Institutional Repository
| a covert timing channel via algorithmic complexity attacks: design and analysis | |
| Sun Xiaoshan; Cheng Liang; Zhang Yang | |
| 2011 | |
| 会议名称 | 2011 IEEE International Conference on Communications, ICC 2011 |
| 会议录名称 | IEEE International Conference on Communications |
| 页码 | - |
| 会议日期 | 5-Jun-20 |
| 会议地点 | Kyoto, Japan |
| 收录类别 | ei |
| 出版地 | United States |
| ISSN | 5361486 |
| ISBN | 9781612842332 |
| 部门归属 | (1) State Key Laboratory of Information Security, Graduate School, Chinese Academy of Sciences, China; (2) State Key Laboratory of Information Security, Institute of Software, Chinese Academy of Sciences, China |
| 摘要 | A covert channel is a communication channel that bypasses the access controls of the system, and it is a threat to the system's security. In this paper, we propose a new covert timing channel which exploits the algorithmic complexity vulnerabilities in the name lookup algorithm of the kernel. This covert channel has a high capacity and it is practically exploitable. In our experiments, the data rate reaches 2256 bps under a very low error rate. This data rate is high enough for practical use. So our covert channel is dangerous. To our knowledge, no previous works propose this covert channel nor implement it. We describe our design and implementation of the covert channel on a SELinux system, discuss the subtle issues that arose in the design, present performance data of the covert channel and analyse its capacity. © 2011 IEEE. |
| 关键词 | Access Control Algorithms Computational Complexity Design |
| 主办者 | IEEE Communication Society; IEICE Communications Society; Science Council of Japan |
| 语种 | 英语 |
| 内容类型 | 会议论文 |
| URI标识 | http://ir.iscas.ac.cn/handle/311060/14393 |
| 专题 | 中国科学院软件研究所 |
| 推荐引用方式 GB/T 7714 | Sun Xiaoshan,Cheng Liang,Zhang Yang. a covert timing channel via algorithmic complexity attacks: design and analysis[C]. United States,2011:-. |
| 条目包含的文件 | ||||||
| 文件名称/大小 | 文献类型 | 版本类型 | 开放类型 | 使用许可 | ||
| a covert timing chan(143KB) | 开放获取 | -- | 请求全文 | |||
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。
修改评论