Error probability analysis of IP Time To Live covert channels

2007 International Symposium on Communications and Information Technologies Pub Date : 2007-12-04 DOI:10.1109/ISCIT.2007.4392082

S. Zander, P. Branch, G. Armitage

{"title":"Error probability analysis of IP Time To Live covert channels","authors":"S. Zander, P. Branch, G. Armitage","doi":"10.1109/ISCIT.2007.4392082","DOIUrl":null,"url":null,"abstract":"Communication is not necessarily made secure by the use of encryption alone. The mere existence of communication is often enough to raise suspicion and trigger investigative actions. Covert channels aim to hide the very existence of the communication. The huge amount of data and vast number of different protocols in the Internet makes it ideal as a high-bandwidth vehicle for covert communications. A number of researchers have proposed different techniques to encode covert information into the IP time to live (TTL) field. This is a noisy covert channel since the TTL field is modified between covert sender and receiver. For computing the channel capacity it is necessary to know the probability of channel errors. In this paper we derive analytical solutions for the error probabilities of the different encoding schemes. We simulate the different encoding schemes and compare the simulation results with the analytical error probabilities. Finally, we compare the performance of the different encoding schemes for an idealised error distribution and an empirical TTL error distribution obtained from real Internet traffic.","PeriodicalId":331439,"journal":{"name":"2007 International Symposium on Communications and Information Technologies","volume":"52 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2007-12-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"6","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2007 International Symposium on Communications and Information Technologies","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISCIT.2007.4392082","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 6

Abstract

Communication is not necessarily made secure by the use of encryption alone. The mere existence of communication is often enough to raise suspicion and trigger investigative actions. Covert channels aim to hide the very existence of the communication. The huge amount of data and vast number of different protocols in the Internet makes it ideal as a high-bandwidth vehicle for covert communications. A number of researchers have proposed different techniques to encode covert information into the IP time to live (TTL) field. This is a noisy covert channel since the TTL field is modified between covert sender and receiver. For computing the channel capacity it is necessary to know the probability of channel errors. In this paper we derive analytical solutions for the error probabilities of the different encoding schemes. We simulate the different encoding schemes and compare the simulation results with the analytical error probabilities. Finally, we compare the performance of the different encoding schemes for an idealised error distribution and an empirical TTL error distribution obtained from real Internet traffic.

查看原文本刊更多论文

IP实时隐蔽信道的错误概率分析

仅使用加密技术未必能保证通信的安全。仅仅是通信的存在就足以引起怀疑并引发调查行动。隐蔽信道的目的是隐藏通信的存在。互联网中大量的数据和大量不同的协议使其成为秘密通信的理想高带宽载体。许多研究人员提出了不同的技术来将隐蔽信息编码到IP生存时间(TTL)字段中。这是一个有噪声的隐蔽信道，因为TTL字段在隐蔽发送方和接收方之间被修改。为了计算信道容量，必须知道信道错误的概率。本文给出了不同编码方案误差概率的解析解。对不同的编码方案进行了仿真，并将仿真结果与解析误差概率进行了比较。最后，我们比较了不同编码方案对理想误差分布和从真实互联网流量中获得的经验TTL误差分布的性能。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2007 International Symposium on Communications and Information Technologies

自引率

0.00%

发文量