A Covert Timing Channel via Algorithmic Complexity Attacks: Design and Analysis

A covert channel is a communication channel that bypasses the access controls of the system, and it is a threat to the system's security. In this paper, we propose a new covert timing channel which exploits the algorithmic complexity vulnerabilities in the name lookup algorithm of the kernel. T...

Celý popis

Uloženo v:
Podrobná bibliografie
Vydáno v:2011 IEEE International Conference on Communications (ICC) s. 1 - 5
Hlavní autoři: Xiaoshan Sun, Liang Cheng, Yang Zhang
Médium: Konferenční příspěvek
Jazyk:angličtina
Vydáno: IEEE 01.06.2011
Témata:
Channel capacity
Complexity theory
Error analysis
Kernel
Receivers
Security
Timing
ISBN:9781612842325, 1612842321
ISSN:1550-3607
On-line přístup:Získat plný text
Tagy: Přidat tag
Žádné tagy, Buďte první, kdo vytvoří štítek k tomuto záznamu!
Popis
Shrnutí:A covert channel is a communication channel that bypasses the access controls of the system, and it is a threat to the system's security. In this paper, we propose a new covert timing channel which exploits the algorithmic complexity vulnerabilities in the name lookup algorithm of the kernel. This covert channel has a high capacity and it is practically exploitable. In our experiments, the data rate reaches 2256 bps under a very low error rate. This data rate is high enough for practical use. So our covert channel is dangerous. To our knowledge, no previous works propose this covert channel nor implement it. We describe our design and implementation of the covert channel on a SELinux system, discuss the subtle issues that arose in the design, present performance data of the covert channel and analyse its capacity.
ISBN:9781612842325
1612842321
ISSN:1550-3607
DOI:10.1109/icc.2011.5962718