← BACK TO SEARCH RESULTS Download as PDF

Methods, systems and computer readable media for detecting covert timing channels

Technology Overview:

The method can detect covert timing channels by:

1. reproducing the timing of every network output;
2. comparing the observed timing to the reproduced timing; and
3. issuing an alert if there is any discrepancy.

Penn researchers have built a time deterministic replay prototype called Sanity. It reproduces timing to within 2% on commodity hardware. It can be used to detect a variety of existing and novel covert timing channels with perfect accuracy.

Advantages:

All detectors can detect IPCTC with perfect accuracy, existing detectors do worse for more sophisticated channels, and existing detectors cannot detect "Needle in a haystack" well. Sanity detects all channels with perfect accuracy! No false positives, no false negatives.

Intellectual Property:

US 10,437,993

Reference Media:

Chen, A. et al.; 11th USENIX Symposium on Operating Systems Design and Implementation (OSDI '14), Broomfield, CO, October 2014. (pdf)

Desired Partnerships:

License
Co-development

Direct Link:

https://upenn.technologypublisher.com/technology/38305

Contact

Terry Bray

Executive Director, SEAS/SAS Licensing Group

University of Pennsylvania

tbray1@upenn.edu

INVENTORS

CATEGORY(S)

Technology Classifications > Computer Information Systems

Keywords

Docket # 15-7281