• Research positions in IoT and CPS security available! Please click here for more information..

An 802.11-based Covert Timing Channel With Off-The-Shelf Wireless Cards

By using covert channels, a malicious entity can hide messages within regular traffic and can thereby circumvent security mechanisms. This same method of obfuscation can be used by legitimate users to transmit messages over hostile networks. A promising area for covert channels is wireless networks employing carrier sense multiple access with collision avoidance (CSMA/CA) (e.g., 802.11 networks). These schemes introduce randomness in the network that provides good cover for a covert timing channel. Hence, exploiting the random back-off in the distributed coordination function (DCF) of 802.11, used to avoid collisions, we realize a covert timing channel for 802.11 networks, which is called Covert-DCF. As opposed to many works in the literature focusing on theory and simulations, Covert-DCF is the first fully implemented covert timing channel for 802.11MAC using off-the-self wireless cards. In this work, we introduce the design and implementation of Covert-DCF that is transparent to the users of the shared medium. We also evaluate the performance of Covert-DCF. Our experimental results prove the feasibility and practicality of Covert-DCF.