MES-Attacks: Software-Controlled Covert Channels based on Mutual Exclusion and Synchronization
Multi-process concurrency is effective in improving program efficiency and maximizing CPU utilization. The correct execution of concurrency is ensured by the mutual exclusion and synchronization mechanism (MESM) that manages the shared hardware and software resources. We propose MES-Attacks, a new set of software-controlled covert channel attacks based on MESM to transmit confidential information. MES-Attacks offer several advantages: 1) the covert channels are constructed at software level and can be deployed on any hardware; 2) closed share of resource ensures the quality of the channels with low interference and makes them hard to be detected; and 3) it utilizes the system's software resources which are abound and hence difficult to isolate. We built covert channels using different MESMs on Windows and Linux, including Event, Timer, FileLockEX, Mutex, Semaphore and flock. Experimental results demonstrate that these covert channels can achieve transmission rate of 13.105 kb/s, 12.383 kb/s, and 6.552 kb/s, respectively in the scenarios of local, cross-sandbox and cross-VM, where the bit error rates are all under 1%.
READ FULL TEXT