A Technique to Limit Hybrid Covert Channel Capacity via Random Increasing of Packets’ Lengths

Abstract

Currently, due to the development and widespread use of communication systems, information security problems are very acute. Very often information leakage causes huge damage to both organizations and individuals. One of the mechanisms to organize information leakage during its transmission through communication channels is the construction of covert channels. Everywhere used packet networks provide huge opportunities for covert channels creating, which often leads to leakage of critical data. Packet length covert channels are resistant to traffic encryption, but there are some data transfer schemes that are difficult to detect. Therefore investigating of hybrid covert channel that uses both packet length and time is quite important. The purpose of this paper is to suggest a technique to protect data leakage via random increasing of packets’ lengths. The verification of the technique concerns with covert channel capacity examination depending on covert channel input parameters and countermeasure parameters. The authors have chosen the best scheme of a covert channel in terms of a residual covert channel capacity. The construction of covert channel shows that countermeasures applied don’t lead to errors. The main advantage of the scheme investigated is as follows: lengths of the transmitted packets take limited number of values that significantly increases the complexity of building such a channel and the ability to detect it.