ABSTRACT
Covert channel analysis typically involves study of individual covert channels in isolation, and determining the thoroughness of such case-by-case analysis can be difficult. To help address this problem, this paper formally defines the notion of a “complete” set of covert channels. Informally, a set of covert channels is “complete” when those channels in the set can operate in tandem to produce the maximum possible covert information flow out of a system. More formally, a “complete” set of covert channels is defined as a solution to an equation called the Maximum Information Flow Equation. An alternate way of expressing “completeness” for sets of covert channels is that all “complete” convert channel sets, and only “complete” sets, always satisfy a certain Entropy Conservation Law, which is given in different forms. One form of the Entropy Conservation Law is that any “complete” set of covert channels can be used to represent overall system behavior in what the author calls Covert Channel Normal Form. Although this paper is mainly theoretical in nature, the author also discusses some possible ways of using the theory, along with open issues.
- Browne91.Browne, R., "The Turing Test and Non-Information Flow", In Proceedings of tile 1991 IEEE Symposium on Research in Security and Privacy.Google Scholar
- Browne94.Browne, R., "Mode Security: An Infrastructure for Covert Channel Suppression", In Proceedings of the 1994 IEEE Symposium on Research in Security and Privacy. Google ScholarDigital Library
- Eckmann94.Eckmann, S., "Eliminating Formal Flows in Automated Information Flow Analysis", In Proceedings of the 1994 IEEE Symposium on Research in Security and Privacy. Google ScholarDigital Library
- GoguenMeseguer84.Goguen, J., and Meseguer, J., "Unwinding and Inference Control", In Proceedings of the 1984 IEEE Symposium on Security and Privacy.Google Scholar
- Halmos74.Halmos, P., "Finite-Dimensional Vector Spaces", Springer-Verlag, 1974.Google Scholar
- KangMoskowitz93.Kang, M., and Moskowitz, I., "A Pump for Rapid, Reliable, Secure Communication", In Proceedings of the I st ACA4 Conference on Computer and Communications Security, November, 1993. Google ScholarDigital Library
- NCSC93."A Guide to Understanding Covert Channel Analysis of Trusted Systems", Security Guideline issued by the National Computer Security Center, Document Number NCSC-TG-030, Version 1, November 1993.Google Scholar
- Rushby81.Rushby, J., "The Design and Verification of Secure Systems", In Proceedings of the 8th ACA4 Symposium on Operating System Principles, December, 1981. Google ScholarDigital Library
- Shannon48.Shannon, C., "A Mathematical Theory of Communication", Bell System Technical Journal, Volume 27, July 1948.Google ScholarCross Ref
- Shannon61.Shannon, C., "Two-Way Communication Channels", bz Proceedings of the Fourth Berkeley Symposium on Mathematics, Statistics, and Probability, Volume I, 1961.Google Scholar
- WittboldJohnson90.Wittbold, J.T., and Johnson, D., "Information Flow in Non-deterministic Systems", In Proceedings of the 1990 IEEE Symposium on Research in Security and Privacy.Google Scholar
Index Terms
- An entropy conservation law for testing the completeness of covert channel analysis
Recommendations
Covert Channel Capacity Analysis Based on Entropy
ISISE '08: Proceedings of the 2008 International Symposium on Information Science and Engieering - Volume 01This paper presents a method based on information entropy to analyze the capacity of covert channels. Built upon noninterference, the method is firstly used to calculate the covert channel capacity, then to analyze the factors that have an impact on ...
Covert Communication With Channel-State Information at the Transmitter
We consider the problem of covert communication over a state-dependent channel, where the transmitter has causal or noncausal knowledge of the channel states. Here, covert means that a warden on the channel should observe similar statistics when the ...
An Entropy-Based Approach to Detecting Covert Timing Channels
The detection of covert timing channels is of increasing interest in light of recent exploits of covert timing channels over the Internet. However, due to the high variation in legitimate network traffic, detecting covert timing channels is a ...
Comments