{"title":"中断相关隐蔽信道的带宽实证分析","authors":"Richard Gay, H. Mantel, Henning Sudbrock","doi":"10.4018/IJSSE.2015040101","DOIUrl":null,"url":null,"abstract":"Interrupt-related covert channels IRCCs utilize hardware interrupts for enabling communication between processes. This article provides an empirical evaluation of IRCC vulnerabilities, based on an actual exploit. The evaluation combines experiments with an information-theoretic analysis for computing the channel bandwidth. The evaluation shows that a bandwidth of multiple bits per second is achievable in a desktop system via interrupts of a network interface card. This result clarifies the significance of this IRCC vulnerability for one particular system. The exploit presented is configurable, and the article provides a solution for computing an optimal exploit configuration for a given system. While side channels based on hardware interrupts have been discussed before, this is the first empirical evaluation of covert channels based on hardware interrupts.","PeriodicalId":89158,"journal":{"name":"International journal of secure software engineering","volume":"1 1","pages":"1-22"},"PeriodicalIF":0.0000,"publicationDate":"2015-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"11","resultStr":"{\"title\":\"An Empirical Bandwidth Analysis of Interrupt-Related Covert Channels\",\"authors\":\"Richard Gay, H. Mantel, Henning Sudbrock\",\"doi\":\"10.4018/IJSSE.2015040101\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Interrupt-related covert channels IRCCs utilize hardware interrupts for enabling communication between processes. This article provides an empirical evaluation of IRCC vulnerabilities, based on an actual exploit. The evaluation combines experiments with an information-theoretic analysis for computing the channel bandwidth. The evaluation shows that a bandwidth of multiple bits per second is achievable in a desktop system via interrupts of a network interface card. This result clarifies the significance of this IRCC vulnerability for one particular system. The exploit presented is configurable, and the article provides a solution for computing an optimal exploit configuration for a given system. While side channels based on hardware interrupts have been discussed before, this is the first empirical evaluation of covert channels based on hardware interrupts.\",\"PeriodicalId\":89158,\"journal\":{\"name\":\"International journal of secure software engineering\",\"volume\":\"1 1\",\"pages\":\"1-22\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2015-04-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"11\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"International journal of secure software engineering\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.4018/IJSSE.2015040101\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"International journal of secure software engineering","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.4018/IJSSE.2015040101","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
An Empirical Bandwidth Analysis of Interrupt-Related Covert Channels
Interrupt-related covert channels IRCCs utilize hardware interrupts for enabling communication between processes. This article provides an empirical evaluation of IRCC vulnerabilities, based on an actual exploit. The evaluation combines experiments with an information-theoretic analysis for computing the channel bandwidth. The evaluation shows that a bandwidth of multiple bits per second is achievable in a desktop system via interrupts of a network interface card. This result clarifies the significance of this IRCC vulnerability for one particular system. The exploit presented is configurable, and the article provides a solution for computing an optimal exploit configuration for a given system. While side channels based on hardware interrupts have been discussed before, this is the first empirical evaluation of covert channels based on hardware interrupts.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
