A Novel Approach for Covert Communication Over TCP via Induced Clock Skew

Abstract

The goal of this thesis is to determine the feasibility and provide a proof of concept for a covert communications channel based on induced clock skew. Transmission Control Protocol (TCP) timestamps provide a means for measuring clock skew between two hosts. By intentionally altering timestamps, a host can induce artificial clock skew as measured by the receiver, thereby providing a means to covertly communicate. A novel scheme for transforming symbols into skew values is developed in this work, along with methods for extraction at the receiver. We tested the proposed scheme in a laboratory network consisting of Dell laptops running Ubuntu 16.04. The results demonstrated a successful implementation of the proposed covert channel with achieved bit rates as high as 33 bits per second under ideal conditions. Forward error correction was also successfully employed in the form of a Reed-Solomon code to mitigate the effects of variation in delay over the Internet.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Mar 01, 2018
Accession Number
AD1181389

Entities

People

  • Erik S Knebel

Organizations

  • Naval Postgraduate School

Tags

Communities of Interest

  • Cyber
  • Energy and Power Technologies
  • Materials and Manufacturing Processes

DTIC Thesaurus Topics

  • Application Protocols
  • Central Processing Units
  • Channel Capacity
  • Computer Communications
  • Computer Network Security
  • Computer Networks
  • Computer Science
  • Computers
  • Cybersecurity
  • Digital Communications
  • Engineering
  • Network Protocols
  • Network Science
  • Networks
  • Operating Systems
  • Schools
  • Standards
  • Transport Protocols
  • Travel Time
  • United States
  • United States Naval Academy

Readers

  • Computer Networking
  • Parallel and Distributed Computing.
  • Radio communications and signal processing.