With its wider acceptability, cloud can host a diverse set of data and applications ranging from entertainment to personal to industry. The foundation of cloud computing is based on virtual machines where boundaries among the application data are very thin, and the potential of data leakage exists all the time. For instance, a virtual machine covert timing channel is an aggressive mechanism to leak confidential information through shared components or networks by violating isolation and security policies in practice. The performance of a covert timing channel (covert channel) is crucial to adversaries and attempts have been made to improve the performance of covert timing channels by advancing the encoding mechanism and covert information carriers. Though promising, the redundancy of the covert message is mainly overlooked. This paper applies three encoding schemes namely run-length, Huffman, and arithmetic encoding schemes for data compression of a virtual machine covert timing channel by exploiting redundancy. Accordingly, the paper studies the performance of such channels according to their capacity. Unfortunately, we show that these encoding schemes still contain redundancy in a covert channel scenario, and thereby a new encoding scheme namely optimized Runlength encoding (OptRLE) is presented that greatly enhances the performance of a covert timing channel. Several optimizations schemes adopted by OptRLE are also discussed, and a mathematical model of the behavior of an OptRLE-based covert timing channel is proposed. The theoretical capacity of a channel can be obtained using the proposed model. Our analysis reveals that OptRLE further improves the performance of a covert timing channel, in addition to the effects of the optimizations. Experimental result shows how OptRLE affects the size of covert data and the capacity of covert timing channels, and why the performance of the covert timing channel is improved.

凭借其更广泛的可接受性，云可以托管从娱乐到个人再到行业的各种数据和应用程序。云计算的基础是基于虚拟机，应用数据之间的界限非常薄弱，数据泄露的可能性始终存在。例如，虚拟机隐蔽定时通道是一种激进的机制，通过共享组件或网络在实践中违反隔离和安全策略来泄露机密信息。隐蔽定时信道（隐蔽信道）的性能对于对手来说至关重要，并且已经尝试通过改进编码机制和隐蔽信息载体来提高隐蔽定时信道的性能。尽管很有希望，但隐藏信息的冗余主要被忽视。本文应用三种编码方案，即游程编码方案、霍夫曼编码方案和算术编码方案，通过利用冗余来对虚拟机隐蔽时序通道进行数据压缩。因此，本文根据此类通道的容量研究其性能。不幸的是，我们表明这些编码方案在隐蔽信道场景中仍然包含冗余，因此提出了一种新的编码方案，即优化游程编码（OptRLE），它极大地增强了隐蔽定时信道的性能。还讨论了 OptRLE 采用的几种优化方案，并提出了基于 OptRLE 的隐蔽定时信道行为的数学模型。可以使用所提出的模型获得信道的理论容量。我们的分析表明，除了优化效果之外，OptRLE 还进一步提高了隐蔽定时通道的性能。实验结果表明OptRLE如何影响隐蔽数据的大小和隐蔽定时通道的容量，以及为什么隐蔽定时通道的性能得到提高。