CERIAS - Center for Education and Research in Information Assurance and Security

Skip Navigation
Purdue University - Discovery Park
Center for Education and Research in Information Assurance and Security

Covert Channels

Jonathan Millen - Mitre

Jan 30, 1997


A Trojan horse might attempt to send sensitive information belonging to its user to whoever wrote or planted the program. In most systems this is easy because a program runs with the privileges of its user. Systems with "mandatory" access controls make the attacker's job harder because they prevent obvious subversions such as copying files or sending messages to unauthorized parties. However, it is usually possible to bypass those controls by leaking information one bit at a time through shared operating system resources, sometimes at tens or hundreds of bits per second. This talk gives some examples of covert channels and discusses the problem of detecting them and estimating leakage rates.

Unless otherwise noted, the security seminar is held on Wednesdays at 4:30P.M. STEW G52 (Suite 050B), West Lafayette Campus. More information...


The views, opinions and assumptions expressed in these videos are those of the presenter and do not necessarily reflect the official policy or position of CERIAS or Purdue University. All content included in these videos, are the property of Purdue University, the presenter and/or the presenter’s organization, and protected by U.S. and international copyright laws. The collection, arrangement and assembly of all content in these videos and on the hosting website exclusive property of Purdue University. You may not copy, reproduce, distribute, publish, display, perform, modify, create derivative works, transmit, or in any other way exploit any part of copyrighted material without permission from CERIAS, Purdue University.