Evaluation of the timing covert channel capacity considering packet transfer time distribution

Author(s):  
A.I. Belozubova ◽  
A.V. Epishkina ◽  
K.G. Kogos

Lampson was the first to introduce a covert channel as a channel that was not designed for information transmission. The problem of information leakage via network covert channels has a large scale due to the facts that IP protocol is widely used and has a lot of features to use it for hidden information transmission. Usually covert channels are divided into two groups by transmission technic: storage and timing covert channels. In the paper authors provide brief survey for network timing and storage covert channels as well as methods of information leakage counteraction. According to best practices, information systems and infrastructure have an information security policy with the requirements about allowable level of covert channel capacity. However, to take a decision about any method activation it is important not to allow underestimation of covert channel capacity. For the effective prevention of information leakage via network covert channels authors suggest a way to assess timing covert channel capacity. Two binary timing channels have been investigated: on/off and channel based on inter packet intervals modulation. In on/off covert channel the sender sends a packet during a preliminarily agreed time interval to transmit the bit «1» and does not send to transmit the bit «0». In a covert channel based on inter packet intervals modulation the sender sends packets with different time intervals defining different bits. The scientific novelty consists in taking into account network load conditions while assessing maximum amount of information that can be stealthily transmitted from secure infrastructure to an illegitimate receiver beyond secure perimeter. Authors investigated cases when packet transfer time from the sender to the receiver in the network (PTT) is defined by normal and exponential distribution – the most common distribution according to current research. Covert channel capacity is evaluated as a function of covert channel parameters and parameters of the PTT distribution (DPTT). Conducted research shows that in case when secure officer does not take into account typical load for the network and DPTT type maximum covert channel capacity will most likely be underestimated. If allowable level of covert channel capacity is set up, obtained results allow to take right decision about activation of countermeasures to prevent information leakage.

2021 ◽  
Vol 54 (3) ◽  
pp. 1-36
Author(s):  
Wenjie Xiong ◽  
Jakub Szefer

Transient execution attacks, also known as speculative execution attacks, have drawn much interest in the last few years as they can cause critical data leakage. Since the first disclosure of Spectre and Meltdown attacks in January 2018, a number of new transient execution attack types have been demonstrated targeting different processors. A transient execution attack consists of two main components: transient execution itself and a covert channel that is used to actually exfiltrate the information.Transient execution is a result of the fundamental features of modern processors that are designed to boost performance and efficiency, while covert channels are unintended information leakage channels that result from temporal and spatial sharing of the micro-architectural components. Given the severity of the transient execution attacks, they have motivated computer architects in both industry and academia to rethink the design of the processors and to propose hardware defenses. To help understand the transient execution attacks, this survey summarizes the phases of the attacks and the security boundaries across which the information is leaked in different attacks.This survey further analyzes the causes of transient execution as well as the different types of covert channels and presents a taxonomy of the attacks based on the causes and types. This survey in addition presents metrics for comparing different aspects of the transient execution attacks and uses them to evaluate the feasibility of the different attacks. This survey especially considers both existing attacks and potential new attacks suggested by our analysis. This survey finishes by discussing different mitigations that have so far been proposed at the micro-architecture level and discusses their benefits and limitations.


Author(s):  
Kazantsev Anatolii ◽  
Kazantseva Lilia

ABSTRACT The paper analyses possible transfers of bodies from the main asteroid belt (MBA) to the Centaur region. The orbits of asteroids in the 2:1 mean motion resonance (MMR) with Jupiter are analysed. We selected the asteroids that are in resonant orbits with e > 0.3 whose absolute magnitudes H do not exceed 16 m. The total number of the orbits amounts to 152. Numerical calculations were performed to evaluate the evolution of the orbits over 100,000-year time interval with projects for the future. Six bodies are found to have moved from the 2:1 commensurability zone to the Centaur population. The transfer time of these bodies to the Centaur zone ranges from 4,600 to 70,000 yr. Such transfers occur after orbits leave the resonance and the bodies approach Jupiter Where after reaching sufficient orbital eccentricities bodies approach a terrestrial planet, their orbits go out of the MMR. Accuracy estimations are carried out to confirm the possible asteroid transfers to the Centaur region.


Author(s):  
Kirti Chawla ◽  
Gabriel Robins

RFID technology can help competitive organizations optimize their supply chains. However, it may also enable adversaries to exploit covert channels to surreptitiously spy on their competitors. We explain how tracking tags and compromising readers can create covert channels in supply chains and cause detrimental economic effects. To mitigate such attacks, the authors propose a framework that enables an organization to monitor its supply chain. The supply chain is modeled as a network flow graph, where tag flow is verified at selected key nodes, and covert channels are actively sought. While optimal taint checkpoint node selection is algorithmically intractable, the authors propose node selection and flow verification heuristics with various tradeoffs. The chapter discusses economically viable countermeasures against supply chain-based covert channels, and suggests future research directions.


2014 ◽  
Vol 2014 ◽  
pp. 1-14 ◽  
Author(s):  
Ahmed Al-Haiqi ◽  
Mahamod Ismail ◽  
Rosdiadee Nordin

Covert channels are not new in computing systems, and have been studied since their first definition four decades ago. New platforms invoke thorough investigations to assess their security. Now is the time for Android platform to analyze its security model, in particular the two key principles: process-isolation and the permissions system. Aside from all sorts of malware, one threat proved intractable by current protection solutions, that is, collusion attacks involving two applications communicating over covert channels. Still no universal solution can countermeasure this sort of attack unless the covert channels are known. This paper is an attempt to reveal a new covert channel, not only being specific to smartphones, but also exploiting an unusual resource as a vehicle to carry covert information: sensors data. Accelerometers generate signals that reflect user motions, and malware applications can apparently only read their data. However, if the vibration motor on the device is used properly, programmatically produced vibration patterns can encode stolen data and hence an application can cause discernible effects on acceleration data to be received and decoded by another application. Our evaluations confirmed a real threat where strings of tens of characters could be transmitted errorless if the throughput is reduced to around 2.5–5 bps. The proposed covert channel is very stealthy as no unusual permissions are required and there is no explicit communication between the colluding applications.


2019 ◽  
Vol 33 (05) ◽  
pp. 1950033 ◽  
Author(s):  
Ming-Hui Zhang ◽  
Jin-Ye Peng ◽  
Zheng-Wen Cao

Quantum dialogue can realize the mutual transmission of secret information between two legal users. In most of the existing quantum dialogue protocols, the information carriers applied in quantum dialogue are discrete variable (DV) quantum states. However, there are certain limitations on the preparation and detection of DV quantum states with current techniques. Continuous variable (CV) quantum states can overcome these problems effectively while improving the quantum channel capacity. In this paper, we propose a quantum dialogue protocol with four-mode continuous variable GHZ state. Compared with the existing CV-based quantum dialogue protocols, the protocol allows two users to transmit two groups of secret information with different lengths to each other simultaneously. The channel capacity of the protocol has been improved as each traveling mode carries two- or four-bits of information. In addition, the protocol has been proved to be secure against information leakage problem and some common attacks, such as beam splitter attack and intercept-and-resend attack.


2020 ◽  
Vol 2020 ◽  
pp. 1-20
Author(s):  
Jing Tian ◽  
Gang Xiong ◽  
Zhen Li ◽  
Gaopeng Gou

In order to protect user privacy or guarantee free access to the Internet, the network covert channel has become a hot research topic. It refers to an information channel in which the messages are covertly transmitted under the network environment. In recent years, many new construction schemes of network covert channels are proposed. But at the same time, network covert channel has also received the attention of censors, leading to many attacks. The network covert channel refers to an information channel in which the messages are covertly transmitted under the network environment. Many users exploit the network covert channel to protect privacy or guarantee free access to the Internet. Previous construction schemes of the network covert channel are based on information steganography, which can be divided into CTCs and CSCs. In recent years, there are some covert channels constructed by changing the transmission network architecture. On the other side, some research work promises that the characteristics of emerging network may better fit the construction of the network covert channel. In addition, the covert channel can also be constructed by changing the transmission network architecture. The proxy and anonymity communication technology implement this construction scheme. In this paper, we divide the key technologies for constructing network covert channels into two aspects: communication content level (based on information steganography) and transmission network level (based on proxy and anonymity communication technology). We give an comprehensively summary about covert channels at each level. We also introduce work for the three new types of network covert channels (covert channels based on streaming media, covert channels based on blockchain, and covert channels based on IPv6). In addition, we present the attacks against the network covert channel, including elimination, limitation, and detection. Finally, the challenge and future research trend in this field are discussed.


2019 ◽  
Vol 10 (2) ◽  
pp. 64
Author(s):  
Norhayati Sarmoen ◽  
Haliyana Khalid ◽  
Siti Zaleha Abd Rasid ◽  
Shathees A L Baskaran ◽  
Rohaida Basiruddin

The utilization of the Information and Communications Technology (ICT), such as the Internet and electronic mail (e-mail) has made communication nowadays easier, faster and has tremendously reduced the usage of paper. However, if the usage of internet is not properly managed, the possibility of confidential information leakage from the inside of the organization to other entities outside of the organization may occur. The impacts of this malicious activity are beyond the boundaries and cannot be controlled despite implementing various preventive steps and enforcing various regulations.  Previous studies have outlined different factors in influencing information leakages in various organizations. However, none had really identified the severity of the factors up to this day. This research hopes to fill this gap, by focusing on staff in Majlis Perbandaran Pasir Gudang (MPPG), Johor, Malaysia. This study covers factors related to human behaviour which have led towards the cases of information breach. The factors include the lack of understanding of information policy, the lack of training, poor management support and the insensitivity of the staffs toward safeguarding the information from falling to the wrong hands. Thus, it is suggested that the ICT security protection needs to be robust, secure and reliable so that the use of the internet or social media will not only enhance the communication efficiency, but also to ensure that the information security in an organization is at the most optimum level.


2020 ◽  
Vol 26 (5) ◽  
pp. 615-622 ◽  
Author(s):  
Ameer E Hassan ◽  
Victor M Ringheanu ◽  
Rani R Rabah ◽  
Laurie Preston ◽  
Wondwossen G Tekle ◽  
...  

Background Recently approved artificial intelligence (AI) software utilizes AI powered large vessel occlusion (LVO) detection technology which automatically identifies suspected LVO through CT angiogram (CTA) imaging and alerts on-call stroke teams. We performed this analysis to determine if utilization of AI software and workflow platform can reduce the transfer time (time interval between CTA at a primary stroke center (PSC) to door-in at a comprehensive stroke center (CSC)). Methods We compared the transfer time for all LVO transfer patients from a single spoke PSC to our CSC prior to and after incorporating AI Software (Viz.ai LVO). Using a prospectively collected stroke database at a CSC, demographics, mRS at discharge, mortality rate at discharge, length of stay (LOS) in hospital and neurological-ICU were examined. Results There were a total of 43 patients during the study period (median age 72.0 ± 12.54 yrs., 51.16% women). Analysis of 28 patients from the pre-AI software (median age 73.5 ± 12.28 yrs., 46.4% women), and 15 patients from the post-AI software (median age 70.0 ± 13.29 yrs., 60.00% women). Following implementation of AI software, median CTA time at PSC to door-in at CSC was significantly reduced by an average of 22.5 min. (132.5 min versus 110 min; p = 0.0470). Conclusions The incorporation of AI software was associated with an improvement in transfer times for LVO patients as well as a reduction in the overall hospital LOS and LOS in the neurological-ICU. More extensive studies are warranted to expand on the ability of AI technology to improve transfer times and outcomes for LVO patients.


Sign in / Sign up

Export Citation Format

Share Document