Robust and undetectable steganographic timing channels for i.i.d. traffic

Authors:
Yali Liu;Dipak Ghosal;Frederik Armknecht;Ahmad-Reza Sadeghi;Steffen Schulz;Stefan Katzenbeisser
Affiliations:
Department of Electrical and Computer Engineering, UC Davis;Department of Computer Science, University of California, Davis;Horst-Görtz Institute for IT-Security, Ruhr-University Bochum, Germany;Horst-Görtz Institute for IT-Security, Ruhr-University Bochum, Germany;Horst-Görtz Institute for IT-Security, Ruhr-University Bochum, Germany;Department of Computer Science, Technische Universität Darmstadt, Germany
Venue:
IH'10 Proceedings of the 12th international conference on Information hiding
Year:
2010

Citing 12
Cited 4

Wide area traffic: the failure of Poisson modeling

IEEE/ACM Transactions on Networking (TON)
IP covert timing channels: design and detection

Proceedings of the 11th ACM conference on Computer and communications security
Keyboards and covert channels

USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15
Detecting covert timing channels: an entropy-based approach

Proceedings of the 14th ACM conference on Computer and communications security
Network covert channels: design, analysis, detection, and elimination

Network covert channels: design, analysis, detection, and elimination
Model-Based Covert Timing Channels: Automated Modeling and Evasion

RAID '08 Proceedings of the 11th international symposium on Recent Advances in Intrusion Detection
IP Covert Channel Detection

ACM Transactions on Information and System Security (TISSEC)
Covert timing channels codes for communication over interactive traffic

ICASSP '09 Proceedings of the 2009 IEEE International Conference on Acoustics, Speech and Signal Processing
Hide and seek in time: robust covert timing channels

ESORICS'09 Proceedings of the 14th European conference on Research in computer security
A Survey of Covert Channels and Countermeasures in Computer Network Protocols

IEEE Communications Surveys & Tutorials
Bits through queues

IEEE Transactions on Information Theory
An information-theoretic and game-theoretic study of timing channels

IEEE Transactions on Information Theory

Predictive black-box mitigation of timing channels

Proceedings of the 17th ACM conference on Computer and communications security
CoCo: coding-based covert timing channels for network flows

IH'11 Proceedings of the 13th international conference on Information hiding
SoNIC: precise realtime software access and control of wired networks

nsdi'13 Proceedings of the 10th USENIX conference on Networked Systems Design and Implementation
PHY covert channels: can you see the idles?

NSDI'14 Proceedings of the 11th USENIX Conference on Networked Systems Design and Implementation

Quantified Score

Hi-index	0.00

Visualization

Abstract

Steganographic timing channels exploit inter-packet delays in network traffic to transmit secret messages. The two most important design goals are undetectability and robustness. In previous proposals undetectability has been validated only against a set of known statistical methods, leaving the resistance against possible future attacks unclear. Moreover, many existing schemes do not provide any robustness at all. In this paper, we introduce a steganographic timing channel that is both robust and provably undetectable for network traffic with independent and identically distributed (i.i.d.) inter-packet delays. I.i.d. traffic models are very useful because they are simple to analyze, and constitute essential elements of many advanced network traffic models. In contrast to previous work on i.i.d. traffic we do not rely on any strong assumptions, e.g., bounded jitter, but require only the existence of a cryptographically secure pseudorandom generator. We verify the effectiveness of our approach by conducting a series of experiments on Telnet traffic and discuss the trade off between various encoding and modulation parameters.