Many covert channels take advantages of weaknesses, flaws, or unused data fields in network protocols. In this paper, a behavior-based covert channel, that takes advantages of behavior of an application, is presented along with a formal definition in the framework of finite state machines. The behavior-based covert channel is application specific and lies at the application layer of the network OSI model, which makes the detection of this type of covert channel much more difficult. A detailed sample implementation demonstrates an example of this type of covert channel in the form of a simple online two-person game. The potential of this type of covert channel is also discussed.

Date of creation, presentation, or exhibit



Note: imported from RIT’s Digital Media Library running on DSpace to RIT Scholar Works in February 2014.

Document Type

Conference Proceeding

Department, Program, or Center

Department of Computing Security (GCCIS)


RIT – Main Campus