中国科学院软件研究所机构知识库
Advanced  
ISCAS OpenIR  > 软件所图书馆  > 会议论文
Title:
Robust and efficient covert channel communications in operating systems: Design, implementation and evaluation
Author: Lin, Yuqi (1) ; Ding, Liping (1) ; Wu, Jingzheng (1) ; Xie, Yalong (1) ; Wang, Yongji (1)
Conference Name: 7th International Conference on Software Security and Reliability, SERE-C 2013
Conference Date: June 18, 2013 - June 20, 2013
Issued Date: 2013
Conference Place: Gaithersburg, MD, United states
Publish Place: IEEE Computer Society, 2001 L Street N.W., Suite 700, Washington, DC 20036-4928, United States
Indexed Type: EI
Department: (1) National Engineering Research Center for Fundamental Software, Institute of Software, China; (2) State Key Laboratory of Computer Science, Institute of Software, China; (3) Graduate University, Chinese Academy of Sciences, Beijing 100049, China
Abstract: Covert channel has been studied for years due to its ability to divulge sensitive information in computer systems. Constructing covert communication scenarios is the first step to learn the threat of a channel. There are several challenges in the existing design of covert channel communications: lacking general communicating model description, low transmission accuracy and weak anti-interference ability. In this paper, we explore how to construct robust and efficient covert channel communications in operating systems. Firstly, we design three general covert communicating protocol models: the Basic Protocol (BP), the Two-Channel Transmission Protocol (TCTP) and the Self-Adaptive Protocol (SAP). Then we implement them in Linux operating systems. To simulate real attack scenarios, a toy Trojan program extracting passwords to cooperate with the covert protocols is presented. To identify potential covert channels in Linux kernel, we use Directed Information Flow Graph (DIFG) to analyze the source code and choose last-pid and temporary files channels in our implementation. Finally we evaluate the transmitting rate and accuracy of the three protocols. The results demonstrate that without special protective measures, the TCTP can achieve rather high accuracy and rate (100% and 31bps in our lab). When equipped with some restricting or interfering mechanisms, the SAP can achieve 97% accuracy and 18bps rate. This result reveals that attackers can bypass countermeasures to steal sensitive data from victims by well-designed covert protocols. © 2013 IEEE.
English Abstract: Covert channel has been studied for years due to its ability to divulge sensitive information in computer systems. Constructing covert communication scenarios is the first step to learn the threat of a channel. There are several challenges in the existing design of covert channel communications: lacking general communicating model description, low transmission accuracy and weak anti-interference ability. In this paper, we explore how to construct robust and efficient covert channel communications in operating systems. Firstly, we design three general covert communicating protocol models: the Basic Protocol (BP), the Two-Channel Transmission Protocol (TCTP) and the Self-Adaptive Protocol (SAP). Then we implement them in Linux operating systems. To simulate real attack scenarios, a toy Trojan program extracting passwords to cooperate with the covert protocols is presented. To identify potential covert channels in Linux kernel, we use Directed Information Flow Graph (DIFG) to analyze the source code and choose last-pid and temporary files channels in our implementation. Finally we evaluate the transmitting rate and accuracy of the three protocols. The results demonstrate that without special protective measures, the TCTP can achieve rather high accuracy and rate (100% and 31bps in our lab). When equipped with some restricting or interfering mechanisms, the SAP can achieve 97% accuracy and 18bps rate. This result reveals that attackers can bypass countermeasures to steal sensitive data from victims by well-designed covert protocols. © 2013 IEEE.
Language: 英语
Content Type: 会议论文
URI: http://ir.iscas.ac.cn/handle/311060/16646
Appears in Collections:软件所图书馆_会议论文

Files in This Item:

There are no files associated with this item.


Recommended Citation:
Lin, Yuqi ,Ding, Liping ,Wu, Jingzheng ,et al. Robust and efficient covert channel communications in operating systems: Design, implementation and evaluation[C]. 见:7th International Conference on Software Security and Reliability, SERE-C 2013. Gaithersburg, MD, United states. June 18, 2013 - June 20, 2013.
Service
Recommend this item
Sava as my favorate item
Show this item's statistics
Export Endnote File
Google Scholar
Similar articles in Google Scholar
[Lin, Yuqi (1)]'s Articles
[Ding, Liping (1)]'s Articles
[Wu, Jingzheng (1)]'s Articles
CSDL cross search
Similar articles in CSDL Cross Search
[Lin, Yuqi (1)]‘s Articles
[Ding, Liping (1)]‘s Articles
[Wu, Jingzheng (1)]‘s Articles
Related Copyright Policies
Null
Social Bookmarking
Add to CiteULike Add to Connotea Add to Del.icio.us Add to Digg Add to Reddit
所有评论 (0)
暂无评论
 
评注功能仅针对注册用户开放,请您登录
您对该条目有什么异议,请填写以下表单,管理员会尽快联系您。
内 容:
Email:  *
单位:
验证码:   刷新
您在IR的使用过程中有什么好的想法或者建议可以反馈给我们。
标 题:
 *
内 容:
Email:  *
验证码:   刷新

Items in IR are protected by copyright, with all rights reserved, unless otherwise indicated.

 

 

Valid XHTML 1.0!
Copyright © 2007-2020  中国科学院软件研究所 - Feedback
Powered by CSpace