1 / 20

Multiple Access Covert Channels

Multiple Access Covert Channels. Ira Moskowitz Naval Research Lab moskowitz@nrl.itd.navy.mil. Richard Newman Univ. of Florida nemo@cise.ufl.edu. Focus. Review covert channels from high assurance computing and anonymity Define quasi-anonymous channel Review analysis of single sender DMC

pabla
Télécharger la présentation

Multiple Access Covert Channels

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Multiple Access Covert Channels Ira Moskowitz Naval Research Lab moskowitz@nrl.itd.navy.mil Richard Newman Univ. of Florida nemo@cise.ufl.edu

  2. Focus • Review covert channels from high assurance computing and anonymity • Define quasi-anonymous channel • Review analysis of single sender DMC • Analyze 2-sender DMC arising in anonymity systems

  3. Covert Channels • CC = communication contrary to design • Storage channels and timing channels • Storage channel capacity given by mutual information, in bits per symbol • Timing channel capacity analysis requires optimizing ratio of mutual information to expected time cost

  4. Storage Channel Example • File system full/not full • High fills/leaves space in FS to signal 1 or 0 • Low tries to obtain space and fails or succeeds to “read” 1 or 0 • Low returns system to previous state

  5. Timing Channel Example • High uses full time quantum in time sharing host to send 1, gives up CPU early to send 0 • Low measures time gaps between accesses to “read” 1 or 0

  6. Anonymity Systems • Started with Chaum Mixes • Mix receives encrypted, padded msg • Decrypts/re-encrypts padded msg • Delays forwarding msg • Scrambles order of msg forwarding

  7. Mixes • Mix may be timed (count number of msgs forwarded each time it fires) • Mix may fire when threshold reached (count time between firings) • Mixes may be chained • Studied timed Mix-firewalls and covert channels – now for threshold Mix-firewalls

  8. Mix-firewall figure

  9. Mix-firewall CC Model • Alice behind M-F • Eve listening to output of M-F • Clueless senders behind M-F • Each sender (Alice or Clueless) may either send or not send a msg each tick • Alice modulates her behavior to try to communicate with Eve

  10. Threshold Mix – No Clueless • Noiseless timing channel • Minimum delay of q • Other delays of q +1, q +2, … • Capacity of this simple timing channel: C = lim n!1 sup (log |Sn|)/n

  11. Simple Timing Channel Capacity • Delays of q +1, q +2, … • Capacity of this simple timing channel: C = log w[q,1] , where w[q,1] is the unique positive root of 1 – (x –q + x –1)

  12. Bounded Timing Channel Capacity • Delays of q, q +1, q +2, …, q +N • Capacity of bounded timing channel: C = log w[q,N] , where w[q,N] is the unique positive root of 1 – (x–q + x–(q +1) + … + x–(q +N))

  13. Neurons • Basis for nervous system • Soma receives information from dendrites • Soma sends information via electrical impulse (spike) down axon • Spike releases neurotransmitters across synaptic cleft at end of axon to dendrite

  14. Spikes • Spike, or action potential, changes potential from –70 mV to 50 mV • Information passed by timing, not by magnitude of spike voltage • Action potential propagation speed from 1 to 100’s of km/hr, F(size, sheath) • Spike duration is 1-2 ms. • Minimum refractory period between spikes

  15. Timing Channels & Spikes

  16. MacKay-McCulloch • Considered neuronal data rates • Refractory time TR = 1 msec • Increments of DT = 0.05 msec • Maximum time TM = TR + nDT = 2 msec • Capacity estimated (incorrectly) as: C = log n / [(TM + TR )/2]

  17. MacKay-McCulloch • Estimated 2.9 bps (3.1 bps is right) • Can rewrite estimated capacity as: C = log n / [TR + nDT/2] • But lim n!1log n / [TR + nDT/2] = 0 , when in fact, limiting rate is 3.24 bps

  18. Majani & Rumsey • For constant symbol time, 2-input DMC, with noise, showed optimal distribution for inputs had pr(0) in [1/e , 1-1/e] • Liang proved conjecture for n-input DMC • These results do not apply when the symbol times vary

  19. Noise • What about when there is noise? • Can no longer use algebraic approach • Rather than using simple mutual info, It = H(X)/E(T) must use conditional entropy, It = H(X)-H(X|Y)/E(T)

  20. Conclusions • Introduced problem of covert channels through threshold Mix-firewalls • Analyzed simple (noiseless) channel • Compared to biological information model • Corrected earlier estimates of M & M • Showed that MRL results do not apply • First shot at analysis in presence of noise

More Related