Please use this identifier to cite or link to this item:
Title: Robust network covert communications based on TCP and enumerative combinatorics
Authors: Luo, X 
Chan, EWW
Zhou, P
Chang, RKC 
Keywords: covert channel detection
Enumerative Combinatorics
Network covert channel
timing channel
Issue Date: 2012
Publisher: Institute of Electrical and Electronics Engineers
Source: IEEE transactions on dependable and secure computing, 2012, v. 9, no. 6, 6255743, p. 890-902 How to cite?
Journal: IEEE transactions on dependable and secure computing 
Abstract: The problem of communicating covertly over the Internet has recently received considerable attention from both industry and academic communities. However, the previously proposed network covert channels are plagued by their unreliability and very low data rate. In this paper, we show through a new class of timing channels coined as Cloak that it is possible to devise a 100 percent reliable covert channel and yet offer a much higher data rate (up to an order of magnitude) than the existing timing channels. Cloak is novel in several aspects. First, Cloak uses the different combinations of N packets sent over X flows in each round to represent a message. The combinatorial nature of the encoding methods increases the channel capacity largely with (N,X). Second, based on the well-known 12-fold Way, Cloak offers 10 different encoding and decoding methods, each of which has a unique tradeoff among several important considerations, such as channel capacity and camouflage capability. Third, the packet transmissions modulated by Cloak can be carefully crafted to mimic normal TCP flows for evading detection. We have implemented Cloak and evaluated it in the PlanetLab and a controlled testbed. The results show that it is not uncommon for Cloak to have an order of channel goodput improvement over the IP Timing channel and JitterBug. Moreover, Cloak does not suffer from any message loss under various loss and reordering scenarios.
ISSN: 1545-5971
EISSN: 1941-0018
DOI: 10.1109/TDSC.2012.64
Appears in Collections:Journal/Magazine Article

View full-text via PolyU eLinks SFX Query
Show full item record


Last Week
Last month
Citations as of Nov 3, 2018


Last Week
Last month
Citations as of Nov 12, 2018

Page view(s)

Last Week
Last month
Citations as of Nov 11, 2018

Google ScholarTM



Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.