KOM - Multimedia Communications LabProf. Dr.-Ing. Ralf Steinmetz (Director)
Dept. of Electrical Engineering and Information TechnologyDept. of Computer Science (adjunct Professor)
TUD – Technische Universität Darmstadt Merckstr. 25, D-64283 Darmstadt, Germany
Tel.+49 6151 166150, Fax. +49 6151 166152 www.KOM.tu-darmstadt.de
© author(s) of these slides 2008
Dr.-Ing. Matthias HollickProf. Dr.-Ing. Ralf Steinmetz
[email protected] Tel.+49 6151 166158
18. Mai 2012
Hide and Seek in Time -Robust Covert Timing Channels
Cassius de Oliveira Puodzius
Privacy Enhancing TechnologiesAnonymität im Internet
Vorlesung
KOM – Multimedia Communications Lab MN-00-2
Presentation outline
Mai 2012 | Informatik Fb20 | CASED | Cassius de Oliveira Puodzius
Background Covert Channel Adversaries
Problem Definition Channel Capacity Channel Undetectability
Protocol Robustness Multi-channel (Error Corrector Code)
Modulation/Demodulation Scheme Evaluation Trade-Off Experimental Results Conclusions
KOM – Multimedia Communications Lab MN-00-3
Background
Mai 2012 | Informatik Fb20 | CASED | Cassius de Oliveira Puodzius
Background Covert Channel Adversaries
Problem Definition Channel Capacity Channel Undetectability
Protocol Robustness Multi-channel (Error Corrector Code)
Modulation/Demodulation Scheme Evaluation Trade-Off Experimental Results Conclusions
Covert channel
Conceal the existence of communication by hiding it into overt communication (legitimate traffic)
KOM – Multimedia Communications Lab MN-00-4
Background
Mai 2012 | Informatik Fb20 | CASED | Cassius de Oliveira Puodzius
Background Covert Channel Adversaries
Problem Definition Channel Capacity Channel Undetectability
Protocol Robustness Multi-channel (Error Corrector Code)
Modulation/Demodulation Scheme Evaluation Trade-Off Experimental Results Conclusions
Covert channel
Conceal the existence of communication by hiding it into overt communication (legitimate traffic)
Covert storage channels: Data transmission by modifying unused or random bits in the packet header
KOM – Multimedia Communications Lab MN-00-5
Background
Mai 2012 | Informatik Fb20 | CASED | Cassius de Oliveira Puodzius
Background Covert Channel Adversaries
Problem Definition Channel Capacity Channel Undetectability
Protocol Robustness Multi-channel (Error Corrector Code)
Modulation/Demodulation Scheme Evaluation Trade-Off Experimental Results Conclusions
Covert channel
Conceal the existence of communication by hiding it into overt communication (legitimate traffic)
Covert storage channels: Data transmission by modifying unused or random bits in the packet headerCovert timming channels: Modulation of the message into temporal properties of the traffic
KOM – Multimedia Communications Lab MN-00-6
Background
Mai 2012 | Informatik Fb20 | CASED | Cassius de Oliveira Puodzius
Background Covert Channel Adversaries
Problem Definition Channel Capacity Channel Undetectability
Protocol Robustness Multi-channel (Error Corrector Code)
Modulation/Demodulation Scheme Evaluation Trade-Off Experimental Results Conclusions
Covert channel
Conceal the existence of communication by hiding it into overt communication (legitimate traffic)
Covert storage channels: Data transmission by modifying unused or random bits in the packet headerCovert timming channels: Modulation of the message into temporal properties of the traffic
Adversaries
• Passive: Make use of statistical test to distinguish covert from legitimate traffic
KOM – Multimedia Communications Lab MN-00-7
Background
Mai 2012 | Informatik Fb20 | CASED | Cassius de Oliveira Puodzius
Background Covert Channel Adversaries
Problem Definition Channel Capacity Channel Undetectability
Protocol Robustness Multi-channel (Error Corrector Code)
Modulation/Demodulation Scheme Evaluation Trade-Off Experimental Results Conclusions
Covert channel
Conceal the existence of communication by hiding it into overt communication (legitimate traffic)
Covert storage channels: Data transmission by modifying unused or random bits in the packet headerCovert timming channels: Modulation of the message into temporal properties of the traffic
Adversaries
• Passive: Make use of statistical test to distinguish covert from legitimate traffic• Active (jammers): Disrupt covert timing channels by adding random delays to individual packets
KOM – Multimedia Communications Lab MN-00-8
Problem Definition
Mai 2012 | Informatik Fb20 | CASED | Cassius de Oliveira Puodzius
Background Covert Channel Adversaries
Problem Definition Channel Capacity Channel Undetectability
Protocol Robustness Multi-channel (Error Corrector Code)
Modulation/Demodulation Scheme Evaluation Trade-Off Experimental Results Conclusions
Create a covert timing channel which is resilient to passive and active adversaries
KOM – Multimedia Communications Lab MN-00-9
Problem Definition (2)
Mai 2012 | Informatik Fb20 | CASED | Cassius de Oliveira Puodzius
Background Covert Channel Adversaries
Problem Definition Channel Capacity Channel Undetectability
Protocol Robustness Multi-channel (Error Corrector Code)
Modulation/Demodulation Scheme Evaluation Trade-Off Experimental Results Conclusions
Channel Capacity
Maximum number of (covert) bits which are transmited in each packet, i.e., bits per packet (bpp)
KOM – Multimedia Communications Lab MN-00-10
Problem Definition (2)
Mai 2012 | Informatik Fb20 | CASED | Cassius de Oliveira Puodzius
Background Covert Channel Adversaries
Problem Definition Channel Capacity Channel Undetectability
Protocol Robustness Multi-channel (Error Corrector Code)
Modulation/Demodulation Scheme Evaluation Trade-Off Experimental Results Conclusions
Channel Capacity
Maximum number of (covert) bits which are transmited in each packet, i.e., bits per packet (bpp)
Determined by:- Rt: transmission rate- Pe: bit error rate (BER)
KOM – Multimedia Communications Lab MN-00-11
Problem Definition (2)
Mai 2012 | Informatik Fb20 | CASED | Cassius de Oliveira Puodzius
Background Covert Channel Adversaries
Problem Definition Channel Capacity Channel Undetectability
Protocol Robustness Multi-channel (Error Corrector Code)
Modulation/Demodulation Scheme Evaluation Trade-Off Experimental Results Conclusions
Channel Capacity
Maximum number of (covert) bits which are transmited in each packet, i.e., bits per packet (bpp)
Determined by:- Rt: transmission rate- Pe: bit error rate (BER)
High channel capacity → High Rt with low Pe
KOM – Multimedia Communications Lab MN-00-12
Problem Definition (3)
Mai 2012 | Informatik Fb20 | CASED | Cassius de Oliveira Puodzius
Background Covert Channel Adversaries
Problem Definition Channel Capacity Channel Undetectability
Protocol Robustness Multi-channel (Error Corrector Code)
Modulation/Demodulation Scheme Evaluation Trade-Off Experimental Results Conclusions
Channel Undetectability
A covert time is undetectable according to some statistical test, if the test cannot distinguish between legitimate and covert traffic
KOM – Multimedia Communications Lab MN-00-13
Problem Definition (3)
Mai 2012 | Informatik Fb20 | CASED | Cassius de Oliveira Puodzius
Background Covert Channel Adversaries
Problem Definition Channel Capacity Channel Undetectability
Protocol Robustness Multi-channel (Error Corrector Code)
Modulation/Demodulation Scheme Evaluation Trade-Off Experimental Results Conclusions
Channel Undetectability
A covert time is undetectable according to some statistical test, if the test cannot distinguish between legitimate and covert traffic
Shape TestP(x)xHs(x)
KS-testHs(x) = supx|F(x) – S(x)|
KOM – Multimedia Communications Lab MN-00-14
Problem Definition (3)
Mai 2012 | Informatik Fb20 | CASED | Cassius de Oliveira Puodzius
Background Covert Channel Adversaries
Problem Definition Channel Capacity Channel Undetectability
Protocol Robustness Multi-channel (Error Corrector Code)
Modulation/Demodulation Scheme Evaluation Trade-Off Experimental Results Conclusions
Channel Undetectability
A covert time is undetectable according to some statistical test, if the test cannot distinguish between legitimate and covert traffic
Shape TestP(x)xHs(x)
KS-testHs(x) = supx|F(x) – S(x)|
Regularity Test
Hr = std(|σi - σj|/σi)
KOM – Multimedia Communications Lab MN-00-15
Protocol Robustness
Mai 2012 | Informatik Fb20 | CASED | Cassius de Oliveira Puodzius
Background Covert Channel Adversaries
Problem Definition Channel Capacity Channel Undetectability
Protocol Robustness Multi-channel (Error Corrector Code)
Modulation/Demodulation Scheme Evaluation Trade-Off Experimental Results Conclusions
To handle with: Fortuitous delay and/or error during transmission Jammers adversaries
KOM – Multimedia Communications Lab MN-00-16
Protocol Robustness
Mai 2012 | Informatik Fb20 | CASED | Cassius de Oliveira Puodzius
Background Covert Channel Adversaries
Problem Definition Channel Capacity Channel Undetectability
Protocol Robustness Multi-channel (Error Corrector Code)
Modulation/Demodulation Scheme Evaluation Trade-Off Experimental Results Conclusions
To handle with: Fortuitous delay and/or error during transmission Jammers adversaries
Spreading Codes
KOM – Multimedia Communications Lab MN-00-17
Protocol Robustness
Mai 2012 | Informatik Fb20 | CASED | Cassius de Oliveira Puodzius
Background Covert Channel Adversaries
Problem Definition Channel Capacity Channel Undetectability
Protocol Robustness Multi-channel (Error Corrector Code)
Modulation/Demodulation Scheme Evaluation Trade-Off Experimental Results Conclusions
To handle with: Fortuitous delay and/or error during transmission Jammers adversaries
Spreading Codes
Sender:1. Choose a orthogonal code words c1, ..., cK ϵ {-1, 1}N
KOM – Multimedia Communications Lab MN-00-18
Protocol Robustness
Mai 2012 | Informatik Fb20 | CASED | Cassius de Oliveira Puodzius
Background Covert Channel Adversaries
Problem Definition Channel Capacity Channel Undetectability
Protocol Robustness Multi-channel (Error Corrector Code)
Modulation/Demodulation Scheme Evaluation Trade-Off Experimental Results Conclusions
To handle with: Fortuitous delay and/or error during transmission Jammers adversaries
Spreading Codes
Sender:1. Choose a orthogonal code words c1, ..., cK ϵ {-1, 1}N2. Encode k-th bit of the message by c'k = bk ck
KOM – Multimedia Communications Lab MN-00-19
Protocol Robustness
Mai 2012 | Informatik Fb20 | CASED | Cassius de Oliveira Puodzius
Background Covert Channel Adversaries
Problem Definition Channel Capacity Channel Undetectability
Protocol Robustness Multi-channel (Error Corrector Code)
Modulation/Demodulation Scheme Evaluation Trade-Off Experimental Results Conclusions
To handle with: Fortuitous delay and/or error during transmission Jammers adversaries
Spreading Codes
Sender:1. Choose a orthogonal code words c1, ..., cK ϵ {-1, 1}N2. Encode k-th bit of the message by c'k = bk ck3. Simultaneouly transmit over K parallel channels, s = Σ bk ck
KOM – Multimedia Communications Lab MN-00-20
Protocol Robustness
Mai 2012 | Informatik Fb20 | CASED | Cassius de Oliveira Puodzius
Background Covert Channel Adversaries
Problem Definition Channel Capacity Channel Undetectability
Protocol Robustness Multi-channel (Error Corrector Code)
Modulation/Demodulation Scheme Evaluation Trade-Off Experimental Results Conclusions
To handle with: Fortuitous delay and/or error during transmission Jammers adversaries
Spreading Codes
Sender:1. Choose a orthogonal code words c1, ..., cK ϵ {-1, 1}N2. Encode k-th bit of the message by c'k = bk ck3. Simultaneouly transmit over K parallel channels, s = Σ bk ckReceiver:Decode k-th bit by 1/N <s, ck> = bk
KOM – Multimedia Communications Lab MN-00-21
Protocol Robustness (2)
Mai 2012 | Informatik Fb20 | CASED | Cassius de Oliveira Puodzius
Background Covert Channel Adversaries
Problem Definition Channel Capacity Channel Undetectability
Protocol Robustness Multi-channel (Error Corrector Code)
Modulation/Demodulation Scheme Evaluation Trade-Off Experimental Results Conclusions
Example: N = 4, K = 4 msend = (-1, -1, 1, -1)
KOM – Multimedia Communications Lab MN-00-22
Protocol Robustness (2)
Mai 2012 | Informatik Fb20 | CASED | Cassius de Oliveira Puodzius
Background Covert Channel Adversaries
Problem Definition Channel Capacity Channel Undetectability
Protocol Robustness Multi-channel (Error Corrector Code)
Modulation/Demodulation Scheme Evaluation Trade-Off Experimental Results Conclusions
Example: N = 4, K = 4 msend = (-1, -1, 1, -1)
Vector basis:c1 = (-1, 1, 1, 1)c2 = (1, -1, 1, 1)c3 = (1, 1, -1, 1)c4 = (1, 1, 1, -1)
KOM – Multimedia Communications Lab MN-00-23
Protocol Robustness (2)
Mai 2012 | Informatik Fb20 | CASED | Cassius de Oliveira Puodzius
Background Covert Channel Adversaries
Problem Definition Channel Capacity Channel Undetectability
Protocol Robustness Multi-channel (Error Corrector Code)
Modulation/Demodulation Scheme Evaluation Trade-Off Experimental Results Conclusions
Example: N = 4, K = 4 msend = (-1, -1, 1, -1)
Vector basis:c1 = (-1, 1, 1, 1) c1' = b1 c1 = (1, -1, -1, -1)c2 = (1, -1, 1, 1) c2' = b2 c2 = (-1, 1, -1, -1)c3 = (1, 1, -1, 1) c3' = b3 c3 = (1, 1, -1, 1)c4 = (1, 1, 1, -1) c4' = b4 c4 = (-1, -1, -1, 1)
KOM – Multimedia Communications Lab MN-00-24
Protocol Robustness (2)
Mai 2012 | Informatik Fb20 | CASED | Cassius de Oliveira Puodzius
Background Covert Channel Adversaries
Problem Definition Channel Capacity Channel Undetectability
Protocol Robustness Multi-channel (Error Corrector Code)
Modulation/Demodulation Scheme Evaluation Trade-Off Experimental Results Conclusions
Example: N = 4, K = 4 msend = (-1, -1, 1, -1)
Vector basis:c1 = (-1, 1, 1, 1) c1' = b1 c1 = (1, -1, -1, -1)c2 = (1, -1, 1, 1) c2' = b2 c2 = (-1, 1, -1, -1)c3 = (1, 1, -1, 1) c3' = b3 c3 = (1, 1, -1, 1)c4 = (1, 1, 1, -1) c4' = b4 c4 = (-1, -1, -1, 1)
s = Σ bk ck = (0, 0, -4, 0)
KOM – Multimedia Communications Lab MN-00-25
Protocol Robustness (2)
Mai 2012 | Informatik Fb20 | CASED | Cassius de Oliveira Puodzius
Background Covert Channel Adversaries
Problem Definition Channel Capacity Channel Undetectability
Protocol Robustness Multi-channel (Error Corrector Code)
Modulation/Demodulation Scheme Evaluation Trade-Off Experimental Results Conclusions
Example: N = 4, K = 4 msend = (-1, -1, 1, -1)
Vector basis:c1 = (-1, 1, 1, 1) c1' = b1 c1 = (1, -1, -1, -1)c2 = (1, -1, 1, 1) c2' = b2 c2 = (-1, 1, -1, -1)c3 = (1, 1, -1, 1) c3' = b3 c3 = (1, 1, -1, 1)c4 = (1, 1, 1, -1) c4' = b4 c4 = (-1, -1, -1, 1)
s = Σ bk ck = (0, 0, -4, 0)
b1 = 1/N <s, c1> = ¼ -4 = -1b2 = 1/N <s, c2> = ¼ -4 = -1b3 = 1/N <s, c3> = ¼ 4 = 1
b4 = 1/N <s, c4> = ¼ -4 = -1
mreceived = (-1, -1, 1, -1)
KOM – Multimedia Communications Lab MN-00-26
Protocol Robustness (2)
Mai 2012 | Informatik Fb20 | CASED | Cassius de Oliveira Puodzius
Background Covert Channel Adversaries
Problem Definition Channel Capacity Channel Undetectability
Protocol Robustness Multi-channel (Error Corrector Code)
Modulation/Demodulation Scheme Evaluation Trade-Off Experimental Results Conclusions
Example: N = 4, K = 4 msend = (-1, -1, 1, -1)
Vector basis:c1 = (-1, 1, 1, 1) c1' = b1 c1 = (1, -1, -1, -1)c2 = (1, -1, 1, 1) c2' = b2 c2 = (-1, 1, -1, -1)c3 = (1, 1, -1, 1) c3' = b3 c3 = (1, 1, -1, 1)c4 = (1, 1, 1, -1) c4' = b4 c4 = (-1, -1, -1, 1)
s = Σ bk ck = (1, 2, -4, 0)
b1 = 1/N <s, c1> = ¼ -3 ≈ -1b2 = 1/N <s, c2> = ¼ -5 ≈ -1b3 = 1/N <s, c3> = ¼ 7 ≈ 1
b4 = 1/N <s, c4> = ¼ -1 ≈ -1
mreceived = (-1, -1, 1, -1)
KOM – Multimedia Communications Lab MN-00-27
Modulation/Demodulation Scheme
Mai 2012 | Informatik Fb20 | CASED | Cassius de Oliveira Puodzius
Background Covert Channel Adversaries
Problem Definition Channel Capacity Channel Undetectability
Protocol Robustness Multi-channel (Error Corrector Code)
Modulation/Demodulation Scheme Evaluation Trade-Off Experimental Results Conclusions
Prior knowledge: channel characteristics (delay, jitter, ...)
KOM – Multimedia Communications Lab MN-00-28
Modulation/Demodulation Scheme
Mai 2012 | Informatik Fb20 | CASED | Cassius de Oliveira Puodzius
Background Covert Channel Adversaries
Problem Definition Channel Capacity Channel Undetectability
Protocol Robustness Multi-channel (Error Corrector Code)
Modulation/Demodulation Scheme Evaluation Trade-Off Experimental Results Conclusions
Prior knowledge: channel characteristics (delay, jitter, ...)
Modulation Modulation group: Group of K bits which are encoded each time on K parallel channels
KOM – Multimedia Communications Lab MN-00-29
Modulation/Demodulation Scheme
Mai 2012 | Informatik Fb20 | CASED | Cassius de Oliveira Puodzius
Background Covert Channel Adversaries
Problem Definition Channel Capacity Channel Undetectability
Protocol Robustness Multi-channel (Error Corrector Code)
Modulation/Demodulation Scheme Evaluation Trade-Off Experimental Results Conclusions
Prior knowledge: channel characteristics (delay, jitter, ...)
Modulation Modulation group: Group of K bits which are encoded each time on K parallel channels
Linear modulation of inter-packet delay
tn := α + β sn (n = 1, ..., N)
α: shift parameter β: pseudo-random parameter
KOM – Multimedia Communications Lab MN-00-30
Modulation/Demodulation Scheme
Mai 2012 | Informatik Fb20 | CASED | Cassius de Oliveira Puodzius
Background Covert Channel Adversaries
Problem Definition Channel Capacity Channel Undetectability
Protocol Robustness Multi-channel (Error Corrector Code)
Modulation/Demodulation Scheme Evaluation Trade-Off Experimental Results Conclusions
Prior knowledge: channel characteristics (delay, jitter, ...)
Modulation Modulation group: Group of K bits which are encoded each time on K parallel channels
Linear modulation of inter-packet delay
tn := α + β sn (n = 1, ..., N)
α: shift parameter β: pseudo-random parameter
Remark: α is transmited on the fly through one of the channels
KOM – Multimedia Communications Lab MN-00-31
Modulation/Demodulation Scheme
Mai 2012 | Informatik Fb20 | CASED | Cassius de Oliveira Puodzius
Background Covert Channel Adversaries
Problem Definition Channel Capacity Channel Undetectability
Protocol Robustness Multi-channel (Error Corrector Code)
Modulation/Demodulation Scheme Evaluation Trade-Off Experimental Results Conclusions
Prior knowledge: channel characteristics (delay, jitter, ...)
Modulation Modulation group: Group of K bits which are encoded each time on K parallel channels
Linear modulation of inter-packet delay
tn := α + β sn (n = 1, ..., N)
α: shift parameter β: pseudo-random parameter
Remark: α is transmited on the fly through one of the channels
Demodulation Receive a modulation group t, which might be changed to t' due to some additive channel noise x
KOM – Multimedia Communications Lab MN-00-32
Modulation/Demodulation Scheme
Mai 2012 | Informatik Fb20 | CASED | Cassius de Oliveira Puodzius
Background Covert Channel Adversaries
Problem Definition Channel Capacity Channel Undetectability
Protocol Robustness Multi-channel (Error Corrector Code)
Modulation/Demodulation Scheme Evaluation Trade-Off Experimental Results Conclusions
Prior knowledge: channel characteristics (delay, jitter, ...)
Modulation Modulation group: Group of K bits which are encoded each time on K parallel channels
Linear modulation of inter-packet delay
tn := α + β sn (n = 1, ..., N)
α: shift parameter β: pseudo-random parameter
Remark: α is transmited on the fly through one of the channels
Demodulation Receive a modulation group t, which might be changed to t' due to some additive channel noise x
To decode the k-th bit, one computebk' = 1/N < 1/β t', ck>Hence one get bk' = bk + 1/(N β) <x , ck>
KOM – Multimedia Communications Lab MN-00-33
Modulation/Demodulation Scheme (2)
Mai 2012 | Informatik Fb20 | CASED | Cassius de Oliveira Puodzius
Background Covert Channel Adversaries
Problem Definition Channel Capacity Channel Undetectability
Protocol Robustness Multi-channel (Error Corrector Code)
Modulation/Demodulation Scheme Evaluation Trade-Off Experimental Results Conclusions
Removing Regularity
Variance of each modulation group g: σg2 = β2 σs2 such that β and σs are determined by K and T
KOM – Multimedia Communications Lab MN-00-34
Modulation/Demodulation Scheme (2)
Mai 2012 | Informatik Fb20 | CASED | Cassius de Oliveira Puodzius
Background Covert Channel Adversaries
Problem Definition Channel Capacity Channel Undetectability
Protocol Robustness Multi-channel (Error Corrector Code)
Modulation/Demodulation Scheme Evaluation Trade-Off Experimental Results Conclusions
Removing Regularity
Variance of each modulation group g: σg2 = β2 σs2 such that β and σs are determined by K and TThe correlation coefficient of the modulated inter-packet delay t is given by
KOM – Multimedia Communications Lab MN-00-35
Modulation/Demodulation Scheme (2)
Mai 2012 | Informatik Fb20 | CASED | Cassius de Oliveira Puodzius
Background Covert Channel Adversaries
Problem Definition Channel Capacity Channel Undetectability
Protocol Robustness Multi-channel (Error Corrector Code)
Modulation/Demodulation Scheme Evaluation Trade-Off Experimental Results Conclusions
Removing Regularity
Variance of each modulation group g: σg2 = β2 σs2 such that β and σs are determined by K and TThe correlation coefficient of the modulated inter-packet delay t is given by
The correlation of the inter-packet delays can dynamically change by appropriately controlling the generation of α and β
KOM – Multimedia Communications Lab MN-00-36
Modulation/Demodulation Scheme (2)
Mai 2012 | Informatik Fb20 | CASED | Cassius de Oliveira Puodzius
Background Covert Channel Adversaries
Problem Definition Channel Capacity Channel Undetectability
Protocol Robustness Multi-channel (Error Corrector Code)
Modulation/Demodulation Scheme Evaluation Trade-Off Experimental Results Conclusions
Removing Regularity
Variance of each modulation group g: σg2 = β2 σs2 such that β and σs are determined by K and TThe correlation coefficient of the modulated inter-packet delay t is given by
The correlation of the inter-packet delays can dynamically change by appropriately controlling the generation of α and β
As long as T is the parameter which controls the system robustness and undetectability, it remains fixed, while K is uniformly chosen in [1, Kmax]
KOM – Multimedia Communications Lab MN-00-37
Modulation/Demodulation Scheme (2)
Mai 2012 | Informatik Fb20 | CASED | Cassius de Oliveira Puodzius
Background Covert Channel Adversaries
Problem Definition Channel Capacity Channel Undetectability
Protocol Robustness Multi-channel (Error Corrector Code)
Modulation/Demodulation Scheme Evaluation Trade-Off Experimental Results Conclusions
Removing Regularity
Variance of each modulation group g: σg2 = β2 σs2 such that β and σs are determined by K and TThe correlation coefficient of the modulated inter-packet delay t is given by
The correlation of the inter-packet delays can dynamically change by appropriately controlling the generation of α and β
As long as T is the parameter which controls the system robustness and undetectability, it remains fixed, while K is uniformly chosen in [1, Kmax]Remark: A seed of a pseudo-random generator can be priorly shared between the sender and the receiver, so that they are able to get β without any further communication
KOM – Multimedia Communications Lab MN-00-38
Evaluation Trade-Off
Mai 2012 | Informatik Fb20 | CASED | Cassius de Oliveira Puodzius
Background Covert Channel Adversaries
Problem Definition Channel Capacity Channel Undetectability
Protocol Robustness Multi-channel (Error Corrector Code)
Modulation/Demodulation Scheme Evaluation Trade-Off Experimental Results Conclusions
Transmission Rate
Rt = K / N
KOM – Multimedia Communications Lab MN-00-39
Evaluation Trade-Off
Mai 2012 | Informatik Fb20 | CASED | Cassius de Oliveira Puodzius
Background Covert Channel Adversaries
Problem Definition Channel Capacity Channel Undetectability
Protocol Robustness Multi-channel (Error Corrector Code)
Modulation/Demodulation Scheme Evaluation Trade-Off Experimental Results Conclusions
Transmission Rate
Rt = K / N• At least one channel to transmit α
KOM – Multimedia Communications Lab MN-00-40
Evaluation Trade-Off
Mai 2012 | Informatik Fb20 | CASED | Cassius de Oliveira Puodzius
Background Covert Channel Adversaries
Problem Definition Channel Capacity Channel Undetectability
Protocol Robustness Multi-channel (Error Corrector Code)
Modulation/Demodulation Scheme Evaluation Trade-Off Experimental Results Conclusions
Transmission Rate
Rt = K / N• At least one channel to transmit αMaximum transmission rate is N – 1/ N
KOM – Multimedia Communications Lab MN-00-41
Evaluation Trade-Off (2)
Mai 2012 | Informatik Fb20 | CASED | Cassius de Oliveira Puodzius
Background Covert Channel Adversaries
Problem Definition Channel Capacity Channel Undetectability
Protocol Robustness Multi-channel (Error Corrector Code)
Modulation/Demodulation Scheme Evaluation Trade-Off Experimental Results Conclusions
Robustness
Robustness gainG = β2 N
KOM – Multimedia Communications Lab MN-00-42
Evaluation Trade-Off (2)
Mai 2012 | Informatik Fb20 | CASED | Cassius de Oliveira Puodzius
Background Covert Channel Adversaries
Problem Definition Channel Capacity Channel Undetectability
Protocol Robustness Multi-channel (Error Corrector Code)
Modulation/Demodulation Scheme Evaluation Trade-Off Experimental Results Conclusions
Robustness
Robustness gainG = β2 Nβ = TB
T is fixed
KOM – Multimedia Communications Lab MN-00-43
Evaluation Trade-Off (2)
Mai 2012 | Informatik Fb20 | CASED | Cassius de Oliveira Puodzius
Background Covert Channel Adversaries
Problem Definition Channel Capacity Channel Undetectability
Protocol Robustness Multi-channel (Error Corrector Code)
Modulation/Demodulation Scheme Evaluation Trade-Off Experimental Results Conclusions
Robustness
Robustness gain The relation between B and KG = β2 N β = TB T is fixed
KOM – Multimedia Communications Lab MN-00-44
Evaluation Trade-Off (2)
Mai 2012 | Informatik Fb20 | CASED | Cassius de Oliveira Puodzius
Background Covert Channel Adversaries
Problem Definition Channel Capacity Channel Undetectability
Protocol Robustness Multi-channel (Error Corrector Code)
Modulation/Demodulation Scheme Evaluation Trade-Off Experimental Results Conclusions
Robustness
Robustness gain The relation between B and KG = β2 N β = TB T is fixed
Hence, one can achive higher robustness by Decreasing K
Increasing N and T
KOM – Multimedia Communications Lab MN-00-45
Evaluation Trade-Off (3)
Mai 2012 | Informatik Fb20 | CASED | Cassius de Oliveira Puodzius
Background Covert Channel Adversaries
Problem Definition Channel Capacity Channel Undetectability
Protocol Robustness Multi-channel (Error Corrector Code)
Modulation/Demodulation Scheme Evaluation Trade-Off Experimental Results Conclusions
Undetectability
Accurate shape approximation achieved with a smaller T
KOM – Multimedia Communications Lab MN-00-46
Evaluation Trade-Off (3)
Mai 2012 | Informatik Fb20 | CASED | Cassius de Oliveira Puodzius
Background Covert Channel Adversaries
Problem Definition Channel Capacity Channel Undetectability
Protocol Robustness Multi-channel (Error Corrector Code)
Modulation/Demodulation Scheme Evaluation Trade-Off Experimental Results Conclusions
Undetectability
Accurate shape approximation While better regularity achievedachieved with a smaller T with bigger T or Kmax
KOM – Multimedia Communications Lab MN-00-47
Experimental Results
Mai 2012 | Informatik Fb20 | CASED | Cassius de Oliveira Puodzius
Background Covert Channel Adversaries
Problem Definition Channel Capacity Channel Undetectability
Protocol Robustness Multi-channel (Error Corrector Code)
Modulation/Demodulation Scheme Evaluation Trade-Off Experimental Results Conclusions
Experimental scenarios:1. LAN environment in a medium-size campus network
KOM – Multimedia Communications Lab MN-00-48
Experimental Results
Mai 2012 | Informatik Fb20 | CASED | Cassius de Oliveira Puodzius
Background Covert Channel Adversaries
Problem Definition Channel Capacity Channel Undetectability
Protocol Robustness Multi-channel (Error Corrector Code)
Modulation/Demodulation Scheme Evaluation Trade-Off Experimental Results Conclusions
Experimental scenarios:1. LAN environment in a medium-size campus network2. WAN environment with sender and receiver located in USA and Germany, respectively
KOM – Multimedia Communications Lab MN-00-49
Experimental Results
Mai 2012 | Informatik Fb20 | CASED | Cassius de Oliveira Puodzius
Background Covert Channel Adversaries
Problem Definition Channel Capacity Channel Undetectability
Protocol Robustness Multi-channel (Error Corrector Code)
Modulation/Demodulation Scheme Evaluation Trade-Off Experimental Results Conclusions
Experimental scenarios:1. LAN environment in a medium-size campus network2. WAN environment with sender and receiver located in USA and Germany, respectively
Network conditions for each scenario
KOM – Multimedia Communications Lab MN-00-50
Experimental Results
Mai 2012 | Informatik Fb20 | CASED | Cassius de Oliveira Puodzius
Background Covert Channel Adversaries
Problem Definition Channel Capacity Channel Undetectability
Protocol Robustness Multi-channel (Error Corrector Code)
Modulation/Demodulation Scheme Evaluation Trade-Off Experimental Results Conclusions
Experimental scenarios:1. LAN environment in a medium-size campus network2. WAN environment with sender and receiver located in USA and Germany, respectively
Network conditions for each scenario
Carrier applications
KOM – Multimedia Communications Lab MN-00-51
Experimental Results (2)
Mai 2012 | Informatik Fb20 | CASED | Cassius de Oliveira Puodzius
Background Covert Channel Adversaries
Problem Definition Channel Capacity Channel Undetectability
Protocol Robustness Multi-channel (Error Corrector Code)
Modulation/Demodulation Scheme Evaluation Trade-Off Experimental Results Conclusions
Robustness
KOM – Multimedia Communications Lab MN-00-52
Experimental Results (3)
Mai 2012 | Informatik Fb20 | CASED | Cassius de Oliveira Puodzius
Background Covert Channel Adversaries
Problem Definition Channel Capacity Channel Undetectability
Protocol Robustness Multi-channel (Error Corrector Code)
Modulation/Demodulation Scheme Evaluation Trade-Off Experimental Results Conclusions
Undetectability
KOM – Multimedia Communications Lab MN-00-53
Thank you!
Mai 2012 | Informatik Fb20 | CASED | Cassius de Oliveira Puodzius
Background Covert Channel Adversaries
Problem Definition Channel Capacity Channel Undetectability
Protocol Robustness Multi-channel (Error Corrector Code)
Modulation/Demodulation Scheme Evaluation Trade-Off Experimental Results Conclusions