Covert Channels

Jan 30, 1997

Abstract

A Trojan horse might attempt to send sensitive information belonging to its user to whoever wrote or planted the program. In most systems this is easy because a program runs with the privileges of its user. Systems with "mandatory" access controls make the attacker's job harder because they prevent obvious subversions such as copying files or sending messages to unauthorized parties. However, it is usually possible to bypass those controls by leaking information one bit at a time through shared operating system resources, sometimes at tens or hundreds of bits per second. This talk gives some examples of covert channels and discusses the problem of detecting them and estimating leakage rates.