Skip to main content

Home Covert channel

Covert channel

Covert channel definition

A covert channel is a communication channel that allows entities to transfer information in a way that violates the system's security policy. While these channels can increase the privacy and security of critical communication, criminals use covert channels to carry out cyberattacks. Covert channels use existing mediums to send data in small parts, making it virtually impossible for administrators or users to detect. Criminals have used covert channels to steal data from highly secure systems.

How covert channels are created

  • Creating a covert channel is complicated and requires advanced levels of programming.
  • The entity creating the channel must also have access to the file system.
  • The main ways covert channels are created are through viral infection or programming efforts by someone with admin access to the system.

Covert channel types

  • Storage channels. These channels communicate by modifying the storage location (e.g., hard drive). Unused fields in communication protocols like TCP/IP Stack can be used as storage channels.
  • Timing channels. Attackers use these channels to modify the system resources and send messages over a set period. Inter-packet delay refers to the delay between the transfer of continuous data packets. Timing channels exploit these inter-packet delays by modulating them to decode a portion of the data present in these packets.