Learning to Behave: Improving Covert Channel Security with Behavior-Based Designs

Ryan Wails; Andrew Stange; Eliana Troper; Aylin Caliskan; Roger Dingledine; Rob Jansen; Micah Sherr

Learning to Behave: Improving Covert Channel Security with Behavior-Based Designs

Authors: Ryan Wails (Georgetown, U.S. Naval Research Laboratory), Andrew Stange (Carnegie Mellon), Eliana Troper (Georgetown Univ.), Aylin Caliskan (University of Washington), Roger Dingledine (The Tor Project), Rob Jansen (U.S. Naval Research Laboratory), Micah Sherr (Georgetown Univ.)

Volume: 2022
Issue: 3
Pages: 179–199
DOI: https://doi.org/10.56553/popets-2022-0068

Download PDF

Abstract: Censorship-resistant communication systems generally use real-world cover protocols to establish a covert channel through which uncensored communication can occur. Unfortunately, many previously proposed systems use cover protocols inconsistently with the way humans normally use those protocols, leading to anomalous network traffic patterns that have been shown to be discoverable by real-world censors. In this paper, we argue that censorship-resistant communication systems should follow two behavior-based design properties: (i) behavioral independence: systems should isolate the operation of their covert channels from the operation of their cover protocols, and (ii) behavioral realism: systems should either opportunistically use existing genuine cover protocol instances or run new protocol instances that are modeled after genuine ones. These properties ensure that the behavior of a system’s users will not degrade its security. We demonstrate how to achieve these properties through the design and evaluation of Raven, a censorship-resistant messaging system that uses email cover protocols identically to the way humans use email. Raven uses a generative adversarial network that is trained on genuine email data to control the timing and sizes of the email messages it sends and receives, and these messages are transferred independently of user actions. Our evaluation shows that, compared to the state-of-the-art email-based Mailet system, Raven raises the false-positive rate from 3% to 50% when detecting covert channel usage with 100% recall.

Keywords: covert communication; Internet censorship

Copyright in PoPETs articles are held by their authors. This article is published under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 license.