Communication using phantoms: covert channels in the Internet
暂无分享,去创建一个
We consider the problem of determining the transport capacity of point-to-point and broadcast channels implemented on top of a network that enforces max-min fair bandwidth allocations in its routers. Our main finding is that the use of inefficient codes to represent data that is intended to be used solely for network control operations (such as routing, sequencing, etc.), gives rise to the unintended creation of a covert channel. Sources can encode some information for their destinations into network control bits (on top of the standard method of encoding data into payload bits), by means of a mechanism which we refer to as the generation of "phantom" packets. Although phantoms provide only a marginal bandwidth increase, they could have potentially vast reaching implications in terms of security issues.
[1] Thomas M. Cover,et al. Broadcast channels , 1972, IEEE Trans. Inf. Theory.
[2] Robert G. Gallager,et al. Basic limits on protocol information in data communication networks , 1976, IEEE Trans. Inf. Theory.
[3] Martin Vetterli,et al. Codes for the Fold-Sum Channel , 2001 .
[4] Martin Vetterli,et al. Video multicast over fair queueing networks , 2000, Proceedings 2000 International Conference on Image Processing (Cat. No.00CH37101).