Abstract
Aiming at the problem that the existing network storage covert channel detection algorithm can not take into account both the detection rate and the computational complexity, a network storage covert channel detection method based on data joint analysis is proposed. This method studies the information hiding mechanism of the network storage covert channel according to related documents. Based on this, the regularity characteristics of the packets in each field of the network data packet and the correlation characteristics between the packets are analyzed. The above characteristics are further transformed into eigenvector matrices through kernel density estimation, variation coefficient, fragility entropy, and autocorrelation coefficient. And SVM classifier is trained using eigenvector matrices. The experimental test shows that this method has a high detection rate and its computational complexity is small.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Archibald, R., Ghosal, D.: A comparative analysis of detection metrics for covert timing channels. Comput. Secur. 45(8), 284–292 (2014)
Zseby, T., Vázquez, F.I., Bernhardt, V., et al.: A network steganography lab on detecting TCP/IP covert channels. IEEE Trans. Educ. 59(3), 224–232 (2016)
Shrestha, P.L, Hempel, M., Rezaei, F., et al.: Leveraging statistical feature points for generalized detection of covert timing channels. In: IEEE Military Communications Conference, pp. 7–11. IEEE Computer Society (2014)
Hélouët, L., Jard, C., Zeitoun, M.: Covert channels detection in protocols using scenarios. In: Proceedings of Spv’ Workshop on Security Protocols Verification (2003)
Rezaei, F., Hempel, M., Shrestha, P.L., et al.: Detecting covert timing channels using non-parametric statistical approaches. In: Wireless Communications and Mobile Computing Conference, pp. 102–107. IEEE (2015)
Zhang, L., Liu, G., Dai, Y.: Network packet length covert channel based on empirical distribution function. J. Netw. 9(6) (2014)
Cao, P., Liu, W., Liu, G., et al.: A wireless covert channel based on constellation shaping modulation. Secur. Commun. Netw. 1–15 (2018)
Cabuk, S., Brodley, C.E., Shields, C.: IP covert timing channels: design and detection. In: ACM Conference on Computer and Communications Security, CCS 2004, Washington, DC, USA, October, pp. 178–187. DBLP (2004)
Berk, V., Giani, A., Cybenko, G.: Detection of covert channel encoding in network packet delays. Rapport Technique Tr (2009)
Pang, P., Zhao, H., Bao, Z.: A probability-model-based approach to detect covert timing channel. In: IEEE International Conference on Information and Automation, pp. 1043–1047. IEEE (2015)
Shrestha, P.L., Hempel, M., Rezaei, F., et al.: A support vector machine-based framework for detection of covert timing channels. IEEE Trans. Dependable Secur. Comput. 13(2), 274–283 (2016)
Gianvecchio, S., Wang, H.: An entropy-based approach to detecting covert timing channels. In: ACM Conference on Computer and Communications Security, Alexandria, Virginia, USA, pp. 307–316. DBLP, October 2011
Shah, G., Molina, A., Blaze, M.: Keyboards and covert channels. In: Conference on Usenix Security Symposium. USENIX Association (2009)
Lin, Y., Malik, S.U.R., et al.: Designing and modeling of covert channels in operating systems. IEEE Trans. Comput. 69(5), 224–232 (2015)
Bloch, M.R.: Covert communication over noisy channels: a resolvability perspective. IEEE Trans. Inf. Theor. 62(5), 2334–2354 (2016)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Switzerland AG
About this paper
Cite this paper
Fu, G., Li, Q., Chen, Z., Zeng, G., Gu, J. (2018). Network Storage Covert Channel Detection Based on Data Joint Analysis. In: Sun, X., Pan, Z., Bertino, E. (eds) Cloud Computing and Security. ICCCS 2018. Lecture Notes in Computer Science(), vol 11066. Springer, Cham. https://doi.org/10.1007/978-3-030-00015-8_30
Download citation
DOI: https://doi.org/10.1007/978-3-030-00015-8_30
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-00014-1
Online ISBN: 978-3-030-00015-8
eBook Packages: Computer ScienceComputer Science (R0)