Communications and Network Security (CNS), Sept. 2015, pp.209–217. https://doi.org/10.1109/CNS.2015.7346830.

  21. Archibald R, Ghosal D. Design and analysis of a model-based covert timing channel for Skype traffic. In Proc. the 2015 IEEE Conference on Communications and Network Security (CNS), Sept. 2015, pp.236–244. https://doi.org/10.1109/CNS.2015.7346833.

  22. Oren Y, Kemerlis V P, Sethumadhavan S, Keromytis A D. The spy in the sandbox: Practical cache attacks in JavaScript and their implications. In Proc. the 22nd ACM SIGSAC Conference on Computer and Communications Security, Oct. 2015, pp.1406–1418. https://doi.org/10.1145/2810103.2813708.

  23. Evtyushkin D, Ponomarev D. Covert channels through random number generator: Mechanisms, capacity estimation and mitigations. In Proc. the 2016 ACM SIGSAC Conference on Computer and Communications Security, Oct. 2016, pp.843–857. https://doi.org/10.1145/2976749.2978374.

  24. Zeng H T, Wang Y J, Zu W, Cai J Y, Ruan L. New definition of small message criterion and its application in transaction covert channel mitigating. Journal of Software, 2009, 20(4): 985–996. (in Chinese) https://doi.org/10.3724/SP.J.1001.2009.03246 .

    Article  Google Scholar 

  25. Anwar S, Inayat Z, Zolkipli M F, Zain J M, Gani A, Anuar N B, Khan M K, Chang V. Cross-VM cache-based side channel attacks and proposed prevention mechanisms: A survey. Journal of Network and Computer Applications, 2017, 93: 259–279. https://doi.org/10.1016/j.jnca.2017.06.001.

    Article  Google Scholar 

  26. Barham P, Dragovic B, Fraser K, Hand S, Harris T, Ho A, Neugebauer R, Pratt I, Warfield A. Xen and the art of virtualization. In Proc. the 19th ACM Symposium on Operating Systems Principles, Oct. 2003, pp.164–177. https://doi.org/10.1145/945445.945462.

  27. Bugnion E, Devine S, Rosenblum M, Sugerman J, Wang E Y. Bringing virtualization to the x86 architecture with the original VMware workstation. ACM Trans. Computer Systems, 2012, 30(4): Article No. 12. https://doi.org/10.1145/2382553.2382554.

  28. Irazoqui G, Eisenbarth T, Sunar B. S$A: A shared cache attack that works across cores and defies VM sandboxing—And its application to AES. In Proc. the 2015 IEEE Symposium on Security and Privacy, May 2015, pp.591–604. https://doi.org/10.1109/SP.2015.42.

  29. Zhang R, Su X, Wang J, Wang C, Liu W, Lau R W H. On mitigating the risk of cross-VM covert channels in a public cloud. IEEE Trans. Parallel and Distributed Systems, 2015, 26(8): 2327–2339. https://doi.org/10.1109/TPDS.2014.2346504.

    Article  Google Scholar 

  30. Ristenpart T, Tromer E, Shacham H, Savage S. Hey, you, get off of my cloud: Exploring information leakage in third-party compute clouds. In Proc. the 16th ACM Conference on Computer and Communications Security, Nov. 2009, pp.199–212. https://doi.org/10.1145/1653662.1653687.

  31. Lampson B W. A note on the confinement problem. Communications of the ACM, 1973, 16(10): 613–615. https://doi.org/10.1145/362375.362389.

  32. Girling C G. Covert channels in LAN’s. IEEE Trans. Software Engineering, 1987, SE-13(2): 292–296. https://doi.org/10.1109/TSE.1987.233153.

  33. Millen J. 20 years of covert channel modeling and analysis. In Proc. the 1999 IEEE Symposium on Security and Privacy (Cat. No. 99CB36344), May 1999, pp.113–114. https://doi.org/10.1109/SECPRI.1999.766906.

  34. Moskowitz I S, Kang M H. Covert channels—Here to stay? In Proc. the 9th IEEE Annual Conference on Computer Assurance, Jul. 1994, pp.235–243. https://doi.org/10.1109/CMPASS.1994.318449.

  35. Zander S, Armitage G, Branch P. A survey of covert channels and countermeasures in computer network protocols. IEEE Communications Surveys & Tutorials, 2007, 9(3): 44–57. https://doi.org/10.1109/COMST.2007.4317620.

    Article  Google Scholar 

  36. Wendzel S, Zander S, Fechner B, Herdin C. Patternbased survey and categorization of network covert channel techniques. ACM Computing Surveys, 2015, 47(3): Article No. 50. https://doi.org/10.1145/2684195.

  37. Ge Q, Yarom Y, Cock D, Heiser G. A survey of microarchitectural timing attacks and countermeasures on contemporary hardware. Journal of Cryptographic Engineering, 2018, 8(1): 1–27. https://doi.org/10.1007/s13389-016-0141-6.

    Article  Google Scholar 

  38. Xu Y J, Bailey M, Jahanian F, Joshi K, Hiltunen M, Schlichting R. An exploration of L2 cache covert channels in virtualized environments. In Proc. the 3rd ACM Workshop on Cloud Computing Security Workshop, Oct. 2011, pp.29–40. https://doi.org/10.1145/2046660.2046670.

  39. Zhang X S, Zhu L H, Wang X M, Zhang C Y, Zhu H F, Tan Y A. A packet-reordering covert channel over volte voice and video traffics. Journal of Network and Computer Applications, 2019, 126: 29–38. https://doi.org/10.1016/j.jnca.2018.11.001.

    Article  Google Scholar 

  40. Zhang Q X, Zhu M Y, Liang C, Wang K Q, Yang K, Li Y Z. A timestamp-regulating VoLTE covert channel against statistical analysis. Mobile Networks and Applications, 2021, 26(4): 1493–1502. https://doi.org/10.1007/s11036-019-01485-3.

    Article  Google Scholar 

  41. Caviglione L, Podolski M, Mazurczyk W, Ianigro M. Covert channels in personal cloud storage services: The case of dropbox. IEEE Trans. Industrial Informatics, 2017, 13(4): 1921–1931. https://doi.org/10.1109/TII.2016.2627503.

    Article  Google Scholar 

  42. Wu Z Y, Xu Z, Wang H N. Whispers in the hyper-space: High-speed covert channel attacks in the cloud. In Proc. the 21st USENIX Security Symposium, Aug. 2012, pp.159–173.

  43. Huffman D A. A method for the construction of minimum-redundancy codes. Proceedings of the IRE, 1952, 40(9): 1098–1101. https://doi.org/10.1109/JRPROC.1952.273898.

    Article  MATH  Google Scholar 

  44. El-Maleh A H, Al-Abaji R H. Extended frequency-directed run-length code with improved application to systemon-a-chip test data compression. In Proc. the 9th International Conference on Electronics, Circuits and Systems, Sept. 2002, pp.449–452. https://doi.org/10.1109/ICECS.2002.1046192.

  45. Núñez J L, Jones S. Run-length coding extensions for high performance hardware data compression. IEE Proceedings—Computers and Digital Techniques, 2003, 150(6): 387–395. https://doi.org/10.1049/ip-cdt:20030750.

    Article  Google Scholar 

  46. Wang C, Zhang C Y, Wu B, Tan Y A, Wang Y J. A novel anti-detection criterion for covert storage channel threat estimation. Science China Information Sciences, 2018, 61(4): 048101. https://doi.org/10.1007/s11432-017-9211-1.

    Article  MathSciNet  Google Scholar 

  47. Fern N, San I, Koç Ç K, Cheng K T T. Hiding hardware Trojan communication channels in partially specified SoC bus functionality. IEEE Trans. Computer-Aided Design of Integrated Circuits and Systems, 2017, 36(9): 1435–1444. https://doi.org/10.1109/TCAD.2016.2638439.

    Article  Google Scholar 

  48. Liang C, Wang X M, Zhang X S, Zhang Y, Sharif K, Tan Y A. A payload-dependent packet rearranging covert channel for mobile VoIP traffic. Information Sciences, 2018, 465: 162–173. https://doi.org/10.1016/j.ins.2018.07.011.

    Article  Google Scholar 

  49. Zhang X S, Liang C, Zhang Q X, Li Y Z, Zheng J, Tan Y A. Building covert timing channels by packet rearrangement over mobile networks. Information Sciences, 2018, 445/446: 66–78. https://doi.org/10.1016/j.ins.2018.03.007.

    Article  MathSciNet  Google Scholar 

  50. Biswas A K, Ghosal D, Nagaraja S. A survey of timing channels and countermeasures. ACM Computing Surveys, 2017, 50(1): Article No. 6. https://doi.org/10.1145/3023872.

  51. Tsai C R, Gligor V D. A bandwidth computation model for covert storage channels and its applications. In Proc. the 1988 IEEE Symposium on Security and Privacy, Apr. 1988, pp.108–121. https://doi.org/10.1109/SECPRI.1988.8103.

  52. Shieh S P. Estimating and measuring covert channel bandwidth in multilevel secure operating systems. Journal of Information Science and Engineering, 1999, 15(1): 91–106. https://doi.org/10.6688/JISE.1999.15.1.5.

    Article  Google Scholar 

  53. Hunger C, Kazdagli M, Rawat A, Dimakis A, Vishwanath S, Tiwari M. Understanding contention-based channels and using them for defense. In Proc. the 21st IEEE International Symposium on High Performance Computer Architecture (HPCA), Feb. 2015, pp.639–650. https://doi.org/10.1109/HPCA.2015.7056069.

  54. Evtyushkin D, Ponomarev D, Abu-Ghazaleh N. Understanding and mitigating covert channels through branch predictors. ACM Trans. Architecture and Code Optimization, 2016, 13(1): Article No. 10. https://doi.org/10.1145/2870636.

  55. Gao X, Steenkamer B, Gu Z S, Kayaalp M, Pendarakis D, Wang H N. A study on the security implications of information leakages in container clouds. IEEE Trans. Dependable and Secure Computing, 2021, 18(1): 174–191. https://doi.org/10.1109/TDSC.2018.2879605.

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Shenzhen Institute of Advanced Technology, Chinese Academy of Sciences, Shenzhen, 518055, China

    Chong Wang & Rong-Liang Chen

  2. Sangfor Technologies Inc., Shenzhen, 518055, China

    Chong Wang & Liang Gu

  3. Shenzhen Key Laboratory for Exascale Engineering and Scientific Computing, Shenzhen, 518055, China

    Rong-Liang Chen

Authors
  1. Chong Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Rong-Liang Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Liang Gu
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Chong Wang.

Supplementary Information

ESM 1

(PDF 124 kb)

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Wang, C., Chen, RL. & Gu, L. Improving Performance of Virtual Machine Covert Timing Channel Through Optimized Run-Length Encoding. J. Comput. Sci. Technol. 38, 793–806 (2023). https://doi.org/10.1007/s11390-021-1189-z

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11390-021-1189-z

Keywords

Search

Navigation