Brent C. Carrara
ABSTRACT
A methodology for characterizing and measuring out-of-band covert channels (OOB-CCs) is proposed and used to evaluate covert-acoustic channels (i.e., covert channels established using speakers and microphones). OOB-CCs are low-probability of detection/low-probability of interception channels established using commodity devices that are not traditionally used for communication (e.g., speaker and microphone, display and FM radio, etc.). To date, OOB-CCs have been declared "covert" if the signals used to establish these channels could not be perceived by a human adversary. This work examines OOB-CCs from the perspective of a passive adversary and argues that a different methodology is required in order to effectively assess OOB-CCs. Traditional communication systems are measured by their capacity and bit error rate; while important parameters, they do not capture the key measures of OOB-CCs: namely, the probability of an adversary detecting the channel and the amount of data that two covertly communicating parties can exchange without being detected. As a result, the adoption of the measure steganographic capacity is proposed and used to measure the amount of data (in bits) that can be transferred through an OOB-CC before a passive adversary's probability of detecting the channel reaches a given threshold. The theoretical steganographic capacity for discrete memoryless channels as well as additive white Gaussian noise channels is calculated in this paper and a case study is performed to measure the steganographic capacity of OOB covert-acoustic channels, when a passive adversary uses an energy detector to detect the covert communication. The case study reveals the conditions under which the covertly communicating parties can achieve perfect steganography (i.e., conditions under which data can be communicated without risk of detection).
- A. Al-Haiqi, M. Ismail, and R. Nordin. A new sensors-based covert channel on Android. The Scientific World Journal, 2014, 2014.Google Scholar
- R. J. Anderson and M. G. Kuhn. Soft tempest--an opportunity for NATO. Protecting NATO Information Systems in the 21st Century, 1999.Google Scholar
- M. Backes, T. Chen, M. Duermuth, H. Lensch, and M. Welk. Tempest in a teapot: Compromising reflections revisited. In Security and Privacy, 2009 30th IEEE Symposium on, pages 315--327, May 2009. Google ScholarDigital Library
- M. Backes, M. Durmuth, and D. Unruh. Compromising reflections-or-how to read LCD monitors around the corner. In Security and Privacy, 2008. SP 2008. IEEE Symposium on, pages 158--169, May 2008. Google ScholarDigital Library
- B. Bash, D. Goeckel, and D. Towsley. Square root law for communication with low probability of detection on AWGN channels. In Information Theory Proceedings (ISIT), 2012 IEEE International Symposium on, pages 448--452, July 2012.Google ScholarCross Ref
- B. Bash, D. Goeckel, and D. Towsley. Limits of reliable communication with low probability of detection on AWGN channels. Selected Areas in Communications, IEEE Journal on, 31(9):1921--1930, September 2013.Google Scholar
- B. A. Bash, D. Goeckel, and D. Towsley. LPD communication when the warden does not know when. CoRR, abs/1403.1013, 2014.Google Scholar
- C. Cachin. An information-theoretic model for steganography. In Information Hiding, volume 1525 of Lecture Notes in Computer Science, pages 306--318. Springer Berlin Heidelberg, 1998.Google Scholar
- B. Carrara and C. Adams. On acoustic covert channels between air-gapped systems. In Foundations and Practice of Security, volume 8930 of Lecture Notes in Computer Science, pages 3--16. Springer, 2015.Google ScholarCross Ref
- B. Carrara and C. Adams. Proofs for "On characterizing and measuring out-of-band covert channels". http://www.site.uottawa.ca/~cadams/papers/Appendix.pdf, 2015. Accessed: 2015-04-15.Google Scholar
- P. H. Che, M. Bakshi, C. Chan, and S. Jaggi. Reliable, deniable and hidable communication. In Information Theory and Applications Workshop (ITA), 2014, pages 1--10, Feb 2014.Google ScholarCross Ref
- P. H. Che, M. Bakshi, C. Chan, and S. Jaggi. Reliable deniable communication with channel uncertainty. In Information Theory Workshop (ITW), 2014 IEEE, pages 30--34, Nov 2014.Google ScholarCross Ref
- P. H. Che, M. Bakshi, and S. Jaggi. Reliable deniable communication: Hiding messages in noise. In Information Theory Proceedings (ISIT), 2013 IEEE International Symposium on, pages 2945--2949, July 2013.Google ScholarCross Ref
- P. H. Che, M. Bakshi, and S. Jaggi. Reliable Deniable Communication: Hiding Messages in Noise. ArXiv e-prints, Apr. 2013.Google Scholar
- T. M. Cover and J. A. Thomas. Elements of information theory. John Wiley & Sons, 2012.Google ScholarDigital Library
- M. J. Crocker. Handbook of acoustics. John Wiley & Sons, 1998.Google Scholar
- L. Deshotels. Inaudible sound as a covert channel in mobile devices. In 8th USENIX Workshop on Offensive Technologies (WOOT 14), 2014. Google ScholarDigital Library
- T. Filler and J. Fridrich. Complete characterization of perfectly secure stego-systems with mutually independent embedding operation. In Acoustics, Speech and Signal Processing, 2009. ICASSP 2009. IEEE International Conference on, pages 1429--1432, April 2009. Google ScholarDigital Library
- T. Filler and J. Fridrich. Fisher information determines capacity of e-secure steganography. In Information Hiding, Lecture Notes in Computer Science, pages 31--47. Springer Berlin Heidelberg, 2009. Google ScholarDigital Library
- T. Filler, A. D. Ker, and J. Fridrich. The square root law of steganographic capacity for markov covers. In Proc. SPIE, volume 7254, pages 725408--725408--11, 2009.Google Scholar
- V. Gerasimov and W. Bender. Things that talk: using sound for device-to-device and device-to-human communication. IBM Systems Journal, 39(3.4):530--546, 2000. Google ScholarDigital Library
- V. D. Gligor. A guide to understanding covert channel analysis of trusted systems. National Computer Security Center, 1994.Google Scholar
- M. Guri, G. Kedma, A. Kachlon, and Y. Elovici. Airhopper: Bridging the air-gap between isolated networks and mobile phones using radio frequencies. In Malicious and Unwanted Software: The Americas (MALWARE), 2014 9th International Conference on, pages 58--67, Oct 2014.Google ScholarCross Ref
- M. Hanspach and M. Goetz. On covert acoustical mesh networks in air. CoRR, abs/1406.1213, 2014.Google Scholar
- M. Hanspach and M. Goetz. Recent developments in covert acoustical communications. In Sicherheit, pages 243--254, 2014.Google Scholar
- R. Hasan, N. Saxena, T. Haleviz, S. Zawoad, and D. Rinehart. Sensing-enabled channels for hard-to-detect command and control of mobile devices. In Proceedings of the 8th ACM SIGSAC Symposium on Information, Computer and Communications Security, ASIA CCS '13, pages 469--480, 2013. Google ScholarDigital Library
- J. Hou and G. Kramer. Effective secrecy: Reliability, confusion and stealth. CoRR, abs/1311.1411, 2013.Google Scholar
- A. Ker. Estimating steganographic fisher information in real images. In Information Hiding, volume 5806 of Lecture Notes in Computer Science, pages 73--88. Springer Berlin Heidelberg, 2009. Google ScholarDigital Library
- A. Ker. The square root law in stegosystems with imperfect information. In Information Hiding, volume 6387 of Lecture Notes in Computer Science, pages 145--160. Springer Berlin Heidelberg, 2010. Google ScholarDigital Library
- A. D. Ker. A capacity result for batch steganography. Signal Processing Letters, IEEE, 14(8):525--528, 2007.Google ScholarCross Ref
- A. D. Ker. The square root law requires a linear key. In Proceedings of the 11th ACM Workshop on Multimedia and Security, MM&Sec '09, pages 85--92. ACM, 2009. Google ScholarDigital Library
- A. D. Ker. The square root law does not require a linear key. In Proceedings of the 12th ACM Workshop on Multimedia and Security, MM&Sec '10, pages 213--224. ACM, 2010. Google ScholarDigital Library
- A. D. Ker, T. Pevny, J. Kodovsky, and J. Fridrich. The square root law of steganographic capacity. In Proceedings of the 10th ACM Workshop on Multimedia and Security, pages 107--116, 2008. Google ScholarDigital Library
- A. Kerckhoffs. La cryptographie militaire, volume 9. 1 1883.Google Scholar
- L. E. Kinsler, A. R. Frey, A. B. Coppens, and J. V. Sanders. Fundamentals of acoustics. Fundamentals of Acoustics, 4th Edition, by Lawrence E. Kinsler, Austin R. Frey, Alan B. Coppens, James V. Sanders, pp. 560. ISBN 0-471-84789-5. Wiley-VCH, December 1999., 1, 1999.Google Scholar
- M. Kuhn. Optical time-domain eavesdropping risks of CRT displays. In Security and Privacy, 2002. Proceedings. 2002 IEEE Symposium on, pages 3--18, 2002. Google ScholarDigital Library
- M. Kuhn and R. Anderson. Soft tempest: Hidden data transmission using electromagnetic emanations. In Information Hiding, volume 1525 of Lecture Notes in Computer Science, pages 124--142, 1998.Google Scholar
- D. C. Latham. Department of Defense trusted computer system evaluation criteria. Department of Defense, 1986.Google Scholar
- E. L. Lehmann and J. P. Romano. Testing statistical hypotheses. Springer, 2006.Google Scholar
- M. LeMay and J. Tan. Acoustic surveillance of physically unmodified PCs. In Security and Management, pages 328--334, 2006.Google Scholar
- F. J. Massey. The Kolmogorov-Smirnov test for goodness of fit. Journal of the American Statistical Association, 46(253):68--78, 1951.Google ScholarCross Ref
- I. S. Moskowitz and M. H. Kang. Covert channels-here to stay? In Computer Assurance, 1994. COMPASS'94 Safety, Reliability, Fault Tolerance, Concurrency and Real Time, Security. Proceedings of the Ninth Annual Conference on, pages 235--243. IEEE, 1994.Google ScholarCross Ref
- S. J. Murdoch. Hot or not: Revealing hidden services by their clock skew. In Proceedings of the 13th ACM Conference on Computer and Communications Security, CCS '06, pages 27--36, 2006. Google ScholarDigital Library
- S. J. O'Malley and K.-K. R. Choo. Bridging the air gap: Inaudible data exfiltration by insiders. In 20th Americas Conference on Information Systems (AMCIS 2014), 2014.Google Scholar
- R. L. Peterson, R. E. Ziemer, and D. E. Borth. Introduction to spread-spectrum communications, volume 995. Prentice Hall New Jersey, 1995. Google ScholarDigital Library
- J. G. Proakis. Digital communications. McGraw-Hill, New York, 2008.Google Scholar
- I. S. Reed and G. Solomon. Polynomial codes over certain finite fields. Journal of the Society for Industrial & Applied Mathematics, 8(2):300--304, 1960.Google ScholarCross Ref
- C. E. Shannon. Communication theory of secrecy systems. Bell System Technical Journal, 28(4):656--715, 1949.Google ScholarCross Ref
- V. Subramanian, S. Uluagac, H. Cam, and R. Beyah. Examining the characteristics and implications of sensor side channels. In Communications (ICC), 2013 IEEE International Conference on, pages 2205--2210, June 2013.Google ScholarCross Ref
- E. Tromer. Acoustic cryptanalysis: on nosy people and noisy machines. Eurocrypt2004 Rump Session, May, 2004.Google Scholar
- E. Tromer. Hardware-based cryptanalysis. Weizmann Institute of Science, Tese de Doutorado, 2007.Google Scholar
- H. Urkowitz. Energy detection of unknown deterministic signals. Proceedings of the IEEE, 55(4):523--531, April 1967.Google ScholarCross Ref
- A. Wyner. The wire-tap channel. Bell System Technical Journal, The, 54(8):1355--1387, Oct 1975.Google Scholar
- S. Zander, G. J. Armitage, and P. Branch. A survey of covert channels and countermeasures in computer network protocols. IEEE Communications Surveys and Tutorials, 9(1-4):44--57, 2007. Google ScholarDigital Library
Index Terms
- On Characterizing and Measuring Out-of-Band Covert Channels
Recommendations
Out-of-Band Covert Channels—A Survey
A novel class of covert channel, out-of-band covert channels, is presented by extending Simmons’ prisoners’ problem. This new class of covert channel is established by surveying the existing covert channel, device-pairing, and side-channel research. ...
Towards Reversible Storage Network Covert Channels
ARES '19: Proceedings of the 14th International Conference on Availability, Reliability and SecurityThe use of network covert channels to improve privacy or support security threats has been widely discussed in the literature. As today, the totality of works mainly focuses on how to not disrupt the overt traffic flow and the performance of the covert ...
Covert channels in combinatorial games
SIMUTOOLS '12: Proceedings of the 5th International ICST Conference on Simulation Tools and TechniquesA general framework for exploiting covert channels in combinatorial games is presented. The framework is applicable to all combinatorial games, including Chess and Go, but is applied to the game of Tic-Tac-Toe for ease of experimental analysis. The ...
Comments