Covert Channel

What Does Covert Channel Mean?

A covert channel is a type of computer attack that allows the communication of information by transferring objects through existing information channels or networks using the structure of the existing medium to convey the data in small parts. This makes conveyance through a covert channel virtually undetectable by administrators or users.

Advertisements

Covert channels have been used to steal data from highly secure systems.

Techopedia Explains Covert Channel

A covert channel is created by using some of the space available either within the padding or within other parts of the transport of network packets. Covert channels use any means where data can be added to a data stream without affecting the main body of data being transmitted. This allows the covert receiver to abstract data from a system without creating any type of data trail. A single packet might only contain one or two bits of the covert data stream, making detection very difficult.

Creating a covert channel takes some ingenious programming, and access to the file system at the source end of the communication is essential. This means that a covert channel can only be instigated through viral infection or through a programming effort that has administrative or other authorized access to the system.

Covert channel analysis is one of the few ways to detect a covert channel. System performance degradation can be used to show covert channel use, but as computers have advanced, the degradation is insignificant compared to the amount of data processed. This makes detection even harder. The primary way of defending against covert channel attacks is to examine the source code running on the source machine, as well as monitor resource use by the system in question.

Advertisements

Related Terms

Margaret Rouse

Margaret is an award-winning technical writer and teacher known for her ability to explain complex technical subjects to a non-technical business audience. Over the past twenty years, her IT definitions have been published by Que in an encyclopedia of technology terms and cited in articles by the New York Times, Time Magazine, USA Today, ZDNet, PC Magazine, and Discovery Magazine. She joined Techopedia in 2011. Margaret's idea of a fun day is helping IT and business professionals learn to speak each other’s highly specialized languages.