A Hybrid Covert Channel with Feedback over Mobile Networks

In the existing network covert channel research, the transmission of secret messages is one-way, lacking confirmation feedback on whether the secret message is successfully accepted. However, VoLTE has real-time interactive features, and the data packets between the sender and the receiver are transmitted in both directions, which facilitates the construction of a two-way covert channel with feedback. Therefore, we propose a hybrid covert channel over mobile networks, which includes a sender-to-receiver covert timing channel that modulates covert message through actively dropping packets during the silence periods and a reverse covert storage channel that hides the acceptance of the covert message as feedback information into the feedback control information field of the RTCP packet. The sender evaluates the current attack severity according to the feedback and adjusts the real-time parameters of the covert timing channel to weigh the robustness and other performance. Experimental results show that this solution can effectively feedback the transmission of the covert message while keeping undetectable and robust.

[1]  C. Brodley,et al.  Network covert channels: design, analysis, detection, and elimination , 2006 .

[2]  Liehuang Zhu,et al.  A packet-reordering covert channel over VoLTE voice and video traffics , 2019, J. Netw. Comput. Appl..

[3]  Yuanzhang Li,et al.  A Covert Channel Over VoLTE via Adjusting Silence Periods , 2018, IEEE Access.

[4]  Nikita Borisov,et al.  CoCo: Coding-Based Covert Timing Channels for Network Flows , 2011, Information Hiding.

[5]  Kim-Kwang Raymond Choo,et al.  Exfiltrating data from Android devices , 2015, Comput. Secur..

[6]  Zhijun Wu,et al.  An approach of steganography in G.729 bitstream based on matrix coding and interleaving , 2015 .

[7]  Wojciech Mazurczyk,et al.  Evaluation of steganographic methods for oversized IP packets , 2012, Telecommun. Syst..

[8]  Chen Liang,et al.  An end-to-end covert channel via packet dropout for mobile networks , 2018, Int. J. Distributed Sens. Networks.

[9]  Gordon B. Agnew,et al.  Turbo covert channel: An iterative framework for covert communication over data networks , 2013, 2013 Proceedings IEEE INFOCOM.

[10]  Butler W. Lampson,et al.  A note on the confinement problem , 1973, CACM.

[11]  Yongji Wang,et al.  Improving performance of network covert timing channel through Huffman coding , 2012, Math. Comput. Model..

[12]  Chen Liang,et al.  Building covert timing channels by packet rearrangement over mobile networks , 2018, Inf. Sci..

[13]  Javier López,et al.  Covert communications through network configuration messages , 2013, Comput. Secur..

[14]  Chen Liang,et al.  Covert Timing Channels for IoT over Mobile Networks , 2018, IEEE Wireless Communications.

[15]  Craig A. Shue,et al.  Reporting Insider Threats via Covert Channels , 2013, 2013 IEEE Security and Privacy Workshops.

[16]  Vijay Varadharajan,et al.  The Silence of the LANs: Efficient Leakage Resilience for IPsec VPNs , 2012, IEEE Transactions on Information Forensics and Security.