Mex+Sync: Software Covert Channels Exploiting Mutual Exclusion and Synchronization

Mex+Sync: Software Covert Channels Exploiting Mutual Exclusion and Synchronization

The Mutual Exclusion and Synchronization Mechanism (MESM) is a basic process management mechanism in modern operating systems. However, we first found that MESM has serious vulnerabilities. In this paper, a new set of MESM-based software covert channels, named Mex+Sync, are proposed to transmit conf...

Full description

Saved in:
Bibliographic Details
Published in:IEEE transactions on computer-aided design of integrated circuits and systems Vol. 42; no. 12; p. 1
Main Authors: Zhang, Jiliang, Shen, Chaoqun, Qu, Gang
Format: Journal Article
Language:English
Published: New York IEEE 01-12-2023
The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
Subjects:
Bit error rate
Channels
Covert Channel
Hardware
Linux
Mutual Exclusion
Process control
Process management
Software
Synchronism
Synchronization
Time measurement
Trojan horses
Virtual environments
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:The Mutual Exclusion and Synchronization Mechanism (MESM) is a basic process management mechanism in modern operating systems. However, we first found that MESM has serious vulnerabilities. In this paper, a new set of MESM-based software covert channels, named Mex+Sync, are proposed to transmit confidential information. Mex+Sync offer several advantages: 1) the covert channels are constructed at the software level and can be deployed on any hardware; 2) the closed shared resource ensures the quality of the channels with low interference and makes them hard to be detected; and 3) the attack utilizes the system's software resources which abound and hence difficult to isolate. We build the covert channels on Linux and Windows with the following MESMs: flock, FileLockEX, Mutex, Semaphore, Event and WaitableTimer. Experimental results demonstrate that these covert channels can achieve transmission rate of 13.105 kb/s, 12.383 kb/s, and 6.552 kb/s, respectively, in the scenarios of local, cross-sandbox and cross-virtual machine, all with bit error rate under 1%. Meanwhile, we carefully analyze and verify the impact of noise on channel performance.
ISSN:0278-0070
1937-4151
DOI:10.1109/TCAD.2023.3291669