Robust and Efficient Covert Channel Communications in Operating Systems: Design, Implementation and Evaluation

Covert channel has been studied for years due to its ability to divulge sensitive information in computer systems. Constructing covert communication scenarios is the first step to learn the threat of a channel. There are several challenges in the existing design of covert channel communications: lacking general communicating model description, low transmission accuracy and weak anti-interference ability. In this paper, we explore how to construct robust and efficient covert channel communications in operating systems. Firstly, we design three general covert communicating protocol models: the Basic Protocol (BP), the Two-Channel Transmission Protocol (TCTP) and the Self-Adaptive Protocol (SAP). Then we implement them in Linux operating systems. To simulate real attack scenarios, a toy Trojan program extracting passwords to cooperate with the covert protocols is presented. To identify potential covert channels in Linux kernel, we use Directed Information Flow Graph (DIFG) to analyze the source code and choose last_pid and temporary files channels in our implementation. Finally we evaluate the transmitting rate and accuracy of the three protocols. The results demonstrate that without special protective measures, the TCTP can achieve rather high accuracy and rate (100% and 31bps in our lab). When equipped with some restricting or interfering mechanisms, the SAP can achieve 97% accuracy and 18bps rate. This result reveals that attackers can bypass countermeasures to steal sensitive data from victims by well-designed covert protocols.

[1]  Carla E. Brodley,et al.  IP covert timing channels: design and detection , 2004, CCS '04.

[2]  Ruby B. Lee,et al.  Covert and Side Channels Due to Processor Architecture , 2006, 2006 22nd Annual Computer Security Applications Conference (ACSAC'06).

[3]  Wei-Ming Hu,et al.  Reducing timing channels with fuzzy time , 1991, Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy.

[4]  Matt Henricksen,et al.  Side-Channel Analysis of the K2 Stream Cipher , 2010, ACISP.

[5]  Yongji Wang,et al.  XenPump: A New Method to Mitigate Timing Channel in Cloud Computing , 2012, 2012 IEEE Fifth International Conference on Cloud Computing.

[6]  Rui Wang,et al.  Side-Channel Leaks in Web Applications: A Reality Today, a Challenge Tomorrow , 2010, 2010 IEEE Symposium on Security and Privacy.

[7]  Steven Gianvecchio,et al.  Detecting covert timing channels: an entropy-based approach , 2007, CCS '07.

[8]  Yongji Wang,et al.  A Practical Covert Channel Identification Approach in Source Code Based on Directed Information Flow Graph , 2011, 2011 Fifth International Conference on Secure Software Integration and Reliability Improvement.

[9]  Michael K. Reiter,et al.  Cross-VM side channels and their use to extract private keys , 2012, CCS.

[10]  David Elliott Bell,et al.  Looking back at the Bell-La Padula model , 2005, 21st Annual Computer Security Applications Conference (ACSAC'05).

[11]  Butler W. Lampson,et al.  A note on the confinement problem , 1973, CACM.

[12]  G H Nibaldi Specification of a Trusted Computing Base (TCB) , 1979 .

[13]  Zhenyu Wu,et al.  Whispers in the Hyper-space: High-speed Covert Channel Attacks in the Cloud , 2012, USENIX Security Symposium.

[14]  K. J. Bma Integrity considerations for secure computer systems , 1977 .

[15]  Ruan Li Covert channel mitigation method for secure real-time database using capacity metric , 2008 .

[16]  Jonathan K. Millen 20 years of covert channel modeling and analysis , 1999, Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344).

[17]  Wu Jingzheng,et al.  Covert Channel Research , 2010 .

[18]  Yongji Wang,et al.  Improving performance of network covert timing channel through Huffman coding , 2012, Math. Comput. Model..

[19]  Matti A. Hiltunen,et al.  An exploration of L2 cache covert channels in virtualized environments , 2011, CCSW '11.

[20]  Michael K. Reiter,et al.  HomeAlone: Co-residency Detection in the Cloud via Side-Channel Analysis , 2011, 2011 IEEE Symposium on Security and Privacy.

[21]  Yongji Wang,et al.  Identification and Evaluation of Sharing Memory Covert Timing Channel in Xen Virtual Machines , 2011, 2011 IEEE 4th International Conference on Cloud Computing.

[22]  Steven B. Lipner,et al.  Trusted Computer System Evaluation Criteria ( Orange Book ) December , 2001 .

[23]  Wang Yong-Ji,et al.  New Definition of Small Message Criterion and Its Application in Transaction Covert Channel Mitigating , 2009 .

[24]  Hovav Shacham,et al.  Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds , 2009, CCS.

[25]  Sebastian Zander,et al.  A survey of covert channels and countermeasures in computer network protocols , 2007, IEEE Communications Surveys & Tutorials.