Please use this identifier to cite or link to this item: http://hdl.handle.net/10397/38042
Title: TCP covert timing channels : design and detection
Authors: Luo, X
Chan, EWW
Chang, RKC 
Keywords: IP networks
Internet
Channel capacity
Computer network reliability
Decoding
Feedback
Transport protocols
Issue Date: 2008
Source: IEEE International Conference on Dependable Systems and Networks with FTCS and DCC, 2008 : DSN 2008 ; 24 - 27 June 2008, Anchorage, Alaska, p. 420-429 How to cite?
Abstract: Exploiting packetspsila timing information for covert communication in the Internet has been explored by several network timing channels and watermarking schemes. Several of them embed covert information in the inter-packet delay. These channels, however, can be detected based on the perturbed traffic pattern, and their decoding accuracy could be degraded by jitter, packet loss and packet reordering events. In this paper, we propose a novel TCP-based timing channel, named TCPScript to address these shortcomings. TCPScript embeds messages in ldquonormalrdquo TCP data bursts and exploits TCPpsilas feedback and reliability service to increase the decoding accuracy. Our theoretical capacity analysis and extensive experiments have shown that TCPScript offers much higher channel capacity and decoding accuracy than an IP timing channel and JitterBug. On the countermeasure, we have proposed three new metrics to detect aggressive TCPScript channels.
URI: http://hdl.handle.net/10397/38042
ISBN: 978-1-4244-2397-2
978-1-4244-2398-9 (E-ISBN)
DOI: 10.1109/DSN.2008.4630112
Appears in Collections:Conference Paper

Access
View full-text via PolyU eLinks SFX Query
Show full item record

SCOPUSTM   
Citations

19
Citations as of Feb 26, 2017

WEB OF SCIENCETM
Citations

11
Last Week
0
Last month
Citations as of Aug 14, 2017

Page view(s)

20
Last Week
1
Last month
Checked on Aug 13, 2017

Google ScholarTM

Check

Altmetric



Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.