Article

Covert messaging through TCP timestamps

Authors:

Rachel Greenstadt,

Richard TibbettsAuthors Info & Claims

PET'02: Proceedings of the 2nd international conference on Privacy enhancing technologies

Pages 194 - 208

Published: 14 April 2002 Publication History

Abstract

Covert channels exist in most communications systems and allow individuals to communicate truly undectably. However, covert channels are seldom used due to their complexity. A protocol for sending data over a common class of low-bandwidth covert channels has been developed. The protocol is secure against attack by powerful adversaries. The design of a practical system implementing the protocol on a standard platform (Linux) exploiting a channel in a common communications system (TCP timestamps) is presented. A partial implementation of this system has been accomplished.

References

[1]

Aba01. C. Abad. Ip checksum covert channels and selected hash collision. http://www.gravitino.net/~aempirei/papers/pccc.pdf, 2001.

[2]

AP98. R. Anderson and F. A. Petitcolas. On the limits of steganography. IEEE Journal on Selected Areas in Communications, 16:474-481, 1998.

Digital Library

[3]

Bel89. S. Bellovin. Security problems in the tcp/ip protocol suite. Computer Communication Review, 19(2):32-48, 1989.

Digital Library

[4]

Cac98. C. Cachin. An information-theoretic model for steganography. In D. Aucsmith, editor, Information Hiding, 2nd International Workshop, volume 1525 of Lecture Notes in Computer Science, pages 306-318. Springer, 1998. Revised version, March 2001, available as Cryptology ePrint Archive, Report 2000/028, http://eprint.iacr.org/.

Digital Library

[5]

DJ01. r. D. Eastlake and P. Jones. Us secure hash algorithm 1 (sha1). Rfc, Network Working Group, 2001. http://www.ietf.org/rfc/rfc3174.txt.

Digital Library

[6]

FAP99. M. G. K. Fabian A.P. Petitcolas, Ross J. Anderson. Information hiding - a survey. In Proceedings of the IEEE. 1999.

[7]

III. J. W. G. III. Countermeasures and tradeoffs for a class of covert timing channels.

[8]

McH95. J. McHugh. Covert Channel Analysis. Portland State University, 1995.

[9]

MK94. I. Moskowitz and M. Kang. Covert channels - here to stay? In COMPASS '94, pages 235-243. 1994.

[10]

MM94. I. S. Moskowitz and A. R. Miller. Simple timing channels. In IEEE Computer Society Symposium on Research in Security and Privacy, pages 56-61. IEEE Press, 1994.

Digital Library

[11]

Pos81. J. Postel. Transmission control protocol. RFC 793, Information Sciences Institute, University of Southern California, 4676 Admiralty Way, Marina del Rey, California 90291, 1981. http://www.ietf.org/rfc/rfc0793.txt.

[12]

Row96. C. H. Rowland. Covert channels in the tcp/ip protocol suite. First Monday, http://www.firstmonday.dk/issues/issue2_5/rowland/, 1996.

[13]

Sim84. G. Simmons. The prisoners' problem and the subliminal channel. In CRYPTO '83, pages 51-67. Plenum Press, 1984.

[14]

Sim93. G. J. Simmons. The subliminal channels in the u.s. digital signature algorithm (dsa). In W. Wolfowicz, editor, 3rd Symposium on: State and Progress of Research in Cryptography, pages 35-54. Rome, Italy, 1993.

[15]

Sim94. G. J. Simmons. Subliminal channels : Past and present. In European Trans. on Telecommunications, 4(4), pages 459-473. 1994.

[16]

Sim98. G. J. Simmons. Results concerning the bandwidth of subliminal channels. IEEE J. on Selected Areas in Communications, 16(4), pages 463-473, 1998.

Digital Library

[17]

SM. e. a. Steve McCanne. libpcap, the packet capture library. http://www.tcpdump.org.

[18]

UCD99. Uc davis denial of service (dos) project meeting notes. http://seclab. cs.ucdavis.edu/projects/denial-service/meetings/01-27-99m.html, 1999.

Cited By

Xing JMorrison AChen ADelimitrou CPorts D(2019)NetWardenProceedings of the 11th USENIX Conference on Hot Topics in Cloud Computing10.5555/3357034.3357037(2-2)Online publication date: 8-Jul-2019
https://dl.acm.org/doi/10.5555/3357034.3357037
Geisler DMazurczyk WKeller J(2018)Towards Utilization of Covert Channels as a Green Networking TechniqueProceedings of the 13th International Conference on Availability, Reliability and Security10.1145/3230833.3233262(1-10)Online publication date: 27-Aug-2018
https://dl.acm.org/doi/10.1145/3230833.3233262
Iglesias FZseby T(2017)Are Network Covert Timing Channels Statistical Anomalies?Proceedings of the 12th International Conference on Availability, Reliability and Security10.1145/3098954.3106067(1-9)Online publication date: 29-Aug-2017
https://dl.acm.org/doi/10.1145/3098954.3106067
Show More Cited By

Covert messaging through TCP timestamps

Recommendations

Covert two-party computation
STOC '05: Proceedings of the thirty-seventh annual ACM symposium on Theory of computing

We introduce covert two-party computation, a stronger notion of security than standard secure two-party computation. Like standard secure two-party computation, covert two-party computation allows Alice and Bob, with secret inputs x_A and x_B respectively,...
Security against covert adversaries: efficient protocols for realistic adversaries
TCC'07: Proceedings of the 4th conference on Theory of cryptography

In the setting of secure multiparty computation, a set of mutually distrustful parties wish to securely compute some joint function of their private inputs. The computation should be carried out in a secure way, meaning that no coalition of corrupted ...
Pandora Messaging: An Enhanced Self-Message-Destructing Secure Instant Messaging Architecture for Mobile Devices
WAINA '12: Proceedings of the 2012 26th International Conference on Advanced Information Networking and Applications Workshops

We propose the Pandora Messaging, an enhanced secure instant messaging architecture which is equipped with a self-message-destructing feature for sensitive personal information applications in a mobile environment. We design the Pandora Message ...

Comments

Information & Contributors

Information

Published In

cover image Guide Proceedings

PET'02: Proceedings of the 2nd international conference on Privacy enhancing technologies

April 2002

239 pages

ISBN:354000565X

Editors:
Roger Dingledine
The Free Haven Project, Arlington, MA
,
Paul Syverson
Naval Research Laboratory, Washington, DC

Publisher

Springer-Verlag

Berlin, Heidelberg

Publication History

Published: 14 April 2002

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

35
Total Citations
View Citations
5
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 25 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Xing JMorrison AChen ADelimitrou CPorts D(2019)NetWardenProceedings of the 11th USENIX Conference on Hot Topics in Cloud Computing10.5555/3357034.3357037(2-2)Online publication date: 8-Jul-2019
https://dl.acm.org/doi/10.5555/3357034.3357037
Geisler DMazurczyk WKeller J(2018)Towards Utilization of Covert Channels as a Green Networking TechniqueProceedings of the 13th International Conference on Availability, Reliability and Security10.1145/3230833.3233262(1-10)Online publication date: 27-Aug-2018
https://dl.acm.org/doi/10.1145/3230833.3233262
Iglesias FZseby T(2017)Are Network Covert Timing Channels Statistical Anomalies?Proceedings of the 12th International Conference on Availability, Reliability and Security10.1145/3098954.3106067(1-9)Online publication date: 29-Aug-2017
https://dl.acm.org/doi/10.1145/3098954.3106067
Neuner SVoyiatzis ASchmiedecker MBrunthaler SKatzenbeisser SWeippl E(2016)Time is on my sideDigital Investigation: The International Journal of Digital Forensics & Incident Response10.1016/j.diin.2016.04.01018:S(S76-S86)Online publication date: 7-Aug-2016
https://dl.acm.org/doi/10.1016/j.diin.2016.04.010
Iglesias FAnnessi RZseby T(2016)DAT detectorsSecurity and Communication Networks10.1002/sec.15319:15(3011-3029)Online publication date: 1-Oct-2016
https://dl.acm.org/doi/10.1002/sec.1531
Qian YSun TLi JFan CSong H(2016)Design and analysis of the covert channel implemented by behaviors of network usersSecurity and Communication Networks10.1002/sec.15039:14(2359-2370)Online publication date: 25-Sep-2016
https://dl.acm.org/doi/10.1002/sec.1503
Vines PKohno TRay IHopper NJansen R(2015)RookProceedings of the 14th ACM Workshop on Privacy in the Electronic Society10.1145/2808138.2808141(75-84)Online publication date: 12-Oct-2015
https://dl.acm.org/doi/10.1145/2808138.2808141
Wendzel SZander SFechner BHerdin C(2015)Pattern-Based Survey and Categorization of Network Covert Channel TechniquesACM Computing Surveys10.1145/268419547:3(1-26)Online publication date: 1-Apr-2015
https://dl.acm.org/doi/10.1145/2684195
Brada PJezek K(2015)Repository and meta-data design for efficient component consistency verificationScience of Computer Programming10.1016/j.scico.2014.06.01397:P3(349-365)Online publication date: 1-Jan-2015
https://dl.acm.org/doi/10.1016/j.scico.2014.06.013
Ker ABas PBöhme RCogranne RCraver SFiller TFridrich JPevný TPuech WChaumont MDittmann JCampisi P(2013)Moving steganography and steganalysis from the laboratory into the real worldProceedings of the first ACM workshop on Information hiding and multimedia security10.1145/2482513.2482965(45-58)Online publication date: 17-Jun-2013
https://dl.acm.org/doi/10.1145/2482513.2482965
Show More Cited By

View Options

View options

Figures

Tables

Media

View Table of Conten