Many covert channels take advantages of weaknesses, flaws, or unused data fields in network protocols. In this paper, a behavior-based covert channel, that takes advantages of behavior of an application, is presented along with a formal definition in the framework of finite state machines. The behavior-based covert channel is application specific and lies at the application layer of the network OSI model, which makes the detection of this type of covert channel much more difficult. A detailed sample implementation demonstrates an example of this type of covert channel in the form of a simple online two-person game. The potential of this type of covert channel is also discussed.
Date of creation, presentation, or exhibit
Department, Program, or Center
Department of Computing Security (GCCIS)
DARYL JOHNSON, PETER LUTZ, and BO YUAN (2009) BEHAVIOR-BASED COVERT CHANNEL IN CYBERSPACE. Intelligent Decision Making Systems: pp. 311-318. https://doi.org/10.1142/9789814295062_0049
RIT – Main Campus