Robust Network Covert Communications Based on TCP and Enumerative Combinatorics
The problem of communicating covertly over the Internet has recently received considerable attention from both industry and academic communities. Cloak is novel in several aspects. First, Cloak uses the different combinations of N packets sent over X flows in each round to represent a message. The combinatorial nature of the encoding methods increases the channel capacity largely with (N;X). Second, based on the well-known 12-fold Way, Cloak offers 10 different encoding and decoding methods, each of which has a unique tradeoff among several important considerations, such as channel capacity and camouflage capability. Third, the packet transmissions modulated by Cloak can be carefully crafted to mimic normal TCP flows for evading detection. The authors have implemented Cloak and evaluated it in the PlanetLab and a controlled testbed.