As programs, no matter how many layers of indirection in place, are really being run, they consume resources. Should this resource usage be precisely monitored, malicious programs might be able to communicate in spite of software protections.
We demonstrate the existence of such a covert channel bypassing isolations techniques and IPC policies. This covert channel that works over all major consumer OSes (Windows, Linux, MacOS) and relies on exploitation of the process table. We measure the bandwidth of this channel and suggest countermeasures.Category / Keywords: Date: received 1 Mar 2016, last revised 2 Mar 2016 Contact author: houda ferradi at ens fr Available format(s): PDF | BibTeX Citation Version: 20160302:113922 (All versions of this report) Short URL: ia.cr/2016/227 Discussion forum: Show discussion | Start new discussion