New constructive approach to covert channel modeling and channel capacity estimation

Zhenghong Wang, Ruby B. Lee

Research output: Chapter in Book/Report/Conference proceedingConference contribution

18 Scopus citations


In this paper, we examine general mechanisms that a covert channel may exploit and derive new minimum requirements for setting up a covert channel. We also propose a new classification of covert channels based on our analysis. Unlike the non-interference approaches, our approach is constructive, allowing the direct examination of system architectures at different abstraction levels for the presence or absence of the mechanisms that can be exploited to create covert channels. Also, unlike past research on covert channel capacity estimation which employed a synchronous channel model, we point out that covert channels are generally non-synchronous. To capture the asynchronous nature of covert channels, we propose the deletion-insertion channel model as a more general basis for covert channel capacity estimation. This enables modeling the effects of system behavior on covert channel capacity, leading to a more accurate upper bound of the resulting channel capacity.

Original languageEnglish (US)
Title of host publicationInformation Security - 8th International Conference, ISC 2005, Proceedings
PublisherSpringer Verlag
Number of pages8
ISBN (Print)354029001X, 9783540290018
StatePublished - 2005
Event8th International Conference on Information Security, ISC 2005 - Singapore, Singapore
Duration: Sep 20 2005Sep 23 2005

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume3650 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349


Other8th International Conference on Information Security, ISC 2005

All Science Journal Classification (ASJC) codes

  • Theoretical Computer Science
  • General Computer Science


Dive into the research topics of 'New constructive approach to covert channel modeling and channel capacity estimation'. Together they form a unique fingerprint.

Cite this