学术文献库

Covert channels are stealthy communication channels that enable manifold adversary and legitimate scenarios, ranging from malware communications to the exchange of confidential information by journalists and censorship circumvention. We introduce a new class of covert channels that we call history covert channels. We further present a new paradigm: covert channel amplification. All covert channels described until now need to craft seemingly legitimate flows or need to modify third-party flows, mimicking unsuspicious behavior. In contrast, history covert channels can communicate by pointing to unaltered legitimate traffic created by regular network nodes. Only a negligible fraction of the covert communication process requires the transfer of covert information by the covert channel's sender. This information can be sent through different protocols/channels. Our approach allows an amplification of the covert channel's message size, i.e., minimizing the fraction of actually transferred secret data by a covert channel's sender in relation to the overall secret data being exchanged. Further, we extend the current taxonomy for covert channels to show how history channels can be categorized. We describe multiple scenarios in which history covert channels can be realized, analyze the characteristics of these channels, and show how their configuration can be optimized.