Abstract
This paper presents a novel method to implement a covert channel that is based on inducing dynamics to convey a covert message. These dynamics are induced in a manner that emulates the normal operation of a hypothetical virtual channel. As a case study, this paper focuses on a scenario whereby TCP packet losses are induced to change the behavior of the Additive-Increase Multiplicative-Decrease (AIMD) congestion control mechanism of TCP to convey the covert message. From the outside, the TCP connection appears to be a normal connection that is traversing a congested link or a lossy wireless link. However, the sender, through monitoring the packets that get retransmitted, will decode the covert message. Packet losses are induced based on a hashing algorithm with specific hash patterns that are chosen a priori to emulate a specific loss rate. We have assessed the performance of this covert channel through simple analysis, simulation and real Internet experiments. We illustrate the existence of an optimal packet drop rate that maximizes the throughput of the covert channel.