Covert channel research

Ruan Jian Xue Bao/Journal of Software

Volumn 21, Issue 9, 2010, Pages 2262-2288

  Wang, Yong Ji ^a   Wu, Jing Zheng ^a,b   Zeng, Hai Tao ^c   Ding, Li Ping ^a   Liao, Xiao Feng ^a,b  

^a INSTITUTE OF SOFTWARE   (China)

^b UNIVERSITY OF CHINESE ACADEMY OF SCIENCES   (China)

^c CHINA MOBILE RESEARCH INSTITUTE   (China)

Author keywords

Covert channel; Covert channel auditing; Covert channel detection; Covert channel elimination; Covert channel identification; Covert channel limitation; Covert channel measurement

Indexed keywords

CLASSIC TECHNIQUES; COMMUNICATION CHANNEL; COVERT CHANNELS; OPERATION SYSTEM; RESEARCH DIRECTIONS; SECURE DATABASE; SECURE NETWORKS; SECURITY POLICY; TRANSFER INFORMATION;

INFORMATION SYSTEMS; SECURITY OF DATA;

RESEARCH;

EID: 77957969195     PISSN: 10009825     EISSN: None     Source Type: Journal    
DOI: 10.3724/SP.J.1001.2010.03880     Document Type: Article

References (95)

1. U.S. Department of Defense. Trusted computer system evaluation criteria. DoD 5200.28-STD, 1985.
2. GB 17859-1999. Classified oriteria for security protection of computer information system. 2001 (in Chinese).
3. ISO/IEC 15408. Information technology-security techniques-evaluation criteria for IT security. 1999.
4. Lampson BW. A note on the confinement problem. Communications of the ACM, 1973, 16(10): 613-615.
5. Lipner SB. A comment on the confinement problem. Operating Systems Review, 1975, 9(5): 192-196. [doi:10.1145/1067629.806537]
6. Simmons GJ. The prisoners' problem and the subliminal channel. In: Proc. of the CRYPTO'83-Advances in Cryptology. 1984. 51-67. http://www.cs.nccu.edu.tw/~raylin/ ⋯/Spring2009/ThePrisonerProblem.pdf
7. National Computer Security Center. A guide to understanding covert channel analysis of trusted systems. NCSC-TG-30, 1993.
8. Tsai CR, Gligor VD, Chandersekaran CS. A formal method for the identification of covert storage channels in source code. In: Proc. of the IEEE Symp. on Security and Privacy. 1987. 74-87. http://www.computer.org/portal/web/csdl/doi/10.1109/SP.1987.10014
9. Bell DE, Lapadula LJ. Secure computer systems: Mathematical foundations. Vol.1: Hanscom AFB, Bedford, FSD-TR-73-278, ESD/AFSC, 1973. 1-33.
10. Kemmerer RA. Shared resource matrix methodology: An approach to identifying storage and timing channels. ACM Trans. on Computer System, 1983, 1(3): 256-277. [doi: 10.1145/357369.357374]
11. Joon S, Jim AF. A formal framework for real-time information flow analysis. Computers and Security, 2009, 28(6): 421-432.
12. Cui BG. Research on covert channel analysis and related techniques in secure database system [Ph.D. Thesis]. Harbin: Harbin Engineering University, 2006 (in Chinese with English abstract).
13. Jensen NR. Implications of multilevel systems on the data dictionary of a secure relational DBMS. In: Proc. of the 4th Aerospace Computer Security Applications Conf. 1988. 58-65. http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=113418
14. He YZ, Li L, Feng DG. A generic audit policy model on multilevel secure DBMS. Journal of Software, 2005, 16(10): 1774-1783 (in Chinese with English abstract). http://www.jos.org.cn/1000-9825/16/1774.htm [doi: 10.1360/jos161774]
15. Son SH, Mukkamala R, David R. Integrating security and real-time requirements using covert channel capacity. IEEE Trans. on Knowledge and Data Engineering, 2000, 12(6): 865-879. [doi: 10.1109/69.895799]
16. Keefe TF, Tsai WT, Srivastava J. Database concurrency control in multilevel secure database management systems. IEEE Trans. on Knowledge and Data Engineering, 1993, 5(6): 1039-1055. [doi: 10.1109/69.250090]
17. Dong QK. Study on subliminal channels [Ph.D. Thesis]. Xi'an: Xidian University, 2003 (in Chinese with English abstract).
18. Zhu JF. Study on covert channel analyhsis in high-level secure operating system [Ph.D. Thesis]. Beijing: Graduate School, the Chinese Academy of Sciences, 2006 (in Chinese with English abstract).
19. Girling CG. Covert channels in LAN's. IEEE Trans. on Software Engineering, 1987, SE-13(2): 292-296. [doi: 10.1109/TSE.1987.233153]
20. Handel TG, Sandford MT. Hiding data in the OSI network model. Information Hiding, 1996, 1174: 23-38.
21. Rowland CH. Covert channels in the TCP/IP protocol suite. Peer Reviewed Journal on the Internet, 1997, 2(5): 1.
22. Gianvecchio S, Wang H, Wijesekera D, Jajodia S. Model-Based covert timing channels: Automated modeling and evasion. Recent Advances in Intrusion Detection, 2008, 5230: 211-230. [doi: 10.1007/978-3-540-87403-4_12]
23. Luo XP, Chan EWW, Chang RKC. TCP covert timing channels: Design and detection. In: Proc. of the Int'l Conf. on Dependable Systems and Networks. 2008. 420-429. http://ieeexplore.ieee.org/xpl/freeabs_all.jsp?arnumber=4630112
24. Zander S, Armitage G, Branch P. Covert channels and countermeasures in computer network protocols. IEEE Communications Magazine, 2007, 45(12): 136-142. [doi: 10.1109/MCOM.2007.4395378]
25. Zander S, Armitage G, Branch P. Covert channels in multiplayer first person shooter online games. In: Proc. of the 33rd IEEE Conf. on Local Computer Networks. 2008. 215-222. http://ieeexplore.ieee.org/xpl/freeabs_all.jsp?arnumber=4664172
26. Sun XM, Huang HJ, Wang BW, Sun G, Huang JW. An algorithm of webpage information hiding based on equal tag. Journal of Computer Research and Development, 2007, 44(5): 756-760 (in Chinese with English abstract).
27. Cabuk S, Brodley CE, Shields C. IP covert timing channels: Design and detection. In: Proc. of the 11th ACM Conf. on Computer and Communications Security. 2004. 178-187. http://portal.acm.org/citation.cfm?id=1030083.1030108
28. Berk V, Giani A, Cybenko G. Detection of covert channel encoding in network packet delays. Technical Report, TR2005536, Department of Computer Science, Dartmouth College, 2005. 1-11.
29. Gianvecchio S, Wang HN. Detecting covert timing channels: An entropy-based approach. In: Proc. of the 14th ACM Conf. on Computer and Communications Security. 2007. 307-316. http://www.cs.wm.edu/~hnw/paper/ccs07.pdf
30. Qian XL, Stickel ME, Karp PD, Lunt TF, Garvey TD. Detection and elimination of inference channels in multilevel relational database systems. In: Proc. of the IEEE Symp. on Security and Privacy. Oakland, 1993. 196-205. http://www.computer.org/portal/ web/csdl/doi/10.1109/RISP.1993.287632
31. Millen J. 20 years of covert channel modeling and analysis. In: Proc. of the IEEE Symp. on Security and Privacy. Oakland, 1999. 113-114. http://ieeexplore.ieee.org/xpl/freeabs_all.jsp?arnumber=766906
32. Denning DE. A lattice model of secure information flow. Communications of the ACM, 1976, 19(5): 236-243. [doi: 10.1145/ 360051.360056]
33. Goguen JA, Meseguer J. Security policies and security models. In: Proc. of the IEEE Symp. on Security and Privacy. 1982. 11-20. http://www.cs.ucsb.edu/~kemm/courses/cs177/noninter.pdf
34. Millen JK. Finite-State noiseless covert channels. In: Proc. of the Computer Security Foundations Workshop II. 1989. 81-86. http://ieeexplore.ieee.org/xpl/freeabs_all.jsp?arnumber=40590
35. Eckmann ST. Eliminating formal flows in automated information flow analysis. In: Proc. of the IEEE Symp. on Security and Privacy. 1994. 30-38. http://ieeexplore.ieee.org/xpl/freeabs_all.jsp?arnumber=296594
36. Volpano D, Smith G, Irvine C. A sound type system for secure flow analysis. Journal of Computer Security, 1996, 4(2): 167-187.
37. Goguen JA, Meseguer J. Unwinding and inference control. In: Proc. of the IEEE Symp. on Security and Privacy. 1984. 75-87. http://www.computer.org/portal/web/csdl/doi/10.1109/SP.1984.10019
38. Haigh JT, Kemmerer RA, Mchugh J, Young WD. An experience using two covert channel analysis techniques on a real system design. IEEE Trans. on Software Engineering, 1987, 13(2): 157-168. [doi: 10.1109/TSE.1987.226479]
39. Mchugh J. Covert channel analysis: A chapter of the handbook for the computer security certification of trusted systems. Department of Computer Science, Portland State University, 1996. 1-78. http://chacsnrlnavymil/publications/handbook
40. Kemmerer RA, Porras PA. Covert flow trees: A visual approach to analyzing covert storage channels. IEEE Trans. on Software Engineering, 1991, 17(11): 1166-1185. [doi: 10.1109/32.106972]
41. Tsai CR. Covert channel analysis in secure computer systems [Ph.D. Thesis]. Maryland: University of Maryland-College Park (MD), 1987.
42. Tsai CR, Gligor VD, Chandersekaran CS. On the identification of covert storage channels in secure systems. IEEE Trans. on Software Engineering, 1990, 16(6): 569-580. [doi: 10.1109/32.55086]
43. Shen JJ. Research on information flow technologies and security architecture of secure operating system [Ph.D. Thesis]. Beijing: Graduate University, the Chinese Academy of Sciences, 2008 (in Chinese with English abstract).
44. Tsai CR, Gligor VD. A bandwidth computation model for covert storage channels and its applications. In: Proc. of the IEEE Symp. on Security and Privacy. 1988. 108-121. http://www.computer.org/portal/web/csdl/doi/10.1109/SECPRI.1988.8103
45. Diggavi SN, Grossglauser M. Bounds on the capacity of deletion channels. In: Proc. of the IEEE Int'l Symp. on Information Theory. 2002. 421-421. http://ieeexplore.ieee.org/xpl/freeabs_all.jsp?arnumber=1023693
46. Tallini LG. Bounds on the capacity of the unidirectional channels. IEEE Trans. on Computers, 2005, 54(2): 232-235. [doi: 10.1109/TC.2005.18]
47. Zeng W, Tokas J, Motwani R, Motwani R, Kavcic A. Bounds on mutual information rates of noisy channels with timing errors. In: Proc. of the Int'l Symp. on Information Theory. 2005. 709-713. http://www-ee.eng.hawaii.edu/~alek/Archive/2005/isit05.pdf
48. Moskowitz IS, Kang MH. Covert channels-Here to stay? In: Proc. of the 9th Annual Conf. on Computer Assurance (COMPASS 1994) 'Safety, Reliability, Fault Tolerance, Concurrency and Real Time, Security'. 1994. 235-243. http://ieeexplore.ieee.org/xpl/freeabs_all.jsp?arnumber=318449
49. Zeng HT, Wang YJ, Zu W, Cai JY, Ruan L. New definition of small message criterion and its application in transaction covert channel mitigating. Journal of Software, 2009, 20(4): 985-996 (in Chinese with English abstract). http://www.jos.org.cn/1000-9825/3246.htm [doi: 10.3724/SP.J.1001.2009.03246]
50. Ahmed QN, Vrbsky SV. Maintaining security and timeliness in real-time database system. Journal of Systems and Software, 2002, 61(1): 15-29. [doi: 10.1016/S0164-1212(01)00111-X]
51. Joon S, Jim AF. Covert timing channel analysis of rate monotonic real-time scheduling algorithm in MLS systems. In: Proc. of the IEEE Workshop on Information Assurance United States Military Academy. 2006. 361-368. http://ieeexplore.ieee.org/xpl/ freeabs_all.jsp?arnumber=1652117
52. Hu WM. Reducing timing channels with fuzzy time. In: Proc. of the IEEE Computer Society Symp. on Research in Security and Privacy. 1991. 8-20. http://ieeexplore.ieee.org/xpl/freeabs_all.jsp?arnumber=130768
53. Gray JW. On introducing noise into the bus-contention channel. In: Proc. of the IEEE Symp. on Security and Privacy. Oakland, 1993. 90-98. http://ieeexplore.ieee.org/xpl/freeabs_all.jsp?arnumber=287640
54. Shieh SPW, Gligor VD. Auditing the use of covert storage channels in secure systems. In: Proc. of the IEEE Computer Society Symp. on Research in Security and Privacy. 1990. 285-295. http://ieeexplore.ieee.org/xpl/freeabs_all.jsp?arnumber=63858
55. Qing SH. Covert channel analysis in secure operating systems with high security levels. Journal of Software, 2004, 15(12): 1837-1849 (in Chinese with English abstract). http://www.jos.org.cn/1000-9825/15/1837.htm
56. He JS, Gligor VD. Information-Flow analysis for covert-channel identification in multilevel secure operating systems. In: Proc. of the Computer Security Foundations Workshop III. 1990. 139-148. http://ieeexplore.ieee.org/xpl/freeabs_all.jsp?arnumber=128194
57. Zi XC, Yao LH, Li L. A state-based approach to information flow analysis. Chinese Journal of Computers, 2006, 29(8): 1460-1467 (in Chinese with English abstract).
58. Qing SH, Zhu JF. Covet channel analysis on ANSHENG secure operating system. Journal of Software, 2004, 15(9): 1385-1392 (in Chinese with English abstract). http://www.jos.org.cn/1000-9825/15/1385.htm
59. Fine T. Constructively using noninterference to analyze systems. In: Proc. of the IEEE Computer Society Symp. on Research in Security and Privacy. 1990. 162-169. http://ieeexplore.ieee.org/xpl/freeabs_all.jsp?arnumber=63847
60. Shieh SP. Estimating and measuring covert channel bandwidth in multilevel secure operating systems. Journal of Information Science and Engineering, 1999, 15(1): 91-106.
61. Moskowitz IS. Variable noise effects upon a simple timing channel. In: Proc. of the IEEE Computer Society Symp. on Research in Security and Privacy. 1991. 362-372. http://ieeexplore.ieee.org/xpl/freeabs_all.jsp?arnumber=130803
62. Moskowitz IS, Miller AR. The channel capacity of a certain noisy timing channel. IEEE Trans. on Information Theory, 1992, 38(4): 1339-1344. [doi: 10.1109/18.144712]
63. Moskowitz IS, Greenwald SJ, Kang MH. An analysis of the timed Z-channel. In: Proc. of the IEEE Symp. on Security and Privacy. 1996. 2-11. http://ieeexplore.ieee.org/xpl/freeabs_all.jsp?arnumber=502664
64. Wang ZH, Lee RB. Capacity estimation of non-synchronous covert channels. In: Proc. of the 25th IEEE Int'l Conf. on Distributed Computing Systems Workshops. 2005. 170-176. http://ieeexplore.ieee.org/xpl/freeabs_all.jsp?arnumber=1437172
65. Wang ZH, Lee RB. New constructive approach to covert channel modeling and channel capacity estimation. In: Proc. of the 8th Information Security Conf. 2005. 498-505. http://palms.ee.princeton.edu/PALMSopen/ISC05_w_cit.pdf
66. Lanotte R, Maggiolo-Schettini A, Tini S, Troina A, Tronci E. Automatic covert channel analysis of a multilevel secure component. In: Proc. of the Information and Communications Security. 2004. 249-261. http://www.springerlink.com/content/r8fkgckuew 0l9mgr/
67. Liu CL, Layland JW. Scheduling algorithms for multiprogramming in a hard-real-time environment. Journal of the Association for Computing Machinery, 1973, 20(1): 46-61.
68. Wang YJ, Chen QP. On schedulability test of rate monotonic and its extendible algorithms. Journal of Software, 2004, 15(6): 799-814 (in Chinese with English abstract). http://www.jos.org.cn/1000-9825/15/799.htm
69. Zeng HT. Research on covert channel measurement and handling in secure real-time database [Ph.D. Thesis]. Beijing: Graduate University, the Chinese Academy of Sciences, 2008 (in Chinese with English abstract).
70. Proctor NE, Neumann PG. Architectural implications of covert channels. In: Proc. of of the 15th National Computer Security Conf. 1992. 28-43. http://www.csl.sri.com/users/neumann/ncs92.html
71. George B, Haritsa JR. Secure concurrency control in firm real-time database systems. Distributed and Parallel Databases, 2000, 8(1): 41-83. [doi: 10.1023/A: 1008783216944]
72. Kang KD, Son SH, Stankovic JA. STAR: Secure real-time transaction processing with timeliness guarantees. In: Proc. of the 23rd IEEE Real-Time Systems Symp. (RTSS 2002). 2002. 303-314. http://ieeexplore.ieee.org/xpl/freeabs_all.jsp?arnumber=1181584
73. Kang MH, Moskowitz IS. A pump for rapid, reliable, secure communication. In: Proc. of the 1st ACM Conf. on Computer and Communications Security. 1993. 119-129. http://portal.acm.org/citation.cfm?id=168604
74. Kang MH, Moskowitz IS, Lee DC. A network pump. IEEE Trans. on Software Engineering, 1996, 22(5): 329-338. [doi: 10.1109/32.502225]
75. Kang MH, Moskowitz IS, Chincheck S. The pump: A decade of covert fun. In: Proc. of the 21st Annual Computer Security Applications Conf. (ACSAC 2005). 2005. 352-360. http://ieeexplore.ieee.org/xpl/freeabs_all.jsp?arnumber=1565262
76. Son SH, David R, Thuraisingham B. Improving timeliness in real-time secure database systems. SIGMOD Record, 1996, 25(1): 29-33.
77. Zeng HT, Wang YJ, Ruan L, Zu W, Cai JY. Covert channel mitigation method for secure real-time database using capacity metric. Journal on Communications, 2008, 20(8): 46-56 (in Chinese with English abstract).
78. Wang CD, Ju SG. Integrated criteria for covert channel auditing. Journal of Zhejiang University-Science A, 2008, 9(6): 737-743. [doi: 10.1631/jzus.A071510]
79. Ahsan K, Kundur D. Practical data hiding in TCP/IP. In: Proc. of the ACM Wksp. Multimedia Security, 2002. 1-8.
80. Fisk G, Fisk M, Papadopoulos C, Neil J. Eliminating steganography in Internet traffic with active wardens. In: Proc. of the Revised Papers from the 5th Int'l Workshop on Information Hiding. 2002. 18-35. http://portal.acm.org/citation.cfm?id=732023
81. Kwecka Z. Application layer covert channel analysis and detection. Edinburgh: Napier University, 2006. http://www.buchananweb.co.uk/zk.pdf
82. Zander S, Armitage G, Branch P. Covert channels in the IP time to live field. In: Proc. of the Australian Telecommunication Networks and Application Conf. (ATNAC 2006). 2006. 298-302. http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.85. 1442&rep=rep1&type=pdf
83. Giffin J, Greenstadt R, Litwack P, Tibbetts R. Covert messaging through TCP timestamps. In: Proc. of the Privacy Enhancing Technologies. 2003. 189-193. http://www.springerlink.com/content/4d5jy0ewplea12d4/
84. Eraser SA. An exploit-specific monitor to prevent malicious communication channel. Technical Report, GIT-CERCS-04-28, Georgia Institute of Technology, 2004. 1-12.
85. Murdoch SJ, Lewis S. Embedding covert channels into TCP/IP. In: Proc. of the Information Hiding. 2005. 247-261. http://www.cl.cam.ac.uk/~sjm217/papers/ih05coverttcp.pdf
86. Tumoian E, Anikeev M. Network based detection of passive covert channels in TCP/IP. In: Proc. of the 30th IEEE Conf. on Local Computer Networks Anniversary (LCN 2005). 2005. 802-809. http://ieeexplore.ieee.org/xpl/freeabs_all.jsp?arnumber=1550966
87. Sohn T, Seo JT, Moon J. A study on the covert channel detection of TCP/IP header using support vector machine. Information and Communications Security, 2003, 2836: 313-324. [DOI:10.1007/978-3-540-39927-8_29]
88. Patel A, Shah M, Chandramouli R, Subbalakshmi KP. Covert channel forensics on the Internet: Issues, approaches, and experiences. Int'l Journal of Network Security, 2007, 5(1): 41-50.
89. Porta A, Baselli G, Liberati D, Montano N, Cogliati C, Gnecchi-Ruscone T, Malliani A, Cerutti S. Measuring regularity by means of a corrected conditional entropy in sympathetic outflow. Biological Cybernetics, 1998, 78(1): 71-78. [doi: 10.1007/s004220050 414]
90. Wang CD, Ju SG. Searching covert channels by identifying malicious subjects in the time domain. In: Proc. of the IEEE Wksp. on Information Assurance United States Military Academy. 2004. 68-73. http://ieeexplore.ieee.org/xpl/freeabs_all.jsp?arnumber=1437799
91. Ristenpart T, Tromer E, Shacham H, Savage S. Hey, you, get off of my cloud: Exploring information leakage in third-party compute clouds. In: Proc. of the 16th ACM Conf. on Computer and Communications Security. 2009. 199-212. http://portal.acm.org/citation.cfm?id=1653662.1653687
92. Sellke SH, Wang CC, Bagchi S, Shroff N. TCP/IP timing channels: Theory to implementation. In: Proc. of the 28th Conf. on Computer Communications (INFOCOM). 2009. 2204-2212. http://ieeexplore.ieee.org/xpl/freeabs_all.jsp?arnumber=5062145
93. Cabuk S, Brodley CE, Shields C. IP covert channel detection. ACM Trans. on Information and System Security, 2009, 12(4): 1-29. [doi: 10.1145/1513601.1513604]
94. Kiyavash N, Coleman T. Covert timing channels codes for communication over interactive traffic. In: Proc. of the IEEE Int'l Conf. on Acoustics, Speech, and Signal Processing. 2009. 1485-1488. http://ieeexplore.ieee.org/xpl/freeabs_all.jsp?arnumber=4959876
95. Ji LP, Jiang WH, Dai BY, Niu XM. A novel covert channel based on length of messages. In: Proc. of the Int'l Symp. on Information Engineering and Electronic Commerce. 2009. 551-554. http://ieeexplore.ieee.org/xpl/freeabs_all.jsp?arnumber=5175179