Skip to main content
SpringerLink
Log in

Information-Theoretic Modeling and Analysis of Interrupt-Related Covert Channels

  • Conference paper
Formal Aspects in Security and Trust (FAST 2008)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 5491))

Included in the following conference series:

Abstract

We present a formal model for analyzing the bandwidth of covert channels. The focus is on channels that exploit interrupt-driven communication, which have been shown to pose a serious threat in practical experiments. Our work builds on our earlier model [1], which we used to compare the effectiveness of different countermeasures against such channels. The main novel contribution of this article is an approach to exploiting detailed knowledge about a given channel in order to make the bandwidth analysis more precise.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Mantel, H., Sudbrock, H.: Comparing Countermeasures against Interrupt-Related Covert Channels in an Information-Theoretic Framework. In: Proc. of the IEEE Computer Security Foundations Symposium, pp. 326–340 (2007)

    Google Scholar 

  2. Lampson, B.W.: A Note on the Confinement Problem. Communications of the ACM 16(10), 613–615 (1973)

    Article  Google Scholar 

  3. Gligor, V.: A Guide to Understanding Covert Channel Analysis of Trusted Systems. CSC-TG-030, Rainbow Series (Light Pink Book) (1993)

    Google Scholar 

  4. Shieh, S.P.: Estimating and Measuring Covert Channel Bandwidth in Multilevel Secure Operating Systems. Journal of Inform. Science & Engineering 15, 91–106 (1999)

    Google Scholar 

  5. Lowe, G.: Quantifying Information Flow. In: Proc. of the IEEE Computer Security Foundations Workshop, pp. 18–31 (2002)

    Google Scholar 

  6. Beauquier, D., Lanotte, R.: Hiding Information in Multi Level Security Systems. In: Dimitrakos, T., Martinelli, F., Ryan, P.Y.A., Schneider, S. (eds.) FAST 2006. LNCS, vol. 4691, pp. 250–269. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  7. Son, J., Alves-Foss, J.: Covert Timing Channel Analysis of Rate Monotonic Real-Time Scheduling Algorithm in MLS Systems. In: Proc. of the IEEE Information Assurance Workshop, pp. 361–368 (2006)

    Google Scholar 

  8. Cover, T.M., Thomas, J.A.: Elements of Information Theory, 2nd edn. John Wiley & Sons, Inc., Chichester (2006)

    MATH  Google Scholar 

  9. Arimoto, S.: An Algorithm for Computing the Capacity of Arbitrary Discrete Memoryless Channels. IEEE Trans. on Information Theory 18(1), 14–20 (1972)

    Article  MathSciNet  MATH  Google Scholar 

  10. Blahut, R.: Computation of Channel Capacity and Rate-Distortion Functions. IEEE Trans. on Information Theory 18(4), 460–473 (1972)

    Article  MathSciNet  MATH  Google Scholar 

  11. Intel Corporation: Interrupt Moderation Using Intel Gigabit Ethernet Controllers, Application Note (AP-450), Revision 1.1 (2003)

    Google Scholar 

  12. Horst, R., Tuy, H.: Global Optimization. Deterministic Approaches. Springer, Heidelberg (1996)

    MATH  Google Scholar 

  13. Horst, R.: On the Global Minimization of Concave Functions. OR Spectrum 6(4), 195–205 (1984)

    Article  MathSciNet  MATH  Google Scholar 

  14. Benson, H.P.: Deterministic Algorithms for Constrained Concave Minimization: A Unified Critical Survey. Naval Research Logistics 43(6), 765–795 (1996)

    Article  MathSciNet  MATH  Google Scholar 

  15. Denning, D.E.: A Lattice Model of Secure Information Flow. Communications of the ACM 19(5), 236–243 (1976)

    Article  MathSciNet  MATH  Google Scholar 

  16. Denning, D.E., Denning, P.J.: Certification of Programs for Secure Information Flow. Communications of the ACM 20(7), 504–513 (1977)

    Article  MATH  Google Scholar 

  17. Kemmerer, R.A.: Shared Resource Matrix Methodology: An Approach to Identifying Storage and Timing Channels. ACM Trans. on Comp. Sys. 1(3), 256–277 (1983)

    Article  Google Scholar 

  18. Kemmerer, R.A.: A Practical Approach to Identifying Storage and Timing Channels: Twenty Years Later. In: Proc. of the Annual Computer Security Applications Conference, pp. 109–118 (2002)

    Google Scholar 

  19. Volpano, D., Smith, G., Irvine, C.: A Sound Type System for Secure Flow Analysis. Journal of Computer Security 4(3), 1–21 (1996)

    Google Scholar 

  20. Sabelfeld, A., Myers, A.C.: Language-based Information-Flow Security. IEEE Journal on Selected Areas in Communication 21(1), 5–19 (2003)

    Article  Google Scholar 

  21. Hu, W.-M.: Reducing Timing Channels with Fuzzy Time. In: Proc. of the IEEE Symposium on Research in Security and Privacy, pp. 8–20 (1991)

    Google Scholar 

  22. Gray III, J.W.: On Introducing Noise into the Bus-Contention Channel. In: Proc. of the IEEE Symposium on Research in Security and Privacy, pp. 90–98 (1993)

    Google Scholar 

  23. Kang, M.H., Moskowitz, I.S.: A Pump for Rapid, Reliable, Secure Communication. In: Proc. of the ACM Conference on Computer and Communications Security, pp. 119–129 (1993)

    Google Scholar 

  24. Kang, M.H., Moskowitz, I.S., Chincheck, S.: The Pump: A Decade of Covert Fun. In: Proc. of the Annual Computer Security Applications Conference, pp. 352–360 (2005)

    Google Scholar 

  25. Millen, J.K.: Covert Channel Capacity. In: Proc. of the IEEE Symposium on Security and Privacy, pp. 60–66 (1987)

    Google Scholar 

  26. Moskowitz, I.S.: Quotient States and Probabilistic Channels. In: Proc. of the IEEE Computer Security Foundations Workshop, pp. 74–83 (1990)

    Google Scholar 

  27. Millen, J.K.: Finite-State Noiseless Covert Channels. In: Proc. of the IEEE Computer Security Foundations Workshop, pp. 81–86 (1989)

    Google Scholar 

  28. Moskowitz, I.S.: Variable Noise Effects Upon a Simple Timing Channel. In: Proc. of the IEEE Symposium on Security and Privacy, pp. 362–372 (1991)

    Google Scholar 

  29. Moskowitz, I.S., Miller, A.R.: Simple Timing Channels. In: Proc. of the IEEE Symposium on Research in Security and Privacy, pp. 56–64 (1994)

    Google Scholar 

  30. Moskowitz, I.S., Greenwald, S.J., Kang, M.H.: An Analysis of the Timed Z-channel. In: Proc. of the IEEE Symposium on Security and Privacy, pp. 2–11 (1996)

    Google Scholar 

  31. Martin, K., Moskowitz, I.S.: Noisy Timing Channels with Binary Inputs and Outputs. In: Camenisch, J.L., Collberg, C.S., Johnson, N.F., Sallee, P. (eds.) IH 2006. LNCS, vol. 4437, pp. 124–144. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  32. Moskowitz, I.S., Miller, A.R.: The Channel Capacity of a Certain Noisy Timing Channel. IEEE Trans. on Information Theory 38(4), 1339–1344 (1992)

    Article  MATH  Google Scholar 

  33. Gray III, J.W.: On Analyzing the Bus-Contention Channel under Fuzzy Time. In: Proc. of the IEEE Computer Security Foundations Workshop, pp. 3–9 (1993)

    Google Scholar 

  34. Kang, M.H., Moskowitz, I.S., Lee, D.C.: A Network Pump. IEEE Trans. on Software Engineering 22(5), 329–338 (1996)

    Article  Google Scholar 

  35. Giles, J., Hajek, B.: An Information-theoretic and Game-theoretic Study of Timing Channels. IEEE Trans. on Information Theory 48(9), 2455–2477 (2002)

    Article  MathSciNet  MATH  Google Scholar 

  36. Lanotte, R., Maggiolo-Schettini, A., Tini, S., Troina, A., Tronci, E.: Automatic Analysis of the NRL Pump. Electr. Notes Theor. Comput. Sci. 99, 245–266 (2004)

    Article  MATH  Google Scholar 

  37. Aldini, A., Bernardo, M.: An Integrated View of Security Analysis and Performance Evaluation: Trading QoS with Covert Channel Bandwidth. In: Heisel, M., Liggesmeyer, P., Wittmann, S. (eds.) SAFECOMP 2004. LNCS, vol. 3219, pp. 283–296. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  38. Tsai, C.R., Gligor, V.D.: A Bandwidth Computation Model for Covert Storage Channels and its Applications. In: Proc. of the IEEE Symposium on Security and Privacy, pp. 108–121 (1988)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, TU Darmstadt, Hochschulstraße 10, 64289, Darmstadt, Germany

    Heiko Mantel & Henning Sudbrock

Authors
  1. Heiko Mantel
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Henning Sudbrock
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Dipartimento di Informatica, Università di Pisa, Largo Bruno, Pontecorvo, 3, 56127, Pisa, Italy

    Pierpaolo Degano

  2. The MITRE Corporation, 202 Burlington Rd, MS S128, MA 01730, Bedford, USA

    Joshua Guttman

  3. Istituto di Informatica e Telematica - IIT Consiglio Nazionale delle Ricerche, C.N.R., Pisa Research Area, Via. G. Moruzzi 1, 56125, Pisa, Italy

    Fabio Martinelli

Rights and permissions

Reprints and permissions

Copyright information

© 2009 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Mantel, H., Sudbrock, H. (2009). Information-Theoretic Modeling and Analysis of Interrupt-Related Covert Channels. In: Degano, P., Guttman, J., Martinelli, F. (eds) Formal Aspects in Security and Trust. FAST 2008. Lecture Notes in Computer Science, vol 5491. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-01465-9_5

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-01465-9_5

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-01464-2

  • Online ISBN: 978-3-642-01465-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation