Feasibility Evaluation of Long-distance Network Timing-based Covert Channels

Abstract

Network timing characteristics can be used to hide information, and this is known as a covert timing channel (CTC). This paper discusses a number of inherent network effects that may prevent the use of CTC. The paper experimentally demonstrates the feasibility of an Interpacket Delay (IPD)-based CTC over long paths. To our knowledge, long-distance CTC between various locations across the world have not yet been experimentally studied in the literature. For this paper, CTC channels were created between New Zealand and nine AWS instances around the globe. The channels communicated at an hourly interval over a week's duration. Three encoding methods, 1 bit per packet (BPP), 2 BPP, and 3 BPP were designed and studied. The experiment results suggest that one can expect there to be around a 10% error rate, and stress the need for error correcting codes in the CTCs.