Abstract:
In order to solve the problem that the covert timing channel works unstable in the Internet, the model of a robust covert timing channel (RCTC) running on the Web by using HTTP protocol is proposed. In the model, the inter packets delay is used to transmit covert information, and the acknowledge packet of HTTP protocol works as a confirmation of the covert information, which forms a bidirectional covert channel. A reliable communication protocol, which keeps the transmitter and the receiver of the covert information to be synchronization, is designed to ensure the stability of RCTC. To improve the efficiency of covert channel, the encode way of covert information is analyzed, and the scheme of “2-bits to one inter packets delay” is adopted. The capacity of RCTC is deduced based on queue theory. The experimental environment of RCTC in the Internet is constructed and several experiments of covert communication with the channel are conducted. The results show that the capacity of RCTC is about 11 times of that of traditional timing channel, the robustness of the channel is much better than that of traditional timing covert channel, and the channel can maintain reliable even when the quality of network communication is poor.