Embedding a Covert Channel in Active Network Connections

Date Added: Oct 2009
Format: PDF

Covert timing channels exploit varying packet rates between synchronized sending and receiving hosts to transmit hidden information. The overhead in synchronizing covert timing channels and their inherent dependence on network conditions are their main drawbacks. In this paper, the authors propose a covert channel using multiple active connections that does not depend on the timing differences between consecutive packets. Their proposed approach uses multiple network connections between a pair of communicating hosts to transmit covert data. Hence this covert channel is unaffected by underlying unpredictable network conditions. The concealed data is embedded in the order and sequence of connections to/from which regular (cover) packets of data are sent/received.