Abstract
Authentication over a network is an important and difficult problem. Accurately determining the authenticity of a node or user is critical in maintaining the security of a network. Our proposed technique covertly embeds a watermark, or identifying tag, within a data stream. By implementing this model on a LAN and WLAN we show that this method is easily adaptable to a variety of networking technologies, and easily scalable. While our technique increases the time required for data to be transferred, we show that the throughput of the link during the brief authentication window is decreased by no more than 8% in a switched LAN and 11% in a WLAN. During our empirical analysis we were able to detect the watermark with 100% accuracy in both a LAN and WLAN environment.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Cisco, NAC. http://www.cisco.com/en/US/netsol/ns466/networking_solutions_package.html
Thumann, M., Roecher, D.: NAC@ACK: Hacking the Cisco Nac Framework. In: The Proceedings of Black Hat Europe (2007)
Cisco Security Response: AAA Command Authorization By-Pass. 0125-aaatcl.pdf (2006), http://www.cisco.com/warp/public/707/cisco-sr-
Pyun, Y.J., Park, Y.H., Wang, X., Reeves, D.S., Ning, P.: Tracing Traffic through Intermediate Hosts that Repacketize Flows. In: INFOCOM 2007. 26th IEEE International Conference on Computer Communications (2007)
Wang, X., Reeves, D.S.: Robust Correlation of Encrypted Attack Traffic through Stepping Stones by Manipulation of Interpacket Delays. In: Proc. of the 10th ACM conference on Computer and Communications Security (CCS), October 2003, pp. 20–29 (2003)
Wang, X., Chen, S., Jajodia, S.: Tracking Anonymous Peer-to-Peer VoIP Calls on the Internet. In: Proc. of the 12th ACM conference on Computer and Communications Security (CCS), November 2005, pp. 81–91 (2005)
Peng, P., Ning, P., Reeve, D.S., Wang, X.: Active Timing-Based Correlation of Perturbed Traffic Flows with Chaff Packets. In: Proc. Of the 2nd International Workshop on Security in Distributed Computing Systems (SDCS), June 2005, pp. 107–113 (2005)
Want, X., Reeves, D.S., Ning, P., Feng, F.: Robust Network-Based Attack Attribution through Probabilistic Watermarking of Packet Flows. Technical Report TR-2005-10, Department of Computer Science, NC State Univ. (2005)
Peng, P., Ning, P., Reeves, D.S.: On the Secrecy of Timing-Based Active Watermarking Trace-Back Techniques. In: Proc. of the 2006 IEEE Symposium on Security and Privacy (S&P), May 2006, pp. 334–349 (2006)
Zhang, Y., Paxson, V.: Detecting Stepping Stones. In: Proc. of the 9th USENIX Security Symposium, August 2000, pp. 171–184 (2000)
Blum, A., Song, D.X., Venkataraman, S.: Detection of Interactive Stepping Stones: Algorithms and Confidence Bounds. In: Proc. of the 7th International Symposium on Recent Advances in Intrusion Detection (RAID), Octeber 2004, pp. 258–277 (2004)
Donoho, D.L., Flesia, A.G., Shankar, U., Paxson, V., Coit, J., Staniford, S.: Multiscale Stepping-Stone Detection: Detecting Pairs of Jittered Interactive Streams by Exploiting Maximum Tolerable Delay. In: Proc. of the 5th International Symposium on Recent Advances in Intrusion Detection (RAID), October 2002, pp. 17–35 (2002)
Zhang, L., Persaud, A., Johnson, A., Guan, Y.: Stepping Stone Attack Attribution in Non-Cooperative IP Networks. Iowa State University, Tech. Rep. TR-2005-02-1 (February 2005)
Takahashi, T., Lee, W.: An Assessment of VoIP Covert Channel Threats. In: Proc. of SecureComm 2007, 3rd International Conference on Security and Privacy in Communication Networks (2007)
Fu, X., Zhu, Y., Graham, B., Bettati, R., Zhao, W.: On Flow Marking Attacks in Wireless Anonymous Communication Networks. In: Proceedings of the 25th International Conference on Distributed Computing Systems (ICDCS) (2005)
Cabuk, S., Brodley, C., Shields, C.: IP Covert Timing Channels: Design and Detection. In: the Proceedings of the 11th ACM conference on Computer and Communications Security (October 2004)
Lampson, B.W.: A Note on the Confinement Problem. Communications of the ACM 16, 613–615 (1973)
Rowland, C.H.: Covert Channels in the TCP/IP Protocol Suite. First Monday 2.5 (May 1997)
Fisk, G., Fisk, M., Papadopoulos, C., Neil, J.: Eliminating Stenagraphy in Internet Traffic with Active Wardens. In: Information Hiding 2002, pp. 18–35. Springer, Heidelberg (2002)
Rutkowska, J.: The Implementation of Passive Covert Channels in the Linux Kernel. In: Chaos Communication Congress, Chaos Computer Club e.V. (2004)
route, alhambra. Project Loki. Phrack  7(49) (November 1996)
Moore, K.: On the Use of HTTP as a Substrate. Tech. Rep. In: Ternet Engineering Task Force, RFC 3205 (February 2002)
Brinkhoff, L.G.: httptunnel, http://www.nocrew.org/software/httptunnel.html
Covert Channels Definition, http://en.wikipedia.org/wiki/Covert_channel
Stenography Definition, http://en.wikipedia.org/wiki/Stenography
Netfilter / IPTables, http://www.netfilter.org/
Tcpdump, http://www.tcpdump.org/
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2008 IFIP International Federation for Information Processing
About this paper
Cite this paper
Newman, R., Beyah, R. (2008). A Performance Analysis of Authentication Using Covert Timing Channels. In: Das, A., Pung, H.K., Lee, F.B.S., Wong, L.W.C. (eds) NETWORKING 2008 Ad Hoc and Sensor Networks, Wireless Networks, Next Generation Internet. NETWORKING 2008. Lecture Notes in Computer Science, vol 4982. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-79549-0_13
Download citation
DOI: https://doi.org/10.1007/978-3-540-79549-0_13
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-79548-3
Online ISBN: 978-3-540-79549-0
eBook Packages: Computer ScienceComputer Science (R0)