An Empirical Bandwidth Analysis of Interrupt-Related Covert Channels
نویسندگان
چکیده
We empirically evaluate interrupt-related covert channels, in short IRCCs, a type of covert channel that leverages hardware interrupts for communication. The evaluation is based on an exploit of IRCCs that we implemented as a proof-of-concept. We use a combination of experimental evaluation and information-theoretic analysis to compute the bandwidth of the channel on a concrete system. Our analysis shows a channel bandwidth of IRCCs based on interrupts of network interface cards (NICs) of approximately 5 bit/s. Besides the channel bandwidth, our experiments revealed previously unnoticed properties of IRCCs based on interrupts of NICs. While side channels based on hardware interrupts have been discussed before, this is the first experimental evaluation of covert channels based on hardware interrupts.
منابع مشابه
Information-Theoretic Modeling and Analysis of Interrupt-Related Covert Channels
Appeared in P. Degano et al. (Ed.): Preproceedings of FAST 2008; c © Springer-Verlag (to be transferred) Abstract. We present a formal model for analyzing the bandwidth of covert channels. The focus is on channels that exploit interrupt-driven communication, which have been shown to pose a serious threat in practical experiments. Our work builds on our earlier model [1], which we used to compar...
متن کاملDesign and Implementation of an Active Warden Addressing Protocol Switching Covert Channels
Network covert channels enable a policy-breaking network communication (e.g., within botnets). Within the last years, new covert channel techniques occurred which are based on the capability of protocol switching. There are currently no means available to counter these new techniques. In this paper we present the first approach to effectively limit the bandwidth of such covert channels by intro...
متن کاملHello from the Other Side: SSH over Robust Cache Covert Channels in the Cloud
Covert channels evade isolation mechanisms between multiple parties in the cloud. Especially cache covert channels allow the transmission of several hundred kilobits per second between unprivileged user programs in separate virtual machines. However, caches are small and shared and thus cache-based communication is susceptible to noise from any system activity and interrupts. The feasibility of...
متن کاملCovert Messaging through TCP Timestamps
We present a protocol for sending data over a common class of low-bandwidth covert channels. Covert channels exist in most communications systems and allow individuals to communicate truly undetectably. However, covert channels are seldom used due to their complexity. Our protocol is both practical and secure against attack by powerful adversaries. We implement our protocol on a standard platfo...
متن کاملDetection And Elimination Of Covert Communication In Transport And Internet Layer – A Survey
Covert channels use stealth communications to compromise the security policies of systems. They constitute an important security threat since they can be used to exfiltrate confidential data from networks. TCP/IP protocols are used everyday and are subject to covert channels problems. Covert channels are used for the secret transfer of information. Encryption only protects communication from be...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- IJSSE
دوره 6 شماره
صفحات -
تاریخ انتشار 2015