Computer Security – ESORICS 2009

Volume 5789 of the series Lecture Notes in Computer Science pp 120-135

Hide and Seek in Time — Robust Covert Timing Channels

  • Yali LiuAffiliated withDepartment of Electrical and Computer Engineering, University of California
  • , Dipak GhosalAffiliated withDepartment of Computer Science, University of California
  • , Frederik ArmknechtAffiliated withHorst-Görtz Institute for IT-Security (HGI), Ruhr-University Bochum
  • , Ahmad-Reza SadeghiAffiliated withHorst-Görtz Institute for IT-Security (HGI), Ruhr-University Bochum
  • , Steffen SchulzAffiliated withHorst-Görtz Institute for IT-Security (HGI), Ruhr-University Bochum
  • , Stefan KatzenbeisserAffiliated withDepartment of Computer Science, Technische Universität Darmstadt

* Final gross prices may vary according to local VAT.

Get Access


Covert timing channels aim at transmitting hidden messages by controlling the time between transmissions of consecutive payload packets in overt network communication. Previous results used encoding mechanisms that are either easy to detect with statistical analysis, thus spoiling the purpose of a covert channel, and/or are highly sensitive to channel noise, rendering them useless in practice. In this paper, we introduce a novel covert timing channel which allows to balance undetectability and robustness: i) the encoded message is modulated in the inter-packet delay of the underlying overt communication channel such that the statistical properties of regular traffic can be closely approximated and ii) the underlying encoding employs spreading techniques to provide robustness. We experimentally validate the effectiveness of our approach by establishing covert channels over on-line gaming traffic. The experimental results show that our covert timing channel can achieve strong robustness and undetectability, by varying the data transmission rate.