Covert channel attacks in pervasive computing

Abstract

Ensuring security in pervasive computing systems is an essential pre-requisite for their deployment. Typically, such systems are reliant on wireless networks for communication; however, whilst a considerable amount of attention has been given to cryptographic mechanisms for securing that wireless link, almost none has been devoted to the creation of covert channels capable of circumventing perimeter security. In systems that embody an element of control, covert channels offer the potential both to leak information that might be considered private and to alter the operation of the system in ways that are undesirable or unsafe. In this paper, we present two novel forms of covert channel designed to leak information from a compromised node within a secured network in ways that are statistically undetectable by other parts of that system. These two attacks rely on: modulation of transmission power, which impacts the RSSI/LQI of a message; and modulation of sensor data in a way that can be seen in the encrypted form of that data. We report the results of an extensive set of practical experiments designed to assess the channel capacity of these covert channels. Overall, this paper demonstrates that the creation of undetectable covert channels is a practical proposition in pervasive computing systems. This, in turn, has implications for key distribution: the use of individual, rather than group, keys is necessary to limit the exposure caused by a successful covert channel attack.