-
Review ArticleA Survey of Key Technologies for Constructing
NetworkCovert Channel
Jing Tian ,1,2 Gang Xiong,1,2 Zhen Li,1,2 and Gaopeng Gou
1,2
1Institute of Information Engineering, Chinese Academy of
Sciences, Beijing, China2School of Cyber Security, University of
Chinese Academy of Sciences, Beijing, China
Correspondence should be addressed to Gaopeng Gou;
[email protected]
Received 8 April 2020; Accepted 16 July 2020; Published 5 August
2020
Academic Editor: Leonardo Mostarda
Copyright © 2020 Jing Tian et al. 'is is an open access article
distributed under the Creative Commons Attribution License,which
permits unrestricted use, distribution, and reproduction in any
medium, provided the original work is properly cited.
In order to protect user privacy or guarantee free access to the
Internet, the network covert channel has become a hot
researchtopic. It refers to an information channel in which the
messages are covertly transmitted under the network environment.
Inrecent years, many new construction schemes of network covert
channels are proposed. But at the same time, network covertchannel
has also received the attention of censors, leading to many
attacks. 'e network covert channel refers to an informationchannel
in which the messages are covertly transmitted under the network
environment. Many users exploit the network covertchannel to
protect privacy or guarantee free access to the Internet. Previous
construction schemes of the network covert channelare based on
information steganography, which can be divided into CTCs and CSCs.
In recent years, there are some covertchannels constructed by
changing the transmission network architecture. On the other side,
some research work promises that thecharacteristics of emerging
network may better fit the construction of the network covert
channel. In addition, the covert channelcan also be constructed by
changing the transmission network architecture.'e proxy and
anonymity communication technologyimplement this construction
scheme. In this paper, we divide the key technologies for
constructing network covert channels intotwo aspects: communication
content level (based on information steganography) and transmission
network level (based on proxyand anonymity communication
technology). We give an comprehensively summary about covert
channels at each level. We alsointroduce work for the three new
types of network covert channels (covert channels based on
streaming media, covert channelsbased on blockchain, and covert
channels based on IPv6). In addition, we present the attacks
against the network covert channel,including elimination,
limitation, and detection. Finally, the challenge and future
research trend in this field are discussed.
1. Introduction
With the rapid development of information technology,Internet
has penetrated into every aspect of people’s lives.However, when
people enjoy the convenience brought bythe network, there have been
many issues of informationleakage and user privacy breaches [1].
For example, therehave emerged malicious attacks which aimed at
stealingconfidential government data, such as GhostNet
[2],ShadowNet [3], and Axiom [4]. On the other hand, re-pressive
governments have deployed increasingly sophisti-cated technology to
block the disfavored Internet content[5]. So, many users cannot
access Internet freely.
'e network covert channel can covertly transmit secretmessages.
It can hide covert traffic in a large amount of overtcommunication
traffic. Many researches show that the use ofnetwork covert channel
can protect user privacy andguarantee users’ right to free access
to Internet [6–8]. 'esecure transmission of secret messages in the
communica-tion process refers to two aspects: one is the
communicationcontent security [9] and the other is the
communicationconnection security [6, 10, 11]. Network covert
channel caneffectively improve the security of these two
aspects.
In terms of communication content security, encryptiontechnology
is widely used to protect the communicationcontent of both sides,
such as SSL (secure sockets layer),
HindawiSecurity and Communication NetworksVolume 2020, Article
ID 8892896, 20 pageshttps://doi.org/10.1155/2020/8892896
mailto:[email protected]://orcid.org/0000-0003-2949-5345https://orcid.org/0000-0002-3533-4874https://creativecommons.org/licenses/by/4.0/https://creativecommons.org/licenses/by/4.0/https://doi.org/10.1155/2020/8892896
-
digital signature, and other technologies. 'e Googletransparency
report “HTTPS Encryption in Chrome”(available under
https://transparencyreport.google.com/https/overview) states that,
in October 2019, 95% ofChrome webpages enabled encryption. In
addition,according to Netmarketshare (a website for Market
ShareStatistics for Internet Technologies, available under
https://netmarketshare.com/report.aspx?id�https), the percentageof
encrypted web traffic in October 2019 has exceeded 90%.
However, with the continuous development of theencrypted traffic
analysis technology, even in the case ofencryption, certain
activities of users can still be discovered[12, 13]. So, the
privacy of users cannot be well protected. Onthe other hand, the
increasing computing power and attackson encryption algorithm also
make it possible to crackencrypted traffic [14, 15]. 'e covert
channel can prevent theencrypted traffic from being discovered due
to its coverttransmission characteristics. In this environment, if
theattacker does not know the covert channel constructionmethod, he
cannot perform the attacks on encrypted traffic,even if he has a
strong ability to analyze and crack encryptedtraffic [7]. So, the
network covert channel enhanced thecommunication content
security.
In terms of communication connection security, themeta-data
(message source IP address, destination IP ad-dress, etc.) and
communication mode (interval of packets,etc.) cannot be hidden by
encryption [10]. 'e communi-cation participants may expose identity
information to thenetwork eavesdroppers [16]. Further, they can
infer thesender and receiver of the message and find the
ongoingcommunication connection, leading to significant risk
ofprivacy leaks and being blocked.
But, the network covert channel is an
unconventionalcommunication method, and the eavesdroppers
cannotdetermine whether the user is actually performing
covertcommunication and thus cannot find both sides of
com-munication. So, the identity concealment of both parties canbe
protected [17]. On the other hand, because the traffic ofthe covert
channel is mixed in a large amount of overt traffic,even if the
eavesdroppers use some methods to obtain theidentity of both
parties, it is difficult for them to determinewhether the two
parties are sending or receiving messages,that is, the
communication behavior is unobservable [18].So, the covert channel
can provide a strong guarantee for thesecurity of communication
connection.
'e use of covert channels strengthens the content se-curity of
encrypted traffic and fills the shortcomings thatencryption cannot
protect the security of communicationconnection. So, the demand to
construct network covertchannels is increasing, and many
technologies are proposed.'e most common technology is to use
information steg-anography to build a network covert channel [17].
'einformation steganography can hide secret messages in thetemporal
behavior of the traffic or the storage fields in thenetwork
protocol, which composes CTCs (covert timingchannels) and CSCs
(covert storage channels) accordingly[7]. Besides the information
steganography, many covertchannels perform covert transmission by
changing thetransmission network architecture. 'ere are two
typical
representatives: proxy technology [19, 20] and
anonymouscommunication technology [11]. 'e proxy can be dividedinto
two categories: end-to-end proxy (such as HTTP proxy[21]) and end
to middle proxy (such as Telex [22]). Inaddition, anonymous
communication technology can alsoconduct a new covert transmission
path. 'ere are manymature anonymous communication systems such as
Tor[23], I2P [24], and Loopix [11].
On the other side, some research work promises that
thecharacteristics of emerging networks may better fit
theconstruction of the network covert channel. With the
de-velopment of emerging networks, many network covertchannels in
the new network environment (streaming medianetwork, blockchain
network, and IPv6) have been pro-posed. 'e covert channels based on
streaming medianetwork hide secret messages in audio and video
traffic anduse popular streaming media applications as the
carrier.'ere are three typical covert channels: Facet [25],
Cov-ertCast [26], and DeltaShaper [27]. 'e blockchain networkhas
the characteristics of participant-anonymity, floodingpropagation,
and tampering resistance [28]. 'e covertchannels based on
blockchain network can utilize partici-pant-anonymity and flooding
propagation to increase theconcealment of communicating parties. 'e
tampering re-sistance can also be used to guarantee the robustness
ofcovert channel. In this context, the models of covertchannels
based on blockchain network are proposed [10, 28]and three covert
channels (Zombiecoin [10], Botchain [29],and Chainchannels [30])
have been actually deployed inblockchain network. 'e IPv6 network
is also a compellingplatform for constructing covert channels. 'e
IPv6 headerand its extensions have many reserved fields or other
fieldswhich can embed information, thus leading tomany
possiblecovert channels [31].
However, because the network covert channel is a goodmethod to
cope with repressive government, it has alsoreceived the attention
of censors [32]. Compared with or-dinary eavesdroppers, the
national-level censors have aglobal traffic view and have a
stronger ability to analyzetraffic. More and more attacks against
the covert channelhave appeared, which has an impact on channel
conceal-ment, robustness, and transmission efficiency [33–35].
Although there are many studies on covert channels, thereis no
comprehensive survey for the construction technologiesthey use and
corresponding attacks. In addition, there is alsoless research on
the covert channels in the new networkenvironment. Compared with
the already published studies,the main contributions of this paper
are as follows:
(1) Previous studies only considered the network covertchannel
based on information steganography, butnot the covert channel based
on the changing net-work architecture. According to different
principlesof covert channel construction technologies, wedivide
covert channels into two levels: communi-cation content and
transmission network, which cancomprehensively include existing
covert channels.And, we conduct a comprehensive analysis on
thecovert channels under each construction technology.
2 Security and Communication Networks
https://transparencyreport.google.com/https/overviewhttps://transparencyreport.google.com/https/overviewhttps://netmarketshare.com/report.aspx?id=httpshttps://netmarketshare.com/report.aspx?id=https
-
(2) 'e characteristics of the new network create manyconvenient
conditions for the construction of net-work covert channels.
However, they are not con-sidered in other reviews. We present the
covertchannels in the new network environments in-cluding streaming
media, blockchain, and IPv6,which makes up for deficiencies in
existing work. Itwould highly facilitate for the researchers to
un-derstand the research status and provide researchideas for the
subsequent design of covert channels inthose new network
environments.
(3) We emphasize the challenging problems facing theconstruction
of covert channels: the IP blocking orother blocking technology
reduces the channelavailability; the use of ML and DL technology
makesthe covert channel easier to expose. We discuss howto improve
the ability to resist those problems, suchas using adversarial
examples, constructing revers-ible network, covert channel.
In order to improve the readability, we list the abbre-viations
used in our article in Table 1.
'e rest of the paper is organized as follows: Section 2gives the
research background of network covert channels.In Section 3, we
present the network covert channel con-struction technology at
communication content level andtransmission network level. In
Section 4, we provide thecovert channels in the new network
environment. In Section5, we present network covert channel metrics
includingconcealment, robustness, and throughput. In Section 6,
weshow the attacks against network covert channels. 'en, wediscuss
the challenges and suggest future research directionsin Section 7.
Lastly, Section 8 presents conclusion.
2. Research Background of NetworkCovert Channels
2.1. Network Covert Channel Definition. 'e covert channelwas
originally proposed by Lampson [36]. Its purpose is totransmit
secret messages to the recipient in an unconven-tional manner
without being noticed by the observer.
'e classic communication scenario of the covertchannel is the
prisoner problem [37]: Alice and Bob are heldin two rooms of a
prison. 'ey want to escape and they needto transmit the escape plan
to each other, but the watcherWendy monitors them. 'erefore, Alice
and Bob need tocomplete the information exchange without
alertingWendy.
With the development of Internet, the network covertchannel has
emerged. It is a kind of channel that transmitscovert messages in
violation of communication restrictionrules in network environment
[7]. 'e goal of networkcovert channels is not only to ensure that
communicationcontent is not discovered but also to protect the
identities ofboth parties. 'e prisoner model of the network
covertchannel is shown in Figure 1.
2.2. Adversary Scenario. In order to improve the availabilityof
covert channel, we must describe the adversaries
appropriately. Common attack methods used by adversariesare
described in detail in Section 6. 'ere are four attributeswhich can
describe different types of adversaries:
(i) According to the attack mode, the adversaries aredivided
into passive and active: the passive adver-sary observes the
communication traffic and ana-lyzes it; the active adversary not
only observes andanalyzes it but also can generate, modify, delete,
ordelay traffic.
(ii) According to the location, the adversaries are di-vided
into external and internal: external adver-saries are located
outside the path of covertinformation transmission and internal
attackers arelocated on the path or control some middleware onthe
path.
(iii) According to the adversaries’ resource, the adver-saries
are divided into global and partial: a globaladversary can observe
the total channel, but a partialadversary can only attack a part of
the channel.
(iv) According to the variability of attackers’ resource,the
adversaries are divided into invariable andadaptive: an invariable
adversary cannot changeresources he occupied after the attack
begins. But,adaptive adversaries may constantly change theoccupied
resources during the attack.
Because of the differences in security targets and featuresof
each covert channel, the adversary each channel is as-suming is
different. An adversary is always assumed to have
Table 1: 'e abbreviations used in our article.
Abbreviation Full nameSSL Secure sockets layerTor 'e
second-generation onion routerDPI Deep packet inspectionI2P
Invisible internet projectML Machine learningDL Deep learningCTCs
Covert timing channelsCSCs Covert storage channelsURL Uniform
resource locatorE2M End-to-middleC&C Command and controlIPDs
Internet packet delaysBER Bit error ratePDU Protocol data unitICMP
Internet control message protocolECDH Elliptic curve
Diffie-HellmanTCP ISNs TCP initial sequence numbersPPTP
Point-to-point tunneling protocolL2TP Layer two-tunneling
protocolVTP VLAN trunking protocolIPSec IP securityDHT Distributed
hash tableESP Encapsulating security payloadSDN Software defined
networkIoT Internet of thingsICS Industrial control systemsDGA
Domain generation algorithm
Security and Communication Networks 3
-
the passive capability when analyzing the security of
covertchannel. But, at the same time, he may have many
otherattributes. For example, in Telex [22], an end-to-middleproxy,
the adversary is assumed to be a person who controlsthe
infrastructure of the network within its jurisdiction andcan
observe, alter, block, or inject network traffic. So, he isnot only
a passive adversary but also a partial and activeadversary. In Tor
[23], a low-latency anonymous commu-nication system, if an
adversary operates some onion nodesand modifies the data that flow
through them, he is aninternal and active adversary. In the
meantime, if he ob-serves all of the onion nodes, he is also a
global and passiveadversary.
2.3. Network Covert Channel Classification. Most of theexisting
researches divide the network covert channels intoCTCs and CSCs
according to the different message mod-ulation methods [38,
39]:
(i) Network covert storage channels: CSCs include thesecret
messages into storage objects at the sender andthen reading them at
the receiver. Reserved bits orunused bits of the protocol are
mainly used totransmit information.
(ii) Network covert timing channels: CTCs include thesecret
messages into the timing behavior at thesender and then extract the
covert messages at thereceiver. Normally, the delays in network
packets areused to deliver covert messages.
3. TypicalTechniquesforConstructingNetworkCovert Channels
Most covert channels tend to encode covert information intoa
storage field or time behavior and then transmit it inaccordance
with common network transmission processes.It is essentially a form
of information hiding technology(also called information
steganography). 'e classificationmethod mentioned in Section 2 is
also based on thistechnology. 'e information steganography is a
hiddentransmission technology at the level of communicationcontent,
which does not involve the transmission networklevel. At present,
there are many covert channels based onchanging the structure of
the transmission network. 'ey
covertly transmit information by designing new
networktransmission paths. So, the classification mentioned
inSection 2 can no longer include all network covert
channelconstruction schemes. We glean the covert channel
re-searches and make a close reading of the study of techniquesthey
use. In order to make a comprehensive summary, wedivide the
construction technology as follows:
(i) Covert channel construction technology at thecommunication
content level
(ii) Covert channel construction technology at thetransmission
network level
Correspondingly, covert channels can also be dividedinto
communication content level and transmission networklevel. In
Section 3.1, we will introduce the two types oftechnologies and the
typical covert channels under eachconstruction technology in
detail.
3.1. Construction Technology at the Communication ContentLevel.
As we stated above, the construction technology atthe communication
content level is based on informationsteganography, which includes
CTC construction technol-ogy and CSC construction technology.
'e covert channels using this construction technologytransmit
secret messages through information steganog-raphy. It can be
divided into CTC construction technologyand CSC construction
technology.
3.1.1. CTCs. A large body of literatures deals with the
study[17, 39–41]. Wendzel et al. [39] use pattern language
markuplanguage (PLML) to classify covert channels into 11
differentpatterns. We refer to the classification method proposed
byWendzel et al. [39] and divide CTCs construction tech-nology into
four categories: interarrival time (C1), ratemodulation (C2), PDU
order modulation (C3), and PDUretransmission (C4).
(1) Interarrival Time (C1). 'e CTC construction technologybased
on interarrival time (C1) is the most common. Ittransmits messages
by altering timing intervals betweennetwork PDUs. Most studies on
CTCs are based on this.
Cabuk et al. proposed On-Off CTC [42], which is a
timewindow-based method.'e sender and receiver share a time
Covert channel
Covert message
Alice
Streams that carry covert channels
Bob
WendyTraffic analysis
Figure 1: 'e prisoner model for network covert channel. Alice
and Bob are the two communication parties. 'ey encode the
covertmessage into the covert channel, and Wendy is the observer,
monitoring and analyzing the communication traffic between
them.
4 Security and Communication Networks
-
window Tw. When transmitting information, the totaltransmission
time is divided into equal and disjoint timeintervals Ti according
to the Tw. In a Ti, if the sendertransmitted a packet, it
represents the bit “1;” if the senderremained silent during Ti, it
represents the bit “0.”
Shah et al. [43] proposed the Keyboard Jitterbug. InJitterbug
CTC, the sender and receiver share a value w. 'esender sends a
packet with extra delay to the server when theuser types the
keyboard. If the delay is an integer multiple ofw, it represents
the bit “1;” if the delay is an integer multipleof (w/2), it
represents the bit “0.” In addition, the JitterbugCTCs do not
require the sender and receiver to keep time insync, just that
their respective clocks are accurate.
With the development of steganography technology, themore
concealed statistical-based CTCs have appeared.Brodley and Spafford
[44] proposed the TRCTC (time-replayCTC). It sorts the overt
network packet intervals and recordsthem in the set S0 and S1,
respectively. When transmitting bit“1,” the sender randomly selects
a packet interval from set S1and replays it; when transmitting bit
“0,” the sender randomlyselects a packet interval from set S0 and
replays it.
However, the packet interval sent from set S0 may betransferred
to set S1 due to the network jitter, causing a highbit error.
'erefore, TRCTC must ignore the value of delayon part of the
boundary to ensure that the receiver cancorrectly receive the
secret messages.
L-N CTC (L-bits to n-packets scheme) proposed in [45]introduces
a new data embedding method, which not onlyimproves the channel
capacity but also reduces the bit errorrate. It can embed an L-bits
secret message into the delays ofN-consecutive packets. To
represent different combinationsof L-bits, the packet interval of
L-N CTC will be evaluatedaround the normal network delay d or
exponential times of d.
(2) Rate Modulation (C2). 'e covert channel sender altersthe
data rate of a traffic flow from itself or a third party to
thecovert channel receiver. For example, Li et al. [46] analyzed
acovert channel in the real switch. 'e sender exhausts
theperformance of a switch to affect the throughput of aconnection
from a third party to a receiver over time.
(3) Package Arrival Time Modulation (C3). 'is type ofcovert
channel encodes hidden information by modifyingthe arrival time of
multiple packets. For example, Tahir et al.[47] presented
Sneak-Peek, a high speed covert channels indata center networks. In
Sneak-Peek, the packets sent by thesender change some special
packet sequences in the sharedresource queue, and the receiver
decodes secret messagesfrom queuing delays of the special
packets.
(4) PDU Retransmission (C4). In order to encode secretmessages,
the covert channel retransmits previously sent orreceived PDUs such
as DNS requests, selected IEEE 802.11packets, and selected TCP
segments. Mazurczyk et al. [48]presented RSTEG (retransmission
steganography). 'emain innovation of RSTEG is to not acknowledge a
suc-cessfully received packet in order to force the sender
toretransmit. 'e retransmitted packet will carry the
secretmessages.
3.1.2. CSCs. Abundant network protocols and characteris-tics
make CSCs have multiple construction methods. Wedivide them into 5
categories: size modulation (C5), ordermodulation (C6), random
value modification (C7), redun-dant field (C8), and multimedia data
modification (C9).
(1) Size Modulation (C5). 'is type of covert channel en-codes
the covert information by changing the size of somespecial data
such as the length of overall data packets and thelength of a
header element. 'e study in [49] discussed thetechnique of
implementing CSCs by altering the size of TCPdatabursts. 'e TCP
databurst is the number of TCP seg-ments sent by a host before
waiting for a TCP ACK packet.
(2) Order Modulation (C6). 'is type of covert channelencodes
covert information by changing the order of PDUelements or header
fields in the packet. 'e IPv6 extensionheader fields, header fields
in the HTTP protocol, and op-tions in the DHCP protocol are
frequently used to encodecovert messages [39].
(3) Random Value Modification (C7). If header elements inthe
network protocol contain random values, then thesefields can be
used to represent hidden information. 'estudy in [17] proposed that
the case and the least significantbit (LSB) of the values in some
header fields can be used toencode secret messages.
(4) Redundant Field (C8). 'is kind of covert channelencoded
hidden data into a reserved or unused header/PDUelement. Rowland
[50] proposed embedding covert channelsin different unused areas in
the IPv4 header and in the TCPheader.
(5) Multimedia Data Modification (C9). 'is channel
usesmultimedia data (such as text, image, and video) as thecarrier
for secret transmission. For example, the informationhiding is
realized in [51] through embedding secret infor-mation in the
characteristic data area of digital video by asteganography scheme
based on chaotic mapping.
Wendzel et al. [39] categorize network covert channels
atcommunication content level regarding three aspects (se-mantic,
syntax, and noise). 'e semantic means whether thepattern modifies
header elements in a way that leads to adifferent interpretation of
the changed PDU. 'e syntaxmeans whether the PDU structure is
modified, and the noisemeans whether the channel is affected by
noise. All CTCs donot change the structure of a PDU. But, they are
greatlyinfluenced by network delay or jitters, so they are all
noisyand the robustness is not very well [38]. For CSCs, the
fieldsused are not modified when transferring and hence there isfew
channel noise. But on the other hand, these channels areeasy to be
detected by the outside observer.
Besides the three aspects, CTCs have another
characteristic,which iswhether it is based on statistics [7]. For
example, inmanyCTCs based onC1, in order tomake the extra delay
similar to thetime series characteristics of the overt traffic, the
delay will becarefully selected to ensure that it can not only fit
the delaydistribution of the overt traffic but also transmit secret
messages.
Security and Communication Networks 5
-
So, we summarize the surveyed papers of CTCs andCSCs in Table 2
from the following aspects: category, se-mantic, syntax, noise, and
statistics. In addition, we also givethe description of each covert
channel.
3.2. Construction Technology at the TransmissionNetwork
Level
3.2.1. Proxy Technology. Normally, users go directly to
In-ternet sites to get network information, but nowadays,
usersoften get information through the proxies. As a channelservice
in the Internet environment, the proxy service hasmultiple
functions such as improving access performance,resource access
control, and security protection and pro-tecting user identity
information. In addition, proxy serviceshave the features of
hidden, dynamic, and diverse. Moreimportantly, proxies can help
users break through contentfiltering restrictions and access the
websites blocked bycensors.
'e proxy can be divided into two categories according tothe
traffic transmission path: E2E proxy (end-to-end proxy)and E2M
proxy (end-to-middle proxy). Figure 2 shows thedesigns of E2E proxy
(usingHTTP proxy as one example) andE2M proxy (using Telex scheme
as one example).
(1) End-to-End Proxy. 'e E2E proxy connects clients andservers
directly. To get content from the server, the clientsends a request
to the proxy, and the proxy gets thecontent from the server and
returns it to the client. 'emost common E2E proxy is the HTTP proxy
[21], whichacts like a web server and correctly accepts request
andreturns response. In order to extend the scope of theapplication
protocol, the socks proxy is proposed. Itsimply passes data packets
and does not care what ap-plication protocol they are. With the
development oftunneling and cryptography, VPN proxy has emerged.
Ituses the technology of tunneling, encryption, decryption,and
identity authentication, which means it is more se-cure. Existing
mature VPN proxies include PPTP (Point-to-Point Tunneling Protocol)
and L2TP (Layer-TwoTunneling Protocol), which are located in the
second layerof the TCP/IP protocol, VTP (VLAN Trunking
Protocol),and IPSec (IP Security), which are located in the
thirdlayer of the TCP/IP protocol.
However, E2E proxies are exposed to adversaries, andtheir
activities are easily spotted. 'e global and activeadversaries are
able to block many of E2E proxies by dis-covering and banning the
IP addresses of the servers onwhich they rely [20, 22]. To overcome
this problem, re-searchers propose the E2M proxy.
(2) End-to-Middle Proxy. 'e traditional E2E proxy relaysdata to
a specified server. Different from that, the E2M proxyis located in
the path to a server and it can redirect theconnection to an
alternative destination. 'e E2M proxyneeds a router at the friendly
ISP to host it so that it cancontrol the connection to an unblocked
decoy server. 'en,E2M proxy determines whether to block the
connection and
redirect it to a censored server by recognizing a
stegano-graphic tag. From the perspective of the censor, the
E2Mproxy user appears to be in contact only with the decoy
server.'e censor cannot block E2M proxy without blocking
allconnections that pass through participating ISPs, which is
alarge, primarily legitimate category of Internet traffic. So,
E2Mproxy will provide increased resistance to IP blocking.
'ere are four existing publications on end-to-middleproxy: Telex
[22], Decoy Routing [63], Cirripede [64], andTapdance [20]. 'e
designs for the four systems are largelysimilar, although there are
differences in some aspects, suchas the embedded steganographic
tag, blocking strategy, anddeployment requirement. 'e comparison of
the four E2Mproxies is shown in Table 3.
3.2.2. Anonymity Communication Technology. 'e anony-mous
communication system is designed to access contentblocked by
censored anonymously. It uses technologies such asanonymous domain
generation, traffic obfuscation, andbroadcast/multicast to covertly
forwardmessages. It can preventattackers from acquiring
communication relationships or theidentity of the senders and
receivers. 'at is, in the anonymouscommunication system, not only
the channel is covert but alsothe identity of both parties in the
communication.
'e concept of mix-net proposed by Chaum [65] in 1981is
considered the origin of anonymity communicationsystem. 'e core
idea of mix-net is to encrypt and obfuscatemessages based on mix
nodes. Inspired by the mix-net,many anonymous communication systems
are proposed,such as Crowds [66], P5 (Peer-to-Peer Personal
PrivacyProtocol) [67], Tor (the Second-Generation Onion
Routing)[23], and I2P (Invisible Internet Project) [24]. Tor is
cur-rently the most active and most popular anonymouscommunication
system. It has about 8 million daily users[68]. 'e core idea of Tor
is onion routing [69]: firstly, selectthree suitable relay nodes
and establish links with these relaynodes hop by hop; secondly, the
client encrypts the secretmessages 3 times; then, each relay node
decrypts them inorder. No node can know whether its previous node
in thechain is the sender or the relay node. Likewise, no node
canknow whether its next node in the chain is the receiver or
therelay node, so Tor can protect user privacy well.
According to different transmission delays,
anonymouscommunication systems can be divided into
high-latencysystems and low-latency systems. High-latency systems
arebased on mix-net. High-latency systems are used for
ap-plications that can tolerate delays, such as anonymous
e-mailservices. However, most applications require timeliness,such
as web browsing and live chat. 'erefore, low-latencysystems have a
wider range of applications and attract moreattention. Most of the
research related to anonymouscommunication is also about
low-latency systems. Accordingto the network structure, the
low-latency system can be di-vided into P2P anonymous network and
non-P2P anony-mous network. According to whether the routing path
isdetermined, P2P anonymous network can be further dividedinto
structured and unstructured network models. In astructured
anonymous network, it is determined which nodes
6 Security and Communication Networks
-
Table 2: 'e summary of typical CSCs and CTCs.
Covert channel Category SamanicpreservingSyntax
preserving Noiseless Statistics Description
Cabuk et al. [52] C1 √ √ × × 'e on-off CTC.Shah et al. [43] C1 √
√ × × 'e jitterbug CTC.Brodley andSpafford [44] C1 √ √ × √ 'e
time-replay CTC.
Sellke et al. [45] C1 √ √ × √ 'e L-N CTC.
Liu et al. [53] C1 √ √ × √ A improved method for selecting
interval time in[44].
Li et al. [46] C2 √ √ × × Consuming switch performance to
affectthroughput.
Tahir et al. [47] C3 √ √ × × A high speed covert channels in
data centernetworksZhang et al. [54] C3 √ √ × × Modify numbers of
video packets.Ahsan and Kundur[55] C3 × √ × × Modify the order of
IPSec packets.
Zhang et al. [56] C3 √ √ × × Postpone or extend the silence
periods over VoLTE.Krtzer et al. [57] C4 √ √ × × Duplicate selected
IEEE 802.11 packets.Mazurczyk et al.[48] C4 √ √ × × Retransmit a
packet which carries secrets.
Schulz et al. [58] C5 √ × √ — Modulate the size of IPSec
packets.Luo et al. [49] C5 √ × √ — Modulate the size of TCP
databursts.Rios et al. [59] C6 × × √ — Adjust the options in the
DHCP protocol.
Zhang et al. [60] C6 × × √ — An enlarging-the-capacity packet
sorting covertchannel.Wang et al. [17] C7 × × √ — Utilize LSB in
some header fields.Trabelsi et al. [61] C7 √ × √ — Utilize ICMP
payload.Rowland [50] C8 × × √ — Utilize unused areas in the IPv4
and TCP header.
Lucena et al. [31] C8 × × √ — Utilize unused areas in the IPv6
header and itsextensions.
Liu et al. [51] C9 √ × √ — A video steganography scheme based on
chaoticmapping.
Kadhim et al. [62] C9 √ × √ — A image steganography scheme based
on themapping function of genetic algorithm.
ISP route
HTTP proxy
Telex proxy
Notblocked website
Response
Request Request
Response
Invisible tag
HTTP connection Proxied request
Untagged connection
Request
Blocked website
Censored network Uncensored network
Alice
Bob Blocked website
If the connections were nottagged, Telex proxy wouldproceed to
the notblockedwebsite as normal.
(3) Telex proxy determines whether there is a tagIf the
connection has the tag, Telex proxydeciphers the tag and diverts
the connection toblocked website.
(1)(2)
Figure 2: E2E and E2M concept (example users). Alice is
connecting to the HTTP proxy, and Bob is connecting to Telex
proxy.
Security and Communication Networks 7
-
data stream will pass through, while in an unstructuredanonymous
network, the path of the data stream is unknown.
Besides the mix-net, anonymous communication sys-tems also use
many techniques to increase the system’scovertness. 'e common
techniques include anonymousdomain generation, broadcast/multicast,
probabilistic trafficrouting mechanism, and traffic obfuscation.
Some newertechnologies are also used, such as zero knowledge proofs
in[8] and verifiable shuffle technique in [70]. But because theyare
specific to a certain system, we will not go into details.
'e anonymous domain generation is a mechanismsimilar to DGA
(domain generation algorithm) used bymalicious software. It uses a
random private key, calculatesthe corresponding public key, and
uses the public key as partof the domain. So, it can guarantee the
anonymous com-munication system’s anonymity and security.
'e core idea of broadcast/multicast technology is eachnode
broadcasts a message to other nodes in the system ineach cycle of
the system operation. DC-Nets (DiningCryptographers) [71] is a
typical example of using thistechnology. It is an anonymous
communication systembased purely on broadcast/multicast. An
improved exampleis P5 [67], which divides the nodes into multiple
broadcastgroups to improve the scalability of the system.
'e probabilistic traffic routing mechanism is often usedto build
unstructured anonymous networks. 'is mecha-nism is implemented
through DHT-based (distributed hashtable) routing protocols and
random walk protocols. Insystems that use probabilistic traffic
routing mechanism,nodes can decide whether to forward traffic to
the next nodebased on a certain probability. Because it is
difficult for eachnode on the path to determine whether its
predecessor is theoriginal sender of the message or just an
intermediate for-warding node, it effectively guarantees the
anonymity of theoriginal sender. Crowds [66] is a typical example
of using thismechanism.Other examples are Torsk [72] and BitBlender
[73].
Traffic obfuscation can erase or randomize the
statisticalcharacteristics of covert traffic, so that the load of
coverttraffic looks like a uniform random bitstream or a
“benign”protocol [74]. Its goal is to make it difficult for
adversaries todistinguish between the obfuscated traffic and overt
traffic.Current traffic obfuscation techniques are as follows:
(i) Randomization: randomization refers to the use ofencryption,
random padding, and other methods torandomize the characteristics
of covert traffic. Forexample, the Tor project [75] has developed a
va-riety of randomization mechanisms, includingObfsproxy3 [76],
Obfsproxy4 [77], Dust [78], andScrambleSuit [79].
(ii) Protocol mimicry: the main idea of protocolmimicry is
imitating or masquerading as popularwhitelisted protocols which are
rarely suspected byadversaries. For example, SkypeMorch [80] is
atransport layer plugin that integrates traffic betweenTor clients
and Tor bridges into Skype traffic. An-other example is StegoTorus
[81]. 'e core idea is tosegment Tor traffic and simulate other
overt trafficsuch HTTP.
(iii) Join dummy traffic: to provide stronger anonymity,some
systems generate additionally dummy traffic.'is technology is used
in many existing system,such as P5 [67] and Loopix [11].
(iv) Tunneling: the tunneling technology is one extremeof the
mimicry logic, which simply encapsulated datainto an (usually
encrypted) overlay protocol. A fa-mous example is meek [82]
deployed with Tor. Meekcore idea is to use different domain names
in differentplaces, one in the SNI for DNS requests (set
tononcensored URL) and the other in the HTTP hostfield (set to
censoredURL).Meek uses cloud platformas relay node and redirects
Tor traffic to Meek server.
We summarize the main technologies used in eachanonymous
communication system and application sce-narios in Table 4.
4. Covert Channels in the NewNetwork Environment
4.1. Covert Channel Based on Streaming Media. With thepopularity
of video and audio services such as YouTube andSkype, the audio and
video are becoming the main businesstype in mobile networks. 'e
audio and video traffic ac-counts for the vast majority of the
entire Internet traffic.
Table 3: E2M proxy.
E2M Tag composition Tag location Blockingstrategy Deployment
requirement
Telex [22](i) An ECDH public key point.
(ii) A hash of the ECDH secret sharedwith ISP.
TLS clientnonce Only tagged flow
Inline-blocking and redirecting componentsprovided by ISP.
Cirripede [64](i) An ECDH public key point.
(ii) A hash of the ECDH secret sharedwith ISP.
TCP ISNs All connections Inline-blocking and redirecting
componentsprovided by ISP.
Decoy routing[63]
(i) An HMAC of the previouslyestablished shared secret key.
(ii) 'e current hour.(iii) A per-hour sequence number.
TLS clientnonce
Only the taggedflow
Inline-blocking and redirecting componentsprovided by ISP.
Tapdance [20] 'e client’s connection-specific ellipticcurve
public key point.TLS
ciphertext Not blocking(i) A passive tap that observes
traffic
transiting the ISP.(ii) 'e ability to inject new packets.
8 Security and Communication Networks
-
According to the Mobile Network Visualization NetworkIndex (VNI)
Forecast Report (2017–2022) released by Cisco(available under
https://www.cisco.com/c/en/us/solutions/collateral/serviceprovider/visual-networking-index-vni/white-paper-c11-738429.html),
IP video traffic will be 82percent of all IP traffic (both business
and consumer) by2022, up from 75 percent in 2017. And, the Internet
videotraffic will grow fourfold from 2017 to 2022, a CAGR(Compound
Annual Growth Rate) of 33 percent.
In this context, many covert channels based onstreaming media
have been proposed. 'ey use audio andvideo traffic allowed by the
observer as overlay traffic andbuild covert channels. 'e carrier is
a popular encrypted
streaming application such as Skype. 'is technique canhelp users
watch the censored video, and it can workwithout requiring changes
to the carrier application.'ere are three systems that have
implemented thistechnique: Facet [25], CovertCast [26], and
DeltaShaper[27].
Facet [25] is a covert communication system fortransmitting
censored video, and it relies on the assumptionthat the observer is
unwilling to indiscriminately block all ormost sessions of the
cover protocol (Skype). To the outsideobserver, the Facet client is
just having a Skype session. Facetconsists of clients, Facet
servers, and emulators. 'e pro-cedure of a Facet connection is as
follows:
Table 4: 'e anonymous communication systems.
System LowlatencyP2P
networkStructurednetwork Main techniques Application
scenarios
Mix [65] × — — (i) Mix-net (i) e-mail
DC-Nets [71] × — — (i) Broadcast/multicast (i) Anonymously
postmessages
Tor [23] √ √ √
(i) Onion routing(ii) Tunneling tool: meek
(iii) Protocol mimicry tool: StegoTorus andSkypeMorch
(iv) Randomization tool: Obfs, dust etc(v) Anonymous domain
generation
(i) Anonymously webbrowsing
(ii) Live chat
P5 [67] √ √ √(i) Mix-net
(ii) Join dummy traffic(iii) Broadcast/multicast
(i) Anonymous webtransactions
(ii) Anonymous re-mailers
Crowds [66] √ √ × (i) Mix-net(ii) Probabilistic traffic routing
mechanism(i) Anonymously web
browsing
Torsk [72] √ √ × (i) Mix-net(ii) DHT-based routing protocols
(i) Anonymously webbrowsing
(ii) Live chat
BitBlender [73] √ √ × (i) Mix-net(ii) DHT-based routing
protocols (i) Bitcoin mixer
Anonymizer[83] × — — (i) Mix-net
(i) Anonymously webbrowsing
(ii) Anonymous e-mailservices
Mixminion[84] × — —
(i) Mix-net(ii) Anonymous domain generation
(i) Anonymous e-mailservices
Babel [83] × — — (i) Mix-net (i) Anonymous e-mailservices
I2P [24] √ √ √ (i) Garlic routing (a variant of onion
routing)(ii) Anonymous domain generation
(i) Anonymously webbrowsing
(ii) File transfer(iii) Instant messaging
Atom [8] √ √ × (i) Mix-net(ii) Zero knowledge proofs
(i) Communicationbootstrapping
(ii) Microbloggingapplication
Riffle [70] √ √ √ (i) Onion routing(ii) Verifiable shuffle
technique
(i) File sharing(ii) Microblogging
applications
Loopix [11] √ √ √(i) Mix-net
(ii) Join dummy traffic (loop traffic created byusers and mix
servers)
(i) Private e-mail(ii) Instant messaging
Security and Communication Networks 9
https://www.cisco.com/c/en/us/solutions/collateral/serviceprovider/visual-networking-index-vni/white-paper-c11-738429.htmlhttps://www.cisco.com/c/en/us/solutions/collateral/serviceprovider/visual-networking-index-vni/white-paper-c11-738429.htmlhttps://www.cisco.com/c/en/us/solutions/collateral/serviceprovider/visual-networking-index-vni/white-paper-c11-738429.html
-
(1) 'e Facet client and Facet server establish
initialconnections
(2) A Facet client sends a uniform resource locator(URL) of the
censored video to the Facet server
(3) Facet server downloads video from blocked videosites such as
YouTube, Vine, or Vimeo
(4) 'e emulator simulates the video content as a Skypesession
and resends it to the client at a lower resolution
(5) 'e Facet client ends the connection and the Facetserver
destructs the emulators and ends the session
Different from Facet, CovertCast [26] supports thatmultiple
clients receive data transmitted in a specific livestream in the
real time. And, CovertCast is scalable, with theserver workload
independent of the number of clients re-ceiving content. To the
observer, CovertCast traffic is similarto the traffic that users
watch someone broadcasting on agiven live-streaming platform such
as YouTube. CovertCastconsists of users, CovertCast clients, and
CovertCast servers.'e communication process of CovertCast is as
follows:
(1) CovertCast server crawls a censored website andmodulates its
content into images.
(2) CovertCast server broadcasts images by live-streaming video
services and begins to download thenext website.
(3) CovertCast client constantly monitors the stream fornew
images. When it detects one, it demodulates theimage and saves the
extracted content.
(4) 'e user’s web browser sends a request through theuser’s
proxy.
(5) CovertCast client creates a response with the cor-responding
website.
In Facet or CovertCast, the format of covert messages
isrestricted to video (in Facet) or Web content (in CovertCast).In
DeltaShaper [27], the covert TCP/IP packets are encodedand embedded
into the video stream transmitted by the videochannel of a popular
videoconferencing application such asSkype between the
communication endpoints, which meansthat DeltaShaper allows for
tunneling arbitrary TCP/IP traffic.To the observer, the client and
server are just engaged in aSkype session. DeltaShaper consists of
client endpoint andserver endpoint. 'e same procedure is applied at
bothendpoints of a Skype call, thus DeltaShaper supports
bidi-rectional communication. 'e procedure is as follows:
(1) 'e sender modulates covert data into images andencodes them
in a video stream which is fed to Skype
(2) Skype transmits this video to the receiver’s
Skypeinstance
(3) 'e receiver captures the stream from the Skypevideo
buffer
(4) 'e receiver’s decoder extracts the payload from
thestream
We give an overview about the three covert channelsbased on
streaming media with respect to the covert message
transmitted platform, whether it is bidirectional andwhether it
supports multiple clients in Table 5.
4.2. Building Covert Channels Using Blockchain Technology.With
the development of covert communication counter-measure technology,
the traditional network covert channelsbased on TCP/IP architecture
have the risk that the channelis regulated, the traffic is easy to
be tracked, and the identityinformation of the communicators is
easy to be recognized[85], which makes it difficult to meet the
security require-ments of data covert transmission. Blockchain is
one of therepresentatives of the new generation of
informationtechnology. It has a large number of active users, a
largenumber of transaction data packets, and many ways toembed the
secret data. For example, there are many fields inthe blockchain
ledger structure that can store data. 'eblockchain network adopts
transaction transmissionmechanism based on flood forwarding, which
ensures thatinformation can be effectively, quickly, and reliably
trans-mitted to all nodes in the network. A decentralized
floodingmechanism can also protect the recipient of a
coverttransmission of data by avoiding stealing
communicationprivacy by monitoring a single server or a single
commu-nication link.
Li et al. [28] proposed a model of covert timing channelin the
blockchain network and uses a formal method tomodel and proves the
anti-interference and tamper-resis-tance. Secondly, they
constructed a scenario of the covertchannel in the blockchain
network based on the time in-terval of business operations. 'ey
also present covertchannel evaluation vectors for blockchain
networks con-taining detection resistance, robustness, and
transmissionefficiency.
Brenner et al. [10] proposed a model of covert storagechannel in
the blockchain. 'ey explored the possibility ofapplying blockchain
technology to the transmission of C&C(command and control)
instructions in a field of blockchainprotocol and described the
prototypes of Zombiecoin [10],which are based on Bitcoin.
Besides the researches on the model of blockchain-basedcovert
channel, there are three systems that have been ac-tually deployed:
Zombiecoin [86], Botchain [29], andChaninchannels [30]. 'e designs
of these three systems arevery similar. In the three systems,
communication partici-pants are expected to covertly transmit
messages throughblockchain. Firstly, they apply to be the client
nodes of theblockchain network and negotiate labels in advance so
thatthe receiver can identify the transactions containing
covertmessages from thousands of transactions. To ensure
security,both sides also need to negotiate the encoding,
encryptionalgorithm, and the way of message embedding. 'en,
thesender encodes, encrypts, and embeds the messages intocertain
transactions according to the negotiated algorithmand sends them to
the server nodes of blockchain. After theflooding
propagationmechanism of blockchain network, thereceiver identifies
the special transactions through negoti-ated labels and extracts
the covert messages.
Ali et al. [86] proposed Zombiecoin 2.0, which validatedthe
claims in [10] and deployed successfully over the
10 Security and Communication Networks
-
blockchain network. In this system, the covert messages
aredirectly inserted in the output script function OP_RE-TURN
(available under https://en.bitcoin.it/wiki/OP_RETURN), which is a
field of particular blockchainimplementation and originally used to
carry additionaltransaction information. 'e sender and the receiver
ne-gotiate a pair of prenegotiated public-private keys as thelabel
to identify the transactions that contain covertmessages. 'e
receiver identifies these transactions byscanning the ScriptSig
(the unlocking script in Bitcoin toverify whether a transaction is
passed) which contains thesender’s public key and the digital
signature (computedover the transaction) using the private key. 'e
receiververifies the signature and decodes the messages.
Chainchannels [30] realized a new way of embeddingcovert
messages in blockchain with key leakage and didsome cryptographic
proofs. It uses a subliminal channel indigital signatures to insert
secret messages totally. Manyblockchain-based virtual currencies
use the ECDSA (el-liptic curve digital signature algorithm,) and
the sub-liminal channel can substitute the nonce used in ECDSAwith
the secret messages. 'e cryptographic characteris-tics of ECDSA
ensure that no errors will occur during theprocess of extracting
the secret message, thus increasingthe system. In terms of the
label to identify the specialtransactions, Chainchannel uses a pair
of prenegotiatedpublic-private keys as the label, which is the same
asZombiecoin 2.0.
Botchain [29], proposed by Cybaze, is a fully func-tional botnet
which is based on Bitcoin protocol. 'issystem also utilizes
OP_RETURN to embedding secretmessages, which is similar to
Zombiecoin 2.0 [10]. Interms of the label to identify the special
transactions,Botchain [29] uses prenegotiated virtual currency
walletaddresses as the label, which is different from the
Zombiecoin2.0 and Chainchannels.
We compare the three systems in term of five aspects:secret
message embedding method, used field to embedsecret messages, label
embedding method, used field toembed labels, and suitable platform
in Table 6.
4.3. IPv6CovertChannels. IPv6 (Internet Protocol version 6,also
called the NextGeneration Internet Protocol or IPng) isa
next-generation IP protocol designed by the InternetEngineering
Task Force (IETF) to replace IPv4. 'e IPv6header field is reduced
by four (header length, identification,flags, fragment offset, and
header checksum), and the op-tions are replaced with extended
headers.
However, the grammar rules of the IPv6 are not perfect,which
makes the construction of IPv6 covert channels veryeasy. In [31],
several possible covert channels have been
analyzed in the IPv6 header and its extensions. In [87],
Yangthink that IPv6 packets are a good carrier for
informationhiding and propose potential covert channels. Ullrich et
al.[88] also discuss the use of IPv6 covert channels.
We conclude that there are four types of IPv6 covertchannels.'e
first type is based on reserved fields of the IPv6extended headers.
'e fields that can be used are as follows:
(i) 'e router alert options in the hop-by-hop optionheader (2
bytes/packet)
(ii) 'e reserved field in the routing extension headerwhen
routing type is 0 (4 bytes/packet)
(iii) 'e reserved field in the fragment extension header(10 bits
totally/packet)
(iv) 'e reserved field in the authentication extensionheader (2
bytes/packet)
(v) 'e binding update option in the destination op-tions header
(4 bits/packet)
'e second type is based on the order. Covert channels ofthis
type hide information by ordering several special pa-rameters. 'is
method does not insert extra characters, sothe risk of channel
exposure is relatively low.
(i) Encoding covert messages based on the differencebetween the
order of extension headers and thesuggested order of RFC2460
(available under https://tools.ietf.org/html/rfc2460) (8
bits/packet)
(ii) Encoding covert messages based on the differencebetween the
order of N addresses in 0 routing typeheader and preshared order (N
bits/packet)
'e third type is based on some random values. 'ereason for this
type of channel is that some fields are in-completely defined or
the design of the inspectionmechanismis not strict. For example,
when the reassembly process isperformed, the destination host only
inspects the next headervalue of the first fragment and ignores the
next header valuesof fragments that differ. 'is causes that the
sender can set afalse next header value to transmit secret
messages:
(i) Set one or more false router addresses in the
routingextension header when routing type is 0 (up to
2048bytes/packet)
(ii) Set false values in the field of traffic class, flow
label,hop limit, and source address in the IPv6 header (8bits, 20
bits, 1 bit, and 16 bytes/packet, respectively)
(iii) Set a false padding value in the extension
headersincluding hop-by-hop option extension header,destination
option extension header, and ESP ex-tension header (up to 256
bytes/packet)
(iv) Set a false next header in the IPv6 header (varies)and
fragment extension header (at least 8 bits/fragment)
'e channels proposed above are all covert storagechannels.'e
three types of channels can be classified in turninto C8, C6, and
C7 introduced in Section 3. 'e fourth typeis based on tunneled
traffic. Tunneling technology is not onlyused in anonymous
communication systems but also used to
Table 5: Streaming media-based covert communication systems.
Facet [25] CovertCast [26] DeltaShaper [27]Covert message Video
Web content TCP/IP trafficPlatform Skype YouTube SkypeBidirectional
× × √Multiple clients × √ ×
Security and Communication Networks 11
https://en.bitcoin.it/wiki/OP_RETURNhttps://en.bitcoin.it/wiki/OP_RETURNhttps://tools.ietf.org/html/rfc2460https://tools.ietf.org/html/rfc2460
-
enable IPv6 packets to penetrate the IPv4 network, whichresults
in the existence of IPv6 covert channels in tunneledtraffic. 'e
sender can embed secret messages into a IPv6tunnel packet. 'e
tunnel technology used in IPv6 networkincluding ISATAP [89], 6to4
[90], and 6over4 [91].
4.4. Summary. 'e characteristics of the new network bringnatural
convenience to the construction of network covertchannels. For the
covert channel based on streaming media,the real-time and
interactive features improve the trans-mission efficiency of secret
messages. In addition, thewidespread popularity of streaming media
applications hasalso made channels more difficult to expose. For
the covertchannel based on blockchain, the participant-anonymity
canprotect user identity, and flooding propagation makes
itimpossible for observers to determine the true recipient ofthe
secret messages and to know who is receiving themessages. In
addition, the tampering resistance stronglyguarantees the
robustness. For the IPv6 covert channel, theextended headers and
grammar rules open up multiplepossible construction methods.
On the other hand, due to the complexity of the newnetwork
environment, there are few effective attacks againstthe three new
type covert channels (the attacks includeelimination, limitation,
and detection, which are introducedin Section 6). 'erefore,
compared with the traditionalnetwork covert channels, they are more
secure.
5. Network Covert Channel Metrics
'e evaluation metrics of the network covert channel in-clude 3
aspects: concealment, robustness, and transmissionefficiency.
Concealment refers to the ability to be undetectedby adversaries.
In this regard, we propose for the first time todivide the metrics
of concealment into message concealmentand identity concealment.
Robustness refers to the ability ofthe network covert channel to
accurately transmit data. And,transmission efficiency refers to the
maximum rate at whichthe channel can transmit data without
error.
5.1. Concealment. A successful network covert channel re-quires
high concealment. It includes not only the conceal-ment of the
communication content but also theconcealment of the identity of
the communicating parties.'e adversaries can expose the covert
channel through thesetwo aspects. So, we list the concealment
metrics as follows.
5.1.1. Concealment of Communicating Parties. 'e con-cealment of
communicating parties consists of anonymityand unobservability.
Anonymity means that users cancommunicate without disclosing their
identity. Unobserv-ability refers to the indistinguishable state of
traffic withcovert messages in the overt traffic set.
(1) Anonymity. 'ere are many methods proposed tomeasure the
anonymity [92–94], which can be categorizedinto three classes:
measurement based on continuous in-terval, measurement based on the
size of anonymous set, andmeasurement based on entropy.
(1) Measurement based on continuous interval: Reiterand Rubin
[92] described the degree of anonymity,which is widely adopted. 'e
degree of anonymity isdefined as a continuous interval which ranges
fromabsolute privacy to provably exposed. 'e six keypoints are as
follows:
(i) Absolute privacy: the adversary cannot evenperceive the
presence of communication
(ii) Beyond suspicion: though the attacker can seeevidence of a
sent message, the sender appearsno more likely to be the originator
of thatmessage than any other potential sender in thesystem
(iii) Probable innocence: the observer thinks thateach sender
appears no more likely to be theoriginator than to not be the
originator
(iv) Possible innocence: the originator of the mes-sage is
likely to be someone else
(v) Exposed: the originator of the message is un-likely to be
someone else
(vi) Provably exposed: the adversary can prove theidentity of
sender or receiver to others
(2) Measurement based on the size of anonymity set:Berthold et
al. [93] proposed the degree of ano-nymity can be defined by the
size of the group. Forexample, the anonymity may be measured as
follows:
A � log2(N), (1)
where N is the number of possible senders.(3) Measurement based
on entropy: Diaz et al. [94]
issued that because an observer may have somebackground
knowledge, objects in an anonymous setmay have different
probabilities. So, they proposed
Table 6: Blockchain-based covert communication systems.
Zombiecoin [10] Botchain [29] Chainchannels [30]Message
embedding method Directly embedded Directly embedded Subliminal
channel'e field to embed messages OP_RETURN OP_RETURN Digital
signatureLabel embedding method Directly embedded Directly embedded
Directly embedded'e field to embed labels Public key Wallet
addresses Public keyPlatform† Bitcoin only Bitcoin only All
blockchain networks†'e virtual currency the system is suitable
for.
12 Security and Communication Networks
-
the measurement based on entropy. 'e entropy ofsender set is
defined as equation (2), whereS � s1, s2, . . . , sN is the
anonymity set and pi is theprobability that the possible object si
is the realsender. 'e pi is concluded by the observer’sbackground
knowledge:
H(X) � − n
x�i
pilog2 pi( . (2)
So, A − H(X) represents the information obtained byan observer
who has known some backgroundknowledge. 'e degree of anonymity da
is defined as
da � 1 −A − H(X)
A. (3)
(2) Unobservability. Anonymity can measure the security ofthe
identity information of the communication subject,while
unobservability is a measure of the user’s behavioralsecurity.
Adversaries with traffic analysis capabilities can useprotocol
fingerprint characteristics to determine the userbehavior, such as
whether the senders or receivers aresending or receiving
messages.
Tan et al. [18] proposed to use the relative entropy Dbetween
the communication behavior of the covert com-munication system and
the overt network behavior tomeasure the unobservability. 'e degree
of unobservabilitydu is defined as equation (4). 'e Dm is the max.
relativeentropy:
du � 1 −Dm − D
Dm. (4)
When the probability distribution of the network be-havior seen
by the attacker is completely consistent with thatof the normal
network behavior, the relative entropy be-tween them can be
minimized, that is, the unobservabledegree du is minimized.
5.1.2. Concealment of Communication Content. Since con-structing
a covert channel based on time informationmodulation will cause
some time characteristics of thechannel to change, most of the
research on the metrics ofmessage concealment is aimed at the CTCs.
Due to thetechnical specificity of other types of covert channel,
there isno universal method to measure the concealment of
thesechannels [7]. So, we list the following methods used tomeasure
the message concealment of CTCs.
(1) Kolmogorov-Smirnov Test. KS test (Kolmogorov-Smirnovtest)
points an upper bound between the cumulativeprobability of
experience and the cumulative probability ofthe target distribution
at each data point [95]. Archibald andGhosal [96] leverage it as a
method to assess the concealmentof covert channel. How to calculate
the test score is shown as
Dn � maxx
|F(x) − G(x)|{ }, (5)
where F(x) and G(x) are empirical cumulative
probabilitydistributions of the IPDs of the overt traffic and
coverttraffic, respectively.
(2) Kullback-Leibler Divergence Test. 'e KL divergence is
ameasure of relative entropy between two target distributions[97],
which means the KL divergence is used to show thedistance between
two random variables. It is leveraged as ametric for detecting
CovertCast [98] and CTCs in [96, 99].'e KL divergence from P to G
is denoted as
DKL(P ‖ G) � x
p(x) · logp(x)
g(x) . (6)
'e p(x) and g(x) are two probability distributions ofthe covert
traffic sample and the overt traffic sample,respectively.
(3) Standard Deviation Test. Wu et al. [100] use the dis-persion
of standard deviation to assess concealment. It canmeasure the
variation of a stream throughout the trans-mission process. 'is
method starts by separating traffic intononoverlapping windows of
size w. 'en, the standarddeviation is computed for each window,
which is shown inequation (7). Finally, as presented in equation
(8), it cal-culates the standard deviation of the pairwise
difference asthe metric of concealment Ct:
σ � STDEV(X) �
������������
ni�1 xi − x(
2
n
, (7)
Ct � STDEVσi − σj
σi⎛⎝ ⎞⎠, i< j, ∀i, j. (8)
(4) Entropy-Based Test. Because covert channels willcause the
change of ER (entropy rate), it is used to detectcovert channels in
[28, 85, 101, 102]. 'e ER describes theuncertainty of a random
variable sequence, and the sequencelength m approaches infinity. It
is defined as
H(X) � limm⟶∞
H X1, X2, . . . , Xm(
m. (9)
Porta et al. [103] proposed to use the entropy rate offinite
samples as the estimated value of ER by calculatingCCE (corrected
conditional entropy), which is shown inequations (10) and (11). 'e
estimated value of ER is theminimum value of CCE when m
changes:
CCE Xm Xm−1 � H Xm
Xm−1 + p Xm( H X1( ,
(10)
ER � mini�1,m
CCE Xi Xi−1 . (11)
5.2. Robustness. Many studies use BER (bit error rate) tomeasure
the robustness of the network covert channel. 'e
Security and Communication Networks 13
-
lower the BER, the higher the robustness.'ere are currentlytwo
definitions of BER:
(i) 'e traffic containing covert messages may be af-fected by
network noise or adversary noise, resultingin errors in the
messages received by the receiver. So,the first definition [28] is
the error probability ob-tained by comparing the number of error
bits Serror tothe total number of bits transmitted Sall. 'e BER
isdefined as
BER �Serror
Sall. (12)
(ii) 'e other aspect to define BER is from the per-spective of
message recovery. Because the encodingmethod used by the covert
channel may lose some ofthe original information, there will be
errors in theprocess of decoding the final message after the
re-ceiver obtains the covert message. Houmansadr andBorisov [104]
define the BER as the error probabilityobtained by comparing the
original message to thefinal message after decoding.'e definition
is shownin equation (13), where e(x, y) � 1 for x≠y ande(x, y) � 0
for x � y:
BER �
ki�1 e m(i), m′(i)(
k, (13)
where k is the decoded message length; m(i) is the i-th bit of
the original message; m′(i) the i-th bit of themessage obtained
after transmission.
5.3. Transmission Efficiency. 'e transmission efficiency ofthe
network covert channel is evaluated using the amount ofinformation
contained in a unit symbol or the amount ofinformation transmitted
in a unit time. 'ere are threedefinitions about the transmission
rate, which are enu-merated as follows:
(i) Wu et al. [100] define the transmission efficiency asthe
maximum possible error-free informationtransmission rate. Equation
(14) shows the definition.'e N(t) represents the amount of
informationtransmitted by N-ary coding in time t:
C �N(t)
t. (14)
(ii) Houmansadr and Borisov [104] proposed to takeeach covert
data packet as a unit. 'ey define thetransmission efficiency as the
number of bits ofcovert messages transmitted by each data
packet.'edefinition is shown as follows:
r � limN⟶∞
K
N, (15)
where K is the number of bits of covert messagessent using N + 1
packets.
(iii) Li et al. [28] discussed the transmission efficiency
inblockchain network environment. It is defined asthe amount of
information transmitted per unittime. 'e following equation shows
the transmis-sion efficiency C:
C � va S
i�1pi1bpi, (16)
where v is the information carrier transmission rate;a is the
number of modulation symbols that eachcovert information carrier
can carry; and pi is theprobability of occurrence of the i-th
encodedcharacter in the encoding table.
(iv) Wang et al. [105] use channel capacity as a methodto
measure the transmission efficiency of CTCs. It isdefined as
capacity �bitipd
, (17)
where bit is the amount of information carried by eachpacket
interval, and ipd is the average network packetinterval.
6. Attacks against Network Covert Channels
Attacks against network covert channels can be divided intothree
categories according to [35]:
(i) Elimination: removing covert channels or makingthe covert
channel completely unusable
(ii) Limitation: reducing the transmission efficiency ofcovert
channels
(iii) Detection: discovering the existence of covertchannels or
the identity of both parties in thecommunication
Eliminating attacks is the most difficult to perform. Onthe one
hand, attackers need the ability to monitor andmodify traffic, such
as national censors. On the other hand,the specificity of certain
channel structures makes it im-possible to eliminate them
fundamentally. For the limitationattack, while it works, it may
also interfere with normalnetwork communication. So, most
researches on attackshave focused on detection. In the remainder of
this section,we will give attacks against different network
covertchannels.
6.1. Attacks against Content Level Channels
6.1.1. CSCs. For CSCs, there is no effective way to carry
outlimitation attacks. But the traffic normalization (TN)method can
effectively eliminate CSCs. TN can standardizefields in various
protocols, so these fields cannot be arbi-trarily filled with
additional information. 'is makes mostCSCs unavailable. In
addition, most of the current detectionattacks for CSCs are based
on analyzing traffic fingerprint.Traffic fingerprint is a feature
or a series of feature
14 Security and Communication Networks
-
combinations that can represent certain traffic, such aspacket
length and ISN sequence. Attackers train the ML orDL classifier
based on collected traffic fingerprints fornormal communication
behavior and use the classifier todetect CSCs.
6.1.2. CTCs. For CTCs, since time-dependent features
aredifficult to regularize, using TN to eliminate CTCs is
notrealistic. However, by adding delays to the covert channel,
itcan greatly affect the transmission efficiency of CTCs.
Inaddition, detection attacks against CTCs have been studiedin
recent years and can be divided into two categories. One isto use
statistical methods to detect the shape, regularity, andrandomness
of traffic. 'e other is to use ML or DL tech-nology like the
detection attacks against CSCs, except thatthe fingerprints used
are time-dependent.
6.2. Attacks against Network Level Channels. Due to
theparticularity of the network level covert channel construc-tion
methods, no research has shown that they can be ef-fectively
limited. In the following, we will introduce theattacks on the
network level channels from the aspects ofelimination and
detection.
6.2.1. Proxy. Circumventing Internet censorship is amechanism
commonly used by censors. It contains IPblocking, URL blocking, DNS
hijacking, keyword filtering,network protocol blacklist/whitelist,
etc. Among them, theIP blocking and URL blocking can make proxy
server un-usable and eliminate it. In addition, there are three
methodsfor detection attacks against proxy:
(i) 'e attacker first extracts the characteristics of thepacket
and generates regular expressions based onthis. And then, the
attacker inspects the content ofthe traffic based on regular
expressions.
(ii) 'e attacker injects the traffic watermark into trafficand
observes if the traffic from the target hostcontains the
watermark.
(iii) 'e attacker uses ML or DL technology to find thetraffic
produced by proxy. 'e key to this approachis to determine the
traffic fingerprint of the corre-sponding proxy service.
6.2.2. Anonymous Communication System. CircumventingInternet
censorship is also used to eliminate this channel.For example,
censors block the IPs of some known entrynodes and bridge nodes in
Tor [33, 80]. Likewise, the re-search [34] measured I2P censorship
at a global scale andfound that censors can hinder access to I2P
using severalblocking techniques, such as URL blocking and
DNShijacking.
Detection attacks on anonymous communication sys-tems include
two aspects. One is to detect covert commu-nication traffic to
discover network nodes. For example, Heet al. [106] propose Tor
traffic could be identified using TLSfingerprint (cipher suite and
digital certificate) or message
length distribution characteristics. Wang et al. [85]
performdetection attacks against obfuscation tools which are
con-figured in Tor. 'e other is to detect the association
betweennodes, in order to discover the connection between senderand
receiver, which destroys the anonymity of the channel.'is attack
includes the following ways:
(i) Predecessor attack: the adversary has control somenodes and
collects relevant information. When heknows the node is on the
senders’ path, the pre-cursor node of this node is more likely to
be asender. 'is attack requires many controlled nodesto work
together, so the predecessor attack is alsocalled the collusion
attack.
(ii) Sybil attack: Sybil attack means that malicious at-tackers
control some nodes by imitating the identityof nodes in the system.
'ese malicious nodes leaksystem information to the attacker, and
the attackercan infer the routing forwarding and data redun-dancy
strategies of the system, so as to launch aprecursor attack.
(iii) Replay attack: replay attack means that an attackerrecords
the message to be tracked first and thensends it back. 'e attacker
tracks the message byobserving the output of the mix node until
therecipient is found. In deterministic encryptionschemes,
resisting replay attacks is a difficultproblem. Mix nodes must
remember the messagethey have processed in order to prevent
attackersfrom discovering recipient.
(iv) Message tagging attack: tagging attack is initiated byan
internal attacker who controls the first and lastnode. 'e attackers
mark messages at the first node.In this way, the attacker can
identify the message inthe last node according to the tag, thus
linking thesender and receiver.
(v) N-1 attack: the N-1 attack is also known as floodingattack.
'e attacker’s goal is to track the path of atarget message. He
isolates any message other than atarget message, and a certain
number of forgedmessages are sent at the same time. 'us, when
allmessages flow out of mix, the only message that isnot forged is
the target message that the attackerwants to track.
(vi) Flow correlation attack: the adversary observes thetraffic
that one particular mix is receiving at a specialport and then
finds the corresponding traffic atoutput ports. 'is attack can be
performed bynoting the timing of the packet between the traffic
atthe input and the output port or with the help of MLand DL to
correlate traffic.
6.3. Summary. Due to the existence of a large number ofnetwork
covert channel construction techniques, each attackmethod is
generally only effective for specific channels. Eventhe elimination
or limitation attacks against some channelshave not been studied.
Now, research focuses on detection
Security and Communication Networks 15
-
attacks. Most detection attacks are done by collecting
trafficfingerprints and training ML or DL models. 'e success ofthis
attack lies in selecting the appropriate traffic fingerprintand
model. We summarise the attacks against covertchannels in Table
7.
7. Challenges and Future Directions
After investigating the attacks against covert channels
inSection 6, we see that there are two challenges that
stillremain:
(i) 'e IP blocking or other blocking technology hasmade most
transmission network level channelsunavailable
(ii) 'e use of ML and DL technology makes the covertchannel
easier to expose
So, the future directions for covert channel are to im-prove the
ability to resist attacks. In addition, we discussseveral specific
research methods in the following.
7.1. Adversarial Examples. In recent years, researchers
havefound that ML or DL shows great vulnerability when in-putting
some well-designed examples. 'ese well-designedexamples are
adversarial examples. With the help ofadversarial machine learning
technology, we can add acertain amount of noise to the covert
traffic to generateadversarial examples. So, the model is deceived
to make awrong judgment.
7.2. Measuring Internet Censorship. In order to avoid
beingeliminated by censors, the covert channel can be
designedspecifically from the perspective of analyzing the
censorshiptechnology used by the censors. Measurement research
oncensorship is a prerequisite for this approach.
7.3. Reversible Network Covert Channel. Many of the CSCsand CTCs
proposed alter some traffic features permanentlywhen embedding
data. So, they are easy to be detected byMLor DL. 'erefore, we can
use RDHT (reversible data hiding
techniques) to construct the channel which is able to revertthe
covert traffic to its original form.
7.4. New Network Environments. Under some new
networkenvironments such as IOT (the Internet of 'ings),
SDN(software defined network), and ICS (industrial controlsystems),
there is no mature covert communication system.With the continuous
innovation of new network technol-ogies, we can use the
characteristics of the new network toconstruct more concealed
channels.
8. Conclusion
As a key technology in the field of network security,
covertchannels have always been an effective way to protect
userprivacy. With the development of information steganog-raphy and
Internet, the network covert channel constructiontechnology
continues to be innovated. But at the same time,because the network
covert channel can copy with repressivegovernments, censors are
also starting to pay close attentionto covert channels. 'e
elimination attack, limitation attack,and detection attack against
covert channels have a signif-icant impact on security of covert
channels. Although not allattacks can be successful because each
channel has differentcharacteristics, there are always one or more
attacks that caneffectively affect certain performance of covert
channel. So,many network covert channels cannot simultaneously
satisfyhigh availability, strong robustness, and high
transmissionefficiency. 'e characteristics of the new network can
beused to increase the three aspects to some extent.
In this article, we have presented a comprehensive lit-erature
review, focusing on the techniques for constructingnetwork covert
channels, covert channel metrics, and attacksagainst network covert
channels. 'e covert channels in thenew network environment
(streaming media, blockchain,and IPv6) have been introduced and
compared. We identifychallenges to explore the future direction of
improvementand propose possible research methods. We believe
thisreview will contribute to the development of this
researcharea.
Table 7: Attack against covert channels.
Level Covert channel Elimination Limitation Detection
Communicationcontent
Covert timing channels — Addingdelays
(i) Detecting traffic shape.(ii) Detecting traffic
regularity.
(iii) Detecting traffic randomness.(iv) ML or DL technology.
Covert storage channels Traffic normalization — ML or DL
technology.
Transmissionnetwork
Proxy (i) IP blocking(ii) URL blocking —(i) Regular
expressions.(ii) Traffic watermark.
(iii) ML or DL technology.
Anonymouscommunication
(i) Blocking the IPs of mixnodes
(ii) Blocking officialhomepages
(iii) Poisoning DNSresolutions
—
(i) Detecting mix nodes: ML or DLtechnology.
(ii) Detecting the association between nodes:Sybil attack,
etc.
16 Security and Communication Networks
-
Conflicts of Interest
'e authors declare that they have no conflicts of interest.
Acknowledgments
'is work was supported by the National Natural ScienceFoundation
of China (No. U1636217) and the National KeyResearch and
Development Program of China (Nos.2016QY05X1000 and
2018YFB1800200), and Key Researchand Development Program for
Guangdong Province undergrant no. 2019B010137003.
References
[1] X. Xu, Z. M. Mao, and J. A. Halderman, “Internet
censorshipin China: where does the filtering occur?” in Proceedings
ofthe 2011 International Conference on Passive and ActiveNetwork
Measurement, pp. 133–142, Atlanta, GA, USA,March 2011.
[2] R. Deibert, R. Rohozinski, and A. Manchanda,
“Trackingghostnet: investigating a cyber espionage network,”
inMunkCentre for International Studies, University of
Toronto,Toronto, Canada, 2009.
[3] S. Adair, R. Deibert, and R. Rohozinski, “Shadows in
thecloud: investigating cyber espionage 2.0, in a joint report
ofthe information warfare monitor and shadowserver foun-dation,”
2010, http://shadows-in-the-cloud.net.
[4] Identify Chinese Cyber Espionage Group,
https://tinyurl.com/pntdm64.
[5] S. Aryan, H. Aryan, and J. A. Halderman, “Internet
cen-sorship in Iran: a first look,” in Proceedings of the
3rd{USENIX} Workshop on Free and Open Communications onthe
Internet, Washington, DC, USA, 2013.
[6] R. Kang, L. Dabbish, and K. Sutton, “Strangers on yourphone:
why people use anonymous communication appli-cations,” in
Proceedings of the 19th ACM Conference onComputer-Supported
Cooperative Work & Social Computing,pp. 359–370, San Francisco,
CA, USA, 2016.
[7] Y.-F. Li, L.-P. Ding, J.-Z. Wu et al., “Survey on key issues
innetworks covert channel,” Journal of Software, vol. 30, no. 8,pp.
2470–2490, 2019.
[8] A. Kwon, H. Corrigan-Gibbs, S. Devadas, and B. Ford,“Atom:
scalable anonymity resistant to traffic analysis,”
2016,https://arxiv.org/pdf/1612.07841.pdf.
[9] F. Al-Obaidy, S. Momtahen, M. F. Hossain, andF. Mohammadi,
“Encrypted traffic classification based ml foridentifying different
social media applications,” in Pro-ceedings of the 2019 IEEE
Canadian Conference of Electricaland Computer Engineering (CCECE),
pp. 1–5, Edmonton,Canada, 2019.
[10] M. Brenner, N. Christin, B. Johnson, and K. Rohloff,
Eds.,Lecture Notes in Computer Science, Springer, Vol. 8976,Berlin,
Germany, 2015.
[11] A. M. Piotrowska, J. Hayes, T. Elahi, S. Meiser, andG.
Danezis, “'e loopix anonymity system,” in Proceedings ofthe 26th
USENIX Security Symposium, pp. 1199–1216,Vancouver, Canada, August
2017.
[12] S. Rezaei and X. Liu, “Deep learning for encrypted
trafficclassification: an overview,” IEEE Communications Maga-zine,
vol. 57, no. 5, pp. 76–81, 2019.
[13] C. Liu, L. He, G. Xiong, Z. Cao, and Z. Li, “FS-NET: a
flowsequence network for encrypted traffic classification,” in
Proceedings of the 2019 IEEE INFOCOM 2019-IEEE Con-ference on
Computer Communications, pp. 1171–1179, Paris,France, April
2019.
[14] A. C. Aldaya and B. B. Brumley, “When one
vulnerableprimitive turns viral: novel single-trace attacks on
ECDSA andRSA,” IACR Cryptology ePrint Archive, vol. 2020, p. 55,
2020.
[15] E. S. Alashwali and K. Rasmussen, “What’s in a downgrade?A
taxonomy of downgrade attacks in the TLS protocol andapplication
protocols using TLS,” IACR Cryptology ePrintArchive, vol. 2019, p.
1083, 2019.
[16] Eff’s Guide, https://www.eff.org.[17] C.Wang, X.Wang, Y. Lu
et al., “Categorization of classic and
new covert channel techniques and its application in
threatrestriction,” Journal of Software, vol. 31, no. 1, pp.
228–245,2020.
[18] Q. Tan, J. Shi, B. Fang et al., “Measurement method
ofunobservability in anonymous communication system,”Computer
Research and Development, vol. 52, no. 10,pp. 2373–2381, 2015.
[19] B. B. Gupta and R. Kumar, “Stepping stone
detectiontechniques: classification and state-of-art,” in
Proceedings ofthe ICRCWP 2015, Jaipur, India, 2015.
[20] E. Wustrow, C. M. Swanson, and J. A. Halderman, “Tap-dance:
end-to-middle anticensorship without flow blocking,”in Proceedings
of the 23rd {USENIX} Security Symposium,pp. 159–174, San Diego, CA,
USA, August 2014.
[21] I. Cooper and J. Dilley, “Known HTTP
proxy/cachingproblems,” RFC, vol. 3143, pp. 1–32, 2001.
[22] E. Wustrow, S. Wolchok, I. Goldberg, and J. A.
Halderman,“Telex: anticensorship in the network infrastructure,”
inProceedings of the 2011 USENIX Security Symposium, p. 45,San
Francisco, CA, USA, 2011.
[23] R. Dingledine, N. Mathewson, and P. F. Syverson, “Tor:
thesecond-generation onion router,” in Proceedings of the
13thUSENIX Security Symposium, pp. 303–320, San Diego, CA,USA,
August 2004.
[24] B. Zantout and R. Haraty, “I2p data communication
system,”in Proceedings of 2011 ICN, pp. 401–409, Toronto,
Canada,2011.
[25] S. Li, M. Schliep, and N. Hopper, “Facet: streaming
overvideoconferencing for censorship circumvention,” in
Pro-ceedings of the 13th Workshop on Privacy in the
ElectronicSociety, pp. 163–172, Scottsdale, AZ, USA, 2014.
[26] R. McPherson, A. Houmansadr, and V. Shmatikov,
“Cov-ertcast: using live streaming to evade internet
censorship,”Proceedings on Privacy Enhancing Technologies, vol.
2016,no. 3, pp. 212–225, 2016.
[27] D. Barradas, N. Santos, and L. Rodrigues,
“Deltashaper:enabling unobservable censorship-resistant TCP
tunnelingover videoconferencing streams,” Proceedings on
PrivacyEnhancing Technologies, vol. 2017, no. 4, pp. 5–22,
2017.
[28] Y. Li, L. Ding, J. Wu et al., “Research on a new network
covertchannel model in blockchain environment,” Journal
onCommunications, vol. 40, no. 5, pp. 67–79, 2019.
[29] Botchain Homepage, https://botchain.network/.[30] D. Frkat,
R. Annessi, and T. Zseby, “Chainchannels: private
botnet communication over public blockchains,” in Pro-ceedings
of the 2018 IEEE International Conference on In-ternet of Dings
(iDings) and IEEE Green Computing andCommunications (GreenCom) and
IEEE Cyber, Physical andSocial Computing (CPSCom) and IEEE Smart
Data(SmartData), iDings/GreenCom/CPSCom/SmartData 2018,pp.
1244–1252, Halifax, Canada, July 2018.
Security and Communication Networks 17
http://shadows-in-the-cloud.nethttps://tinyurl.com/pntdm64https://tinyurl.com/pntdm64https://arxiv.org/pdf/1612.07841.pdfhttps://www.eff.orghttps://botchain.network/
-
[31] N. B. Lucena, G. Lewandowski, and S. J. Chapin,
“Covertchannels in ipv6,” in Proceedings of the
InternationalWorkshop on Privacy Enhancing Technologies, pp.
147–166,Cambridge, UK, 2005.
[32] J. Geddes, M. Schuchard, and N. Hopper, “Cover your
ACKs:pitfalls of covert channel censorship circumvention,”
inProceedings of the 2013 ACM SIGSAC Conference on Com-puter and
Communications Security, CCS’13, Berlin, Ger-many, November
2013.
[33] A. Dunna, C. O’Brien, and P. Gill, “Analyzing
China’sblocking of unpublished tor bridges,” in Proceedings of
the8th USENIX Workshop on Free and Open Communicationson the
Internet (FOCI 18), Baltimore, MD, USA, 2018.
[34] N. P. Hoang, S. Doreen, and M. Polychronakis, “Measuringi2p
censorship at a global scale,” in Proceedings of the 9thUSENIX
Workshop on Free and Open Communications onthe Internet (FOCI 19),
Santa Clara, CA, USA, 2019.
[35] T. E. I. Chief and N. D. Fonseca, “Covert channels and
coun-termeasures in computer network protocols,” IEEE
Commu-nications Surveys & Tutorials, vol. 9, no. 3, pp. 44–57,
2007.
[36] B. Lampson, “A note on the confinement problem,” 1973,
https://www.cs.utexas.edu/∼shmat/courses/cs380s_fall09/lampson73.pdf.
[37] G. J. Simmons, “'e prisoners’ problem and the
subliminalchannel,” in Advances in Cryptology, pp. 51–67,
Springer,Berlin, Germany, 1984.
[38] J. K. Millen, “20 years of covert channel modeling
andanalysis,” in Proceedings of the 1999 IEEE Symposium onSecurity
and Privacy, Oakland, CA, USA, May 1999.
[39] S. Wendzel, S. Zander, B. Fechner, and C. Herdin,
“Pattern-based survey and categorization of network covert
channeltechniques,” ACM Computing Surveys, vol. 47, no. 3, p.
50,2015.
[40] S. Zander, G. Armitage, and P. Branch, “A survey of
covertchannels