Capacity estimation and auditability of network covert channels

Classical covert channel analysis has focused on channels available on a single computer: timing channels and storage channels. We characterize network covert channels. Potential network covert channels are exploited by modulating transmission characteristics. We distinguish between spatial covert channels, caused by a variation in the relative volume of communication between nodes in the network, and temporal covert channels caused by a variation in transmission characteristics over time, extending the work of Girling (1987). A model for obtaining a spatially neutral transmission schedule was given by Newman-Wolfe and Venkatraman (1991, 1992). Temporally neutral transmissions are characterized and scheduling policies to generate temporally neutral transmission schedules were given by Venkatraman and Newman-Wolfe (1993). We estimate the covert channel capacity using an adaptive scheduling policy, modeling the system as a mode secure system. Based on our measurements on the University of Florida campus-wide backbone network (UFNET), we discuss the auditability of network covert channels and suggest some handling policies to reduce the capacity of these covert channels to TCSEC acceptable levels.<<ETX>>

[1]  M A Padlipsky,et al.  Limitations of End-to-End Encryption in Secure Computer Networks , 1978 .

[2]  Stephen T. Kent,et al.  Security Mechanisms in High-Level Network Protocols , 1983, CSUR.

[3]  V. Voydock,et al.  Security in high-level network protocols , 1985, IEEE Communications Magazine.

[4]  Lance J. Hoffman,et al.  A survey of issues in computer network security , 1986, Comput. Secur..

[5]  Chii-Ren Tsai Covert-channel analysis in secure computer systems , 1987 .

[6]  Jonathan K. Millen,et al.  Covert Channel Capacity , 1987, 1987 IEEE Symposium on Security and Privacy.

[7]  C. Gray Girling,et al.  Covert Channels in LAN's , 1987, IEEE Transactions on Software Engineering.

[8]  K. W. Eggers,et al.  Characterizing network covert storage channels , 1988, [Proceedings 1988] Fourth Aerospace Computer Security Applications.

[9]  Manfred Wolf Covert Channels in LAN Protocols , 1989, LANSEC.

[10]  Richard Ward OSI Network Security and the NTCB , 1989, LANSEC.

[11]  Jonathan K. Millen Finite-state noiseless covert channels , 1989, Proceedings of the Computer Security Foundations Workshop II,.

[12]  Virgil D. Gligor,et al.  Auditing the use of covert storage channels in secure systems , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[13]  Richard E. Newman,et al.  High level prevention of traffic analysis , 1991, Proceedings Seventh Annual Computer Security Applications Conference.

[14]  Wei-Ming Hu,et al.  Reducing timing channels with fuzzy time , 1991, Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy.

[15]  Richard E. Newman,et al.  Performance analysis of a method for high level prevention of traffic analysis , 1992, [1992] Proceedings Eighth Annual Computer Security Application Conference.

[16]  Wei-Ming Hu Reducing Timing Channels with Fuzzy Time , 1992, J. Comput. Secur..

[17]  Richard E. Newman,et al.  Transmission schedules to prevent traffic analysis , 1993, Proceedings of 9th Annual Computer Security Applications Conference.

[18]  Ira S. Moskowitz,et al.  A pump for rapid, reliable, secure communication , 1993, CCS '93.

[19]  Randy Browne,et al.  Mode security: an infrastructure for covert channel suppression , 1994, Proceedings of 1994 IEEE Computer Society Symposium on Research in Security and Privacy.

[20]  Balaji R. Venkatraman,et al.  Prevention of traffic analysis and associated covert channels , 1994 .

[21]  Ira S. Moskowitz,et al.  Simple timing channels , 1994, Proceedings of 1994 IEEE Computer Society Symposium on Research in Security and Privacy.

[22]  Richard E. Newman,et al.  Performance analysis of a method for high level prevention of traffic analysis using measurements from a campus network , 1994, Tenth Annual Computer Security Applications Conference.