Description
Covert channels encompass a group of methods designed to alleviate the insufficiency of encryption by applying principles of steganography to hide both the data and method of communication. Covert channels transmit information in violation of a systems security policy; data transfer is typically achieved by modifying network protocol packets in such a way that data is covertly injected into a standard packet and allowed to travel across the network. An outside listener can then collect the packets, strip the injected information from the obtained packets, and retrieve the desired data. Covert channels may be viewed as either a boon or burden depending on the instance of use. This paper starts by describing techniques of covert channels in depth, including various types of timing channels, storage channels, and hybrid implementations. A demonstration of Perl scripting in conjunction with commonly available free software will emphasize the relative ease of implementing a covert channel. Methods to mitigate attacks and prevent future attacks are presented and discussed. While many works within the field of covert channel analysis focus on creating specific covert channels, few works broadly identify channel implementations and prevention techniques, and none provide explicit coding demonstrations to showcase the relative ease of implementation. This thesis seeks to expand on previous research centered on broad analysis of covert channel implementations and provide a suitable coding demonstration.
