Visible to the public A timestamp-based covert data transmission method in Industrial Control System

TitleA timestamp-based covert data transmission method in Industrial Control System
Publication TypeConference Paper
Year of Publication2022
AuthorsLu, Jie, Ding, Yong, Li, Zhenyu, Wang, Chunhui
Conference Name2022 7th IEEE International Conference on Data Science in Cyberspace (DSC)
Date Publishedjul
Keywordscompositionality, covert channel, covert channels, Data Science, Data security, Firewalls (computing), ICMP, industrial control, industrial control system, integrated circuits, Iptables, Linux, Protocols, pubcrawl, resilience, Resiliency, Scalability, security
AbstractCovert channels are data transmission methods that bypass the detection of security mechanisms and pose a serious threat to critical infrastructure. Meanwhile, it is also an effective way to ensure the secure transmission of private data. Therefore, research on covert channels helps us to quickly detect attacks and protect the security of data transmission. This paper proposes covert channels based on the timestamp of the Internet Control Message Protocol echo reply packet in the Linux system. By considering the concealment, we improve our proposed covert channels, ensuring that changing trends in the timestamp of modified consecutive packets are consistent with consecutive regular packets. Besides, we design an Iptables rule based on the current system time to analyze the performance of the proposed covert channels. Finally, it is shown through experiments that the channels complete the private data transmission in the industrial control network. Furthermore, the results demonstrate that the improved covert channels offer better performance in concealment, time cost, and the firewall test.
Citation Keylu_timestamp-based_2022