Inaudible sound covert channel with anti-jamming capability: Attacks vs. countermeasure

Abstract

When an inaudible sound covert channel (ISCC) attack is launched inside a computer system, sensitive data are converted to inaudible sound waves and then transmitted. The receiver at the other end picks up the sound signal, from which the original sensitive data can be recovered. As a forceful countermeasure against the ISCC attack, strong noise can be used to jam the channel and literally shut down any possible sound data transmission. In this paper, enhanced ISCC whose transmission frequency can be dynamically changed is proposed. Essentially, if the transmitter detects that the covert channel is being jammed, the transmitter and receiver both will switch to another available frequency and re-establish their communications, following the proposed communications protocol. Experimental results show that the proposed enhanced ISCC can remain connected even in the presence of a strong jamming noise source. Correspondingly, a detection method based on frequency scanning is proposed to help to combat such an anti-jamming sound channel. With the proposed countermeasure, the bit error rate (BER) of the data communications over enhanced ISCC soars to more than 48%, essentially shutting down the data transmission, and thus neutralizing the security threat.