Abstract
Covert channel attacks pose a threat to the security of critical infrastructure and key resources (CIKR). To design defenses and countermeasures against this threat, we must understand all classes of covert channel attacks along with their properties. Network-based covert channels have been studied in great detail in previous work, although several other classes of covert channels (hardware-based and operating system-based) are largely unexplored. One of our contributions is investigating these classes by designing, implementing, and experimentally evaluating several specific covert channel attacks. We implement and evaluate hardware-based and operating system-based attacks and show significant differences in their properties and mechanisms. We also present channel capacity differences among the various attacks, which span three orders of magnitude. Furthermore, we present the concept of hybrid covert channel attacks which use two or more communication categories to transport data. Hybrid covert channels can be qualitatively harder to detect and counter than traditional covert channels. Finally, we summarize the lessons learned through covert channel attack design and implementation, which have important implications for critical asset protection and risk analysis. The study also facilitates the development of countermeasures to protect CIKR systems against covert channel attacks.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
