Biblio

Information leaks are a top concern to industry and government leaders. The Internet of Things (IoT) is a rapidly growing technology capable of sensing real-world events. IoT devices lack a common security standard and typically use lightweight security solutions, exposing the sensitive real-world data they gather. Covert channels are a practical method of exfiltrating data from these devices.This research presents a novel IoT covert timing channel (CTC) that encodes data within preexisting network information, namely ports or addresses. This method eliminates the need for inter-packet delays (IPD) to encode data. Seven different encoding methods are implemented between two IoT protocols, TCP/IP and ZigBee. The TCP/IP covert channel is created by mimicking a Ring smart doorbell and implemented using Amazon Web Services (AWS) servers to generate traffic. The ZigBee channel is built by copying a Philips Hue lighting system and executed on an isolated local area network (LAN). Variants of the CTC focus either on Stealth or Bandwidth. Stealth methods mimic legitimate traffic captures to make them difficult to detect while the Bandwidth methods forgo this approach for maximum throughput. Detection results are presented using shape-based and regularity-based detection tests.The Stealth results have a throughput of 4.61 bits per second (bps) for TCP/IP and 3.90 bps for ZigBee. They also evade shape and regularity-based detection tests. The Bandwidth methods average 81.7 Kbps for TCP/IP and 9.76 bps for ZigBee but are evident in detection tests. The results show that CTC using address or port encoding can have superior throughput or detectability compared to IPD-based CTCs.

To build the fifth generation (5G) mobile network, the sharing structure in the 5G network adopted in industries has gained great research interesting. However, in this structure data are shared among diversity networks, which introduces the threaten of network security, such as covert timing channels. To eliminate the covert timing channel, we propose to inject noise into the covert timing channel. By analyzing the modulation method of covert timing channels, we design the jamming strategy on the covert channel. According to the strategy, the interference algorithm of the covert timing channel is designed. Since the interference algorithm depends heavily on the memory, we construct a distributing jammer. Experiments results show that these covert time channel can be blocked under the distributing jammer.

In this study, delays between data packets were read by using different window sizes to detect data transmitted from covert timing channel in computer networks, and feature vectors were extracted from them and detection of hidden data by some classification algorithms was achieved with high performance rate.

Continuous development of Network-on-Chip (NoC) enables different types of applications to run efficiently in a Multiprocessor System-on-Chip (MP-SoC). Guaranteed service (GS) can be provided by circuit switching NoC and Best effort service (BES) can be provided by packet switching NoC. A hybrid NoC containing both packet and circuit switching, can provide both types of services to these different applications. But these different applications can be of different security levels and one application can interfere another application's timing characteristics during network transmission. Using this interference, a malicious application can extract secret information from higher security level flows (timing side channel) or two applications can communicate covertly violating the system's security policy (covert timing channel). We propose different mechanisms to protect hybrid routers from timing channel attacks. For design space exploration, we propose three timing channel secure hybrid routers viz. Separate Hybrid (SH), Combined with Separate interface Hybrid (CSH), and Combined Hybrid (CH) routers. Simulation results show that all three routers are secure from timing channel when compared to a conventional hybrid router. Synthesis results show that the area increments compared to a conventional hybrid router are only 7.63, 11.8, and 19.69 percent for SH, CSH, and CH routers respectively. Thus simulation and synthesis results prove the effectiveness of our proposed mechanisms with acceptable area overheads.