An 802.11-based Covert Timing Channel With Off-The-Shelf Wireless Cards
By using covert channels, a malicious entity can hide messages within regular traffic and can thereby circumvent security mechanisms. This same method of obfuscation can be used by legitimate users to transmit messages over hostile networks. A promising area for covert channels is wireless networks employing carrier sense multiple access with collision avoidance (CSMA/CA) (e.g., 802.11 networks). These schemes introduce randomness in the network that provides good cover for a covert timing channel. Hence, exploiting the random back-off in the distributed coordination function (DCF) of 802.11, used to avoid collisions, we realize a covert timing channel for 802.11 networks, which is called Covert-DCF. As opposed to many works in the literature focusing on theory and simulations, Covert-DCF is the first fully implemented covert timing channel for 802.11MAC using off-the-self wireless cards. In this work, we introduce the design and implementation of Covert-DCF that is transparent to the users of the shared medium. We also evaluate the performance of Covert-DCF. Our experimental results prove the feasibility and practicality of Covert-DCF.
- Sakthi V Radhakrishnan, A.Selcuk Uluagac, and R. A. Beyah,”A DCF-Based Covert Timing Channel for IEEE 802.11 With Off-The-Shelf Wireless Cards,” Poster at The 21st USENIX Security Symposium, August 2012
- Sakthi V. Radhakrishnan, A.Selcuk Uluagac, and R. A. Beyah,”Realizing an 802.11-based Covert Timing Channel using Off-The-Shelf Wireless Cards,” in Proceedings of the IEEE Global Communications (GLOBECOM) Conference, Atlanta, GA, December 2013, [bibtex],[pdf]