An Application Layer Covert Channel: Information Hiding With Cha ng

The purpose of our project was the implementation of an application-layer covert channel, with guaranteed con dentiality via cha ng. A covert channel is a means of passing information between two parties in such a manner that the existence of the communication channel itself is not obvious to the casual observer. Additionally, the implementation of a covert channel is enhanced through encryptionless security { through clever uses of steganography in the covert channel itself, even if an observer is aware that a covert channel exists, he will not be able to recover the information which is being sent across the channel. The proposed covert channel achieves privacy through cha ng and winnowing, an alternative to encryption which instead pads useful (\wheat") bits with garbage (\cha ") bits, such that only the intended receiver will be able to determine which bits are wheat and which are cha . The goal of this project was to create a practical covert channel, such that even an active, capable administrator or observer would nd it very di cult or be very unlikely to detect the channel. Even after detecting the channel and possibly recovering the data, the administrator should still be unable to understand the transmitted message. A covert channel can be described as a type of communication channel operating such that it can be utilized to somehow violate system security policy. A covert channel is not part of the actual computer system design; rather, the channel serves as a means of transmitting a stream of bits from the sender to receiver in such a way that the very existence of a communication channel cannot be veri ed without full knowledge of the channel details. [7] Covert channels have a number of applications. Information can be transmitted secretly in a number of ways. Common ideas include through process table information, over networks (local and wide), through les. Covert channels are often implemented at the transport layer. In the case of TCP/IP, it is fairly trivial to develop applications such as those described below. [11]