Abstract
Owing to their hidden natures, covert channels can be utilized such that trojan applications can communicate stealthily with each other or exchange stolen private information without being revealed. To prevent damage incurred by covert channels, researchers have preemptively scrutinized diverse covert channels that can be devised by an attacker. Although covert channels based on sensor data may interest an attacker because sensing operation is a key task in Internet of Things (IoT), we do not find any covert channel studies that adapted the Sequential Probability Ratio Test (SPRT) to sensor data except our prior study [27] , where the SPRT is applied to sensor data in Android systems before an attacker’s conception; however, our previous study showed limitations owing to the static nature of the SPRT parameter settings and the method of mapping sensor data to sample types for covert channel creation. To demonstrate that these limitations can be pacified, we propose a covert channel that dynamically applies the SPRT to sensor data in IoT. In our proposed covert channel, stealthy information bit 1 (resp. 0) is encoded to and decoded from a sequence of sensor data when the SPRT with dynamic parameter settings accepts an alternate (resp. null) hypothesis. We implement our proposed covert channel in Raspberry Pi 3 Model B devices and evaluate it in terms of various metrics. Evaluation results indicate that every encoded stealthy information byte is successfully decoded in our covert channel. Furthermore, 3.513 samples and 28.105 SPRT executions at the most are required for encoding/decoding a stealthy information byte in our devised covert channel on an average, thus resulting in fast encoding/decoding in our covert channel. Finally, our developed covert channel yields a throughput ranging from 4097.5 to 9061.67 bits/sec.
Highlights
As covert channels can be built from diverse types of stealthy methodologies that are discerned by only trojan applications, an attacker can make use of covert channels to veil the communications between trojan applications
By reducing the limitations owing to the static nature of our prior study, which is regarded as the first study to adapt the Sequential Probability Ratio Test (SRPT) to establish covert channels, we devise the DynamicSPRT-based covert channel in the Internet of Things (IoT) and evaluate it in terms of various metrics by implementing it in Raspberry Pi 3 Model B
COVERT CHANNEL ESTABLISHMENT VIA DYNAMIC ADAPTATION OF THE SPRT TO SENSOR DATA we describe in detail how the Sequential Probability Ratio Test (SPRT) [53] is dynamically applied to sensor data to build a covert channel between two distinct trojan applications running in two different IoT devices
Summary
As covert channels can be built from diverse types of stealthy methodologies that are discerned by only trojan applications, an attacker can make use of covert channels to veil the communications between trojan applications. Probability Ratio Test (SPRT) [53] to sensor data except our prior work [27] This is primarily because the SPRT statistically makes a fast decision with high accuracy concerning various problems, and it is typically employed for defense techniques against various attacks. An encoding IoT device converts incoming sequence of sensor data to a series of byte-data and randomly maps each byte-data to a sample type It probabilistically selects samples participating in the SPRT with dynamic parameter configurations We explore that guarding against our devised covert channel is challenging different types of defending mechanisms have been proposed We discover that our devised covert channel can quickly encode/decode stealthy information byte with 3.513 samples and 28.105 SPRT executions at the most, on an average.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
