Comparing countermeasures against interrupt-related covert channels in an information-theoretic framework

Mantel, Heiko; Sudbrock, Henning

Comparing countermeasures against interrupt-related covert channels in an information-theoretic framework

Publikationstyp

Conference Paper

Date Issued

2007-07

Sprache

English

Author(s)

Mantel, Heiko

Sudbrock, Henning

TORE-URI

http://hdl.handle.net/11420/13916

Start Page

326

End Page

340

Article Number

4271658

Citation

20th IEEE Computer Security Foundations Symposium CSFS 2007: 4271658, 326-340 (2007)

Contribution to Conference

20th IEEE Computer Security Foundations Symposium, CSFS 2007

Publisher DOI

10.1109/CSF.2007.14

Scopus ID

2-s2.0-35048834771

Publisher

IEEE

Interrupt-driven communication with hardware devices can be exploited for establishing covert channels. In this article, we propose an information-theoretic framework for analyzing the bandwidth of such interrupt-related channels while taking aspects of noise into account. As countermeasures, we present mechanisms that are already implemented in some operating systems, though for a different purpose. Based on our formal framework, the effectiveness of the mechanisms is evaluated. Despite the large body of work on covert channels, this is the first comprehensive account of interrupt-related covert channel analysis and mitigation.

DDC Class

004: Informatik

Options

Comparing countermeasures against interrupt-related covert channels in an information-theoretic framework