Multiple Access Covert Channels - PowerPoint PPT Presentation

About This Presentation

Title:

Multiple Access Covert Channels

Description:

Minimum refractory period between spikes. Timing Channels & Spikes. Constant D voltage ... Refractory time TR = 1 msec. Increments of DT = 0.05 msec. Maximum ... – PowerPoint PPT presentation

Number of Views:210

Avg rating:3.0/5.0

Slides: 21

Provided by: root86

Learn more at: https://www.cise.ufl.edu

Category:

more less

Transcript and Presenter's Notes

Title: Multiple Access Covert Channels

1
Multiple Access Covert Channels

Ira Moskowitz
Naval Research Lab
moskowitz_at_nrl.itd.navy.mil

Richard Newman Univ. of Florida nemo_at_cise.ufl.edu
2
Focus

Review covert channels from high assurance
computing and anonymity
Define quasi-anonymous channel
Review analysis of single sender DMC
Analyze 2-sender DMC arising in anonymity systems

3
Covert Channels

CC communication contrary to design
Storage channels and timing channels
Storage channel capacity given by mutual
information, in bits per symbol
Timing channel capacity analysis requires
optimizing ratio of mutual information to
expected time cost

4
Storage Channel Example

File system full/not full
High fills/leaves space in FS to signal 1 or 0
Low tries to obtain space and fails or succeeds
to read 1 or 0
Low returns system to previous state

5
Timing Channel Example

High uses full time quantum in time sharing host
to send 1, gives up CPU early to send 0
Low measures time gaps between accesses to read
1 or 0

6
Anonymity Systems

Started with Chaum Mixes
Mix receives encrypted, padded msg
Decrypts/re-encrypts padded msg
Delays forwarding msg
Scrambles order of msg forwarding

7
Mixes

Mix may be timed (count number of msgs forwarded
each time it fires)
Mix may fire when threshold reached (count time
between firings)
Mixes may be chained
Studied timed Mix-firewalls and covert channels
now for threshold Mix-firewalls

8
Mix-firewall figure
9
Mix-firewall CC Model

Alice behind M-F
Eve listening to output of M-F
Clueless senders behind M-F
Each sender (Alice or Clueless) may either send
or not send a msg each tick
Alice modulates her behavior to try to
communicate with Eve

10
Threshold Mix No Clueless

Noiseless timing channel
Minimum delay of q
Other delays of q 1, q 2,
Capacity of this simple timing channel
C lim n!1 sup (log Sn)/n

11
Simple Timing Channel Capacity

Delays of q 1, q 2,
Capacity of this simple timing channel
C log wq,1 , where
wq,1 is the unique positive root of
1 (x q x 1)

12
Bounded Timing Channel Capacity

Delays of q, q 1, q 2, , q N
Capacity of bounded timing channel
C log wq,N , where
wq,N is the unique positive root of
1 (xq x(q 1) x(q N))

13
Neurons

Basis for nervous system
Soma receives information from dendrites
Soma sends information via electrical impulse
(spike) down axon
Spike releases neurotransmitters across synaptic
cleft at end of axon to dendrite

14
Spikes

Spike, or action potential, changes potential
from 70 mV to 50 mV
Information passed by timing, not by magnitude of
spike voltage
Action potential propagation speed from 1 to
100s of km/hr, F(size, sheath)
Spike duration is 1-2 ms.
Minimum refractory period between spikes

15
Timing Channels Spikes
Timing Channels Spikes
Minimum delay Refractory period
Information in timing Information in timing
Constant messages Constant D voltage
16
MacKay-McCulloch

Considered neuronal data rates
Refractory time TR 1 msec
Increments of DT 0.05 msec
Maximum time TM TR nDT 2 msec
Capacity estimated (incorrectly) as
C log n / (TM TR )/2

17
MacKay-McCulloch

Estimated 2.9 bps (3.1 bps is right)
Can rewrite estimated capacity as
C log n / TR nDT/2
But
lim n!1log n / TR nDT/2 0 ,
when in fact, limiting rate is 3.24 bps

18
Majani Rumsey

For constant symbol time, 2-input DMC, with
noise, showed optimal distribution for inputs had
pr(0) in 1/e , 1-1/e
Liang proved conjecture for n-input DMC
These results do not apply when the symbol times
vary

19
Noise