Information Technology Reference
In-Depth Information
Construction of the Covert Channels
Alexander Grusho and Elena Timonina
Russian State University for Humanity, Kirovogradskya, 25, Moscow, Russia
aaotee@mail.infotel.ru
Abstract.
The purpose of this work is the demonstration of an adversary intru-
sion into protected computing system, when the covert channels are poorly
taken into account. We consider an opportunity of overcoming the protection
mechanisms placed between a protected segment of a local area network and a
global network (for example, Internet). We discuss the ability for a warden to
reveal the covert channels. The work is supported with the grant RFBR # 01-
01-00895.
1
Introduction
This work is the demonstration of an adversary intrusion into protected computing
system, when the covert channels are poorly taken into account [2, 4]. We construct
an attack with overcoming of the protection mechanisms placed between a protected
segment of a local area network and a global network (for example, Internet).
The problem of usage of the packets parameters for construction covert channels
was discussed in many works. All such channels can be destroyed. The usage of
addresses for subliminal transmission was mentioned in [3]. But in [3] was discussed
only the capacity of the subliminal channels. This is the paper where problems of
overcoming of security mechanisms constructed against covert channels are dis-
cussed.
The rest of the paper is organized as follows. In Section 2 we introduce a commu-
nication model and the languages for construction of covert channels. Section 3 pre-
sents the properties of the constructed covert channels.
2
Models and Constructions of Covert Channel
Let us consider
m
+1 segments of local computer networks
S
. These seg-
ments consist of workstations (hosts) with the local addresses
in
each of them and
there are gateways connecting local area networks with a global network (for exam-
ple, Internet). Let
s
, s
, …, s
be addresses of gateways of networks
S
,
S
,…,S
, which represent these segments in a global network. For dialogue between
hosts in different segments, there is a virtual private network (VPN). If the packet
from a workstation with the address
x
in a segment
S
, S
…,S
should be transferred to a
