A Robust Covert Channel With Self-Bit Recovery for IEEE 802.11 Networks

Covert channels are commonly perceived as potential attack vectors in wireless communication environments and are categorized into covert timing channels (CTCs) and covert storage channels based on their creation method. Although CTCs are generally difficult to detect, we identified their potential use as secure message carriers in wireless communication, particularly within the IEEE 802.11 environments. In this context, access points continuously broadcast packets to nearby devices. Our aim was to create a robust CTC using these broadcast packets. However, IEEE 802.11 operates as a one-way communication channel, which prevents the covert receiver from confirming proper message reception. Moreover, in the event of incorrect reception, the receiver cannot send an ACK to the sender to avoid detection risk. This article proposes a CTC with a self-bit recovery function for consecutive two-bit losses. We validated the practicality of our proposed CTC through simulations involving laptops and a Zynq board. Furthermore, we assessed the robustness of our covert channel and compared its performance with that of existing CTCs. The results indicate superior covertness, higher capacity, and transmission accuracy compared with existing CTCs. Notably, our study represents the first CTC algorithm capable of recovering consecutive 2-bit losses.