Implementing a Covert Timing Channel Based on Mimic Function
Covert timing channel is a mechanism that can be exploited by an attacker to conceal secrets in timing intervals of transmitted pack ets.With the development of detection techniques against such channel, it has become increasingly difficult to exploit a practical covert timing channel that is both detection-resistant and of high capacity.In this paper, we introduce a new type of covert timing channel.Our novel en coding technique uses mimic functions as the basis to accomplish the mimicry of legitimate traffic behaviors.We also design and implement a mimicry framework for automatically creating this new type of covert timing channel.In the end, we utilize the state-of-the-art detection tests to validate the effectiveness of our mimicry approach.The experimen tal results show that the created covert timing channel can successfully evade the detection tests while achieving a considerable channel capacity.
network security covert timing channel mimic function detection resistance
Jing Wang Le Guan Limin Liu Daren Zha
Data Assurance and Communication Security Research Center,CAS,Beijing,China ; State Key Laboratory o Data Assurance and Communication Security Research Center,CAS,Beijing,China ; State Key Laboratory o University of Chinese Academy of Sciences,Beijing,China
国际会议
福州
英文
247-261
2014-05-05(万方平台首次上网日期,不代表论文的发表时间)