Tech moves fast! Stay ahead of the curve with Techopedia!
Join nearly 200,000 subscribers who receive actionable tech insights from Techopedia.
A covert channel is a type of computer attack that allows the communication of information by transferring objects through existing information channels or networks using the structure of the existing medium to convey the data in small parts. This makes conveyance through a covert channel virtually undetectable by administrators or users.
Covert channels have been used to steal data from highly secure systems.
A covert channel is created by using some of the space available either within the padding or within other parts of the transport of network packets. Covert channels use any means where data can be added to a data stream without affecting the main body of data being transmitted. This allows the covert receiver to abstract data from a system without creating any type of data trail. A single packet might only contain one or two bits of the covert data stream, making detection very difficult.
Creating a covert channel takes some ingenious programming, and access to the file system at the source end of the communication is essential. This means that a covert channel can only be instigated through viral infection or through a programming effort that has administrative or other authorized access to the system.
Covert channel analysis is one of the few ways to detect a covert channel. System performance degradation can be used to show covert channel use, but as computers have advanced, the degradation is insignificant compared to the amount of data processed. This makes detection even harder. The primary way of defending against covert channel attacks is to examine the source code running on the source machine, as well as monitor resource use by the system in question.