An Empirical Bandwidth Analysis of Interrupt-Related Covert Channels

An Empirical Bandwidth Analysis of Interrupt-Related Covert Channels

Richard Gay (TU Darmstadt, Darmstadt, Germany), Heiko Mantel (TU Darmstadt, Darmstadt, Germany) and Henning Sudbrock (TU Darmstadt, Darmstadt, Germany)
Copyright: © 2015 |Pages: 22
DOI: 10.4018/IJSSE.2015040101
OnDemand PDF Download:
No Current Special Offers


Interrupt-related covert channels (IRCCs) utilize hardware interrupts for enabling communication between processes. This article provides an empirical evaluation of IRCC vulnerabilities, based on an actual exploit. The evaluation combines experiments with an information-theoretic analysis for computing the channel bandwidth. The evaluation shows that a bandwidth of multiple bits per second is achievable in a desktop system via interrupts of a network interface card. This result clarifies the significance of this IRCC vulnerability for one particular system. The exploit presented is configurable, and the article provides a solution for computing an optimal exploit configuration for a given system. While side channels based on hardware interrupts have been discussed before, this is the first empirical evaluation of covert channels based on hardware interrupts.
Article Preview

2. Background

Covert channels. There are multiple definitions of covert channels (Gligor, 1993). Lampson (1973) defines covert channels to be communication channels that are neither designed nor intended to transfer information. Huskamp (1978) defines covert channels as channels that “are the result of resource allocation policies and resource management implementation”. This article takes a definition with an explicit notion of processes as a basis: a covert channel is “a communication channel that allows a process to transfer information in a manner that violates the system’s security policy” (Gligor, 1993). In contrast to side channels, covert channels consider a sender that deliberately participates in the communication.

Complete Article List

Search this Journal:
Open Access Articles: Forthcoming
Volume 8: 4 Issues (2017)
Volume 7: 4 Issues (2016)
Volume 6: 4 Issues (2015)
Volume 5: 4 Issues (2014)
Volume 4: 4 Issues (2013)
Volume 3: 4 Issues (2012)
Volume 2: 4 Issues (2011)
Volume 1: 4 Issues (2010)
View Complete Journal Contents Listing