Catalog Home Page

Error probability analysis of IP Time To Live covert channel

Zander, S., Branch, P. and Armitage, G. (2007) Error probability analysis of IP Time To Live covert channel. In: International Symposium on Communications and Information Technologies, 2007 (ISCIT '07), 16 - 19 October 2007, Sydney, Australia

[img]
Preview
PDF - Published Version
Download (170kB) | Preview
Link to Published Version: http://dx.doi.org/10.1109/ISCIT.2007.4392082
*Subscription may be required

Abstract

Communication is not necessarily made secure by the use of encryption alone. The mere existence of communication is often enough to raise suspicion and trigger investigative actions. Covert channels aim to hide the very existence of the communication. The huge amount of data and vast number of different protocols in the Internet makes it ideal as a highbandwidth vehicle for covert communications. A number of researchers have proposed different techniques to encode covert information into the IP Time To Live (TTL) field. This is a noisy covert channel since the TTL field is modified between covert sender and receiver. For computing the channel capacity it is necessary to know the probability of channel errors. In this paper we derive analytical solutions for the error probabilities of the different encoding schemes. We simulate the different encoding schemes and compare the simulation results with the analytical error probabilities. Finally, we compare the performance of the different encoding schemes for an idealised error distribution and an empirical TTL error distribution obtained from real Internet traffic.

Publication Type: Conference Paper
URI: http://researchrepository.murdoch.edu.au/id/eprint/35013
Item Control Page Item Control Page

Downloads

Downloads per month over past year