Abstract
The peculiarities of the batch data transmission networks make it possible to use covert channels, which survive under standard protective measures, to perform data leaks. However, storage covert channels can be annihilated by means of limiting the flow capacity, or by use of encryption. The measures against storage covert channels cannot be implemented against timing covert channels (TCCs), otherwise their usage has to be conditioned by certain factors. For instance, while packet encryption an intruder still possesses the ability to covertly transfer the data. At the same time, normalization of inter-packet delays (IPDs) influences the flow capacity in a greater degree than sending fixed-length packets does. Detection can be called an alternative countermeasure. At the present time, detection methods based on artificial intelligence have been widespreadly used, however the possibility to implement these methods under conditions of a covert channel parametrization has not been investigated. In the current work, we study the possibility to implement artificial intelligence for detecting TCCs under conditions of varying covert channel characteristics: flow capacity and encoding scheme. The detection method is based on machine learning algorithms that solve the problem of binary classification.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Lampson B (1973) A Note on the confinement problem. Commun ACM 16(10):613–615
Shrestha PL, Hempel M, Rezaei F, Sharif H (2016) A support vector machine-based framework for detection of covert timing channels. IEEE Trans Dependable Secur Comput 13(2):274–283
Shrestha PL, Hempel M, Rezaei F, Sharif H (2014) Leveraging statistical feature points for generalized detection of covert channels. In: IEEE military communications conference. IEEE, USA, pp 7–11
Archibald R, Ghosal D (2014) A comparative analysis of detection metrics for covert timing channels. Comput Secur 45:284–292
Mou S, Zhao Z, Jiang S, Wu Z, Zhu J (2012) Feature extraction and classification algorithm for detecting complex covert timing channel. Comput Secur 31(1):70–82
Zander S, Armitage G, Branch P (2011) Stealthier inter packet timing covert channels. In: Domingo-Pascual J, Manzoni P, Palazzo S, Pont A, Scoglio C (eds) Networking 2011. LNCS, vol 6640. Springer, Heidelberg, pp 458–470
Berk V, Giani A, Cybenko G (2005) Detection of covert channel encoding in network packet delays. Technical report TR2005-536, Dartmouth College
Ratatype. https://www.ratatype.com/learn/average-typing-speed/. Accessed 10 Feb 2019
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Yazykova, A., Finoshin, M., Kogos, K. (2020). Artificial Intelligence to Detect Timing Covert Channels. In: Samsonovich, A. (eds) Biologically Inspired Cognitive Architectures 2019. BICA 2019. Advances in Intelligent Systems and Computing, vol 948. Springer, Cham. https://doi.org/10.1007/978-3-030-25719-4_79
Download citation
DOI: https://doi.org/10.1007/978-3-030-25719-4_79
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-25718-7
Online ISBN: 978-3-030-25719-4
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)