|Initial publication||S. Wendzel, S. Zander, B. Fechner, C. Herdin in , updated by .|
|Illustration||The covert channel alters timing intervals between network PDUs (interarrival times) to encode hidden data.|
|Context||Network Covert Timing Channels -> Protocol-agnostic|
|Evidence||G. Shah, A. Molina, and M. Blaze. 2006. Keyboards and Covert Channels. In Proc. 15th USENIX Security
Symposium. USENIX Association, 59–75.
C. G. Girling. 1987. Covert Channels in LAN’s. IEEE Transactions on Software Engineering 13 (February
1987), 292–296. Issue 2.
S. Cabuk. 2006. Network covert channels: Design, analysis, detection, and elimination. Ph.D. Dissertation.
See  for additional evidence entries.
|Implementation||Covert Channels Evaluation Framework (CCHEF)|
 S. Wendzel, S. Zander, B. Fechner, C. Herdin: Pattern-based Survey and Categorization of Network Covert Channel Techniques, ACM Computing Surveys, Vol. 47, Issue 3, pp. 50:1-26, ACM, 2015.
An early version of the article is available here: download.
 W. Mazurczyk, S. Wendzel, S. Zander, A. Houmansadr, K. Szczypiorski: Information Hiding in Communication Networks, Wiley, 2016. Chapters 3 and 8 contain discussions on hiding patterns, basically on the basis of  but with an extension of timing-based patterns.