Abstract

Virtualization technology is nowadays adopted in security-critical embedded systems to achieve higher performance and more design flexibility. However, it also comes with new security threats, where attackers leverage timing covert channels to exfiltrate sensitive information from a partition using a trojan. This paper presents a novel approach for the experimental assessment of timing covert channels in embedded hypervisors, with a case study on security assessment of a commercial hypervisor product (Wind River VxWorks MILS), in cooperation with a licensed laboratory for the Common Criteria security certification. Our experimental analysis shows that it is indeed possible to establish a timing covert channel, and that the approach is useful for system designers for assessing that their configuration is robust against this kind of information leakage.

Full Text
Paper version not known

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
Covert Timing Channels for IoT over Mobile Networks
Yu-An Tan ... Quanxin Zhang
IEEE Wireless Communications | VOL. 25
Yu-An Tan, et. al.Yu-An Tan ... Quanxin Zhang
01 Dec 2018
Automatic detection of illegal transmission in a network
S Sangamdace ... K Ksirajudeen
-
S Sangamdace, et. al.S Sangamdace ... K Ksirajudeen
01 Jul 2012
Evaluation of the timing covert channel capacity considering packet transfer time distribution
A.I Belozubova ... A.V Epishkina
Highly available systems | VOL. -
A.I Belozubova, et. al.A.I Belozubova ... A.V Epishkina
01 Jan 2020
Covert Timing Channels Detection Based on Auxiliary Classifier Generative Adversarial Network
Chonggao Sun ... Yonghong Chen
IEEE Open Journal of the Computer Society | VOL. 2
Chonggao Sun, et. al.Chonggao Sun ... Yonghong Chen
01 Jan 2020
View more papers

More From: Computers & Security

Paper Title
Journal
Date
Author
DGIDS: Dynamic graph-based intrusion detection system for CAN
Jiaru Song ... Minghui Sun
Computers & Security | VOL. -
Jiaru Song, et. al.Jiaru Song ... Minghui Sun
01 Aug 2024
Anomaly detection for multivariate time series in IoT using discrete wavelet decomposition and dual graph attention networks
Shujiang Xie ... Yian Zhu
Computers & Security | VOL. -
Shujiang Xie, et. al.Shujiang Xie ... Yian Zhu
01 Aug 2024
Cybersecurity Behavior Change: A conceptualization of Ethical Principles for Behavioral Interventions
Konstantinos Mersinas ... Steven Furnell
Computers & Security | VOL. -
Konstantinos Mersinas, et. al.Konstantinos Mersinas ... Steven Furnell
01 Aug 2024
Data Privacy and Cybersecurity Challenges in the Digital Transformation of the Banking Sector
Muhammad Asif ... Muhammad Ashfaq
Computers & Security | VOL. -
Muhammad Asif, et. al.Muhammad Asif ... Muhammad Ashfaq
01 Aug 2024
View more papers

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.