Exploiting Temporal Variability in TCP Timestamps for Covert Channel Design

Exploiting Temporal Variability in TCP Timestamps for Covert Channel Design

Information is a valuable asset for individuals, organizations, and governments, making secure transmission a critical concern. Cryptographic techniques are widely used to protect communication; however, in scenarios where the mere detection of communication poses a risk, encryption alone is insuffi...

Full description

Saved in:
Bibliographic Details
Main Authors: Silvio R. A. O. Filho, Claudio A. S. Lelis, Eric T. E. Soares, Cesar A. C. Marcondes
Format: Article
Language:English
Published: IEEE 2025-01-01
Series:IEEE Access
Subjects:
Covert channels
network security
transport layer
TCP
temporal uncertainty
time variability
Online Access:https://ieeexplore.ieee.org/document/11062641/
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Information is a valuable asset for individuals, organizations, and governments, making secure transmission a critical concern. Cryptographic techniques are widely used to protect communication; however, in scenarios where the mere detection of communication poses a risk, encryption alone is insufficient. In such cases, covert channels—designed to conceal the existence of communication—offer a viable alternative. When these channels operate over network protocols, they are referred to as network covert channels. A covert channel is undetectable if its traffic blends with regular communication. One approach to achieving this level of stealth is by embedding secret information into an inherent source of uncertainty within the transmission process. If the characteristics of this uncertainty are preserved, it becomes difficult to differentiate covert communication from normal traffic. Among widely used network protocols, the Transmission Control Protocol (TCP) presents intrinsic uncertainties in its header fields. Specifically, the TCP Timestamp option exhibits temporal uncertainty, making it a promising candidate for covert communication. This paper introduces two novel covert channel models exploiting the inherent temporal variability of TCP timestamps to achieve stealthy and reliable communication. Our approach overcomes limitations of previous methods by ensuring statistical indistinguishability from legitimate traffic while maintaining robustness against detection and packet loss. Experimental validation in real-world network environments demonstrates the practical applicability and enhanced security of the proposed models. It demonstrates that it is possible to enhance both stealth and reliability in covert communication, providing a practical reference for secure data transmission in real-world network environments.
ISSN:2169-3536

Similar Items