Skip to main content
SpringerLink
Log in

Network Storage Covert Channel Detection Based on Data Joint Analysis

  • Conference paper
  • First Online:
Cloud Computing and Security (ICCCS 2018)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 11066))

Included in the following conference series:

Abstract

Aiming at the problem that the existing network storage covert channel detection algorithm can not take into account both the detection rate and the computational complexity, a network storage covert channel detection method based on data joint analysis is proposed. This method studies the information hiding mechanism of the network storage covert channel according to related documents. Based on this, the regularity characteristics of the packets in each field of the network data packet and the correlation characteristics between the packets are analyzed. The above characteristics are further transformed into eigenvector matrices through kernel density estimation, variation coefficient, fragility entropy, and autocorrelation coefficient. And SVM classifier is trained using eigenvector matrices. The experimental test shows that this method has a high detection rate and its computational complexity is small.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Archibald, R., Ghosal, D.: A comparative analysis of detection metrics for covert timing channels. Comput. Secur. 45(8), 284–292 (2014)

    Article  Google Scholar 

  2. Zseby, T., Vázquez, F.I., Bernhardt, V., et al.: A network steganography lab on detecting TCP/IP covert channels. IEEE Trans. Educ. 59(3), 224–232 (2016)

    Article  Google Scholar 

  3. Shrestha, P.L, Hempel, M., Rezaei, F., et al.: Leveraging statistical feature points for generalized detection of covert timing channels. In: IEEE Military Communications Conference, pp. 7–11. IEEE Computer Society (2014)

    Google Scholar 

  4. Hélouët, L., Jard, C., Zeitoun, M.: Covert channels detection in protocols using scenarios. In: Proceedings of Spv’ Workshop on Security Protocols Verification (2003)

    Google Scholar 

  5. Rezaei, F., Hempel, M., Shrestha, P.L., et al.: Detecting covert timing channels using non-parametric statistical approaches. In: Wireless Communications and Mobile Computing Conference, pp. 102–107. IEEE (2015)

    Google Scholar 

  6. Zhang, L., Liu, G., Dai, Y.: Network packet length covert channel based on empirical distribution function. J. Netw. 9(6) (2014)

    Google Scholar 

  7. Cao, P., Liu, W., Liu, G., et al.: A wireless covert channel based on constellation shaping modulation. Secur. Commun. Netw. 1–15 (2018)

    Google Scholar 

  8. Cabuk, S., Brodley, C.E., Shields, C.: IP covert timing channels: design and detection. In: ACM Conference on Computer and Communications Security, CCS 2004, Washington, DC, USA, October, pp. 178–187. DBLP (2004)

    Google Scholar 

  9. Berk, V., Giani, A., Cybenko, G.: Detection of covert channel encoding in network packet delays. Rapport Technique Tr (2009)

    Google Scholar 

  10. Pang, P., Zhao, H., Bao, Z.: A probability-model-based approach to detect covert timing channel. In: IEEE International Conference on Information and Automation, pp. 1043–1047. IEEE (2015)

    Google Scholar 

  11. Shrestha, P.L., Hempel, M., Rezaei, F., et al.: A support vector machine-based framework for detection of covert timing channels. IEEE Trans. Dependable Secur. Comput. 13(2), 274–283 (2016)

    Article  Google Scholar 

  12. Gianvecchio, S., Wang, H.: An entropy-based approach to detecting covert timing channels. In: ACM Conference on Computer and Communications Security, Alexandria, Virginia, USA, pp. 307–316. DBLP, October 2011

    Google Scholar 

  13. Shah, G., Molina, A., Blaze, M.: Keyboards and covert channels. In: Conference on Usenix Security Symposium. USENIX Association (2009)

    Google Scholar 

  14. Lin, Y., Malik, S.U.R., et al.: Designing and modeling of covert channels in operating systems. IEEE Trans. Comput. 69(5), 224–232 (2015)

    Google Scholar 

  15. Bloch, M.R.: Covert communication over noisy channels: a resolvability perspective. IEEE Trans. Inf. Theor. 62(5), 2334–2354 (2016)

    Article  MathSciNet  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. State Key Laboratory of MEAC, No. 62 Science RD, Zhengzhou, 450001, China

    Guangxin Fu, Qingbao Li, Zhifeng Chen & Guangyu Zeng

  2. Dongguan Xinda Fusion Innovation Institute, No. 62 Science RD, Zhengzhou, 450001, China

    Juanjuan Gu

Authors
  1. Guangxin Fu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Qingbao Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Zhifeng Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Guangyu Zeng
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Juanjuan Gu
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Guangxin Fu .

Editor information

Editors and Affiliations

  1. Nanjing University of Information Science and Technology, Nanjing, China

    Xingming Sun

  2. Nanjing University of Information Science and Technology, Nanjing, China

    Zhaoqing Pan

  3. Department of Computer Science, Purdue University, West Lafayette, IN, USA

    Elisa Bertino

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Fu, G., Li, Q., Chen, Z., Zeng, G., Gu, J. (2018). Network Storage Covert Channel Detection Based on Data Joint Analysis. In: Sun, X., Pan, Z., Bertino, E. (eds) Cloud Computing and Security. ICCCS 2018. Lecture Notes in Computer Science(), vol 11066. Springer, Cham. https://doi.org/10.1007/978-3-030-00015-8_30

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-00015-8_30

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-00014-1

  • Online ISBN: 978-3-030-00015-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation