An ensemble model to detect packet length covert channels

Q2 Computer Science

International Journal of Electrical and Computer Engineering Pub Date : 2023-10-01 DOI:10.11591/ijece.v13i5.pp5296-5304

Muawia A. Elsadig, A. Gafar

{"title":"An ensemble model to detect packet length covert channels","authors":"Muawia A. Elsadig, A. Gafar","doi":"10.11591/ijece.v13i5.pp5296-5304","DOIUrl":null,"url":null,"abstract":"Covert channel techniques have enriched the way to commit dangerous and unwatched attacks. They exploit ways that are not intended to convey information; therefore, traditional security measures cannot detect them. One class of covert channels that difficult to detect, mitigate, or eliminate is packet length covert channels. This class of covert channels takes advantage of packet length variations to convey covert information. Numerous research articles reflect the useful use of machine learning (ML) classification approaches to discover covert channels. Therefore, this study presented an efficient ensemble classification model to detect such types of attacks. The ensemble model consists of five machine learning algorithms representing the base classifiers. The base classifiers include naive Bayes (NB), decision tree (DT), support vector machine (SVM), k-nearest neighbor (KNN), and random forest (RF). Whereas, the logistic regression (LR) classifier was employed to aggregate the outputs of the base classifiers and thus to generate the ensemble classifier output. The results showed a good performance of our proposed ensemble classifier. It beats all single classification algorithms, with a 99.3% accuracy rate and negligible classification errors.","PeriodicalId":38060,"journal":{"name":"International Journal of Electrical and Computer Engineering","volume":" ","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2023-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Electrical and Computer Engineering","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.11591/ijece.v13i5.pp5296-5304","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"Computer Science","Score":null,"Total":0}

引用次数: 0

Abstract

Covert channel techniques have enriched the way to commit dangerous and unwatched attacks. They exploit ways that are not intended to convey information; therefore, traditional security measures cannot detect them. One class of covert channels that difficult to detect, mitigate, or eliminate is packet length covert channels. This class of covert channels takes advantage of packet length variations to convey covert information. Numerous research articles reflect the useful use of machine learning (ML) classification approaches to discover covert channels. Therefore, this study presented an efficient ensemble classification model to detect such types of attacks. The ensemble model consists of five machine learning algorithms representing the base classifiers. The base classifiers include naive Bayes (NB), decision tree (DT), support vector machine (SVM), k-nearest neighbor (KNN), and random forest (RF). Whereas, the logistic regression (LR) classifier was employed to aggregate the outputs of the base classifiers and thus to generate the ensemble classifier output. The results showed a good performance of our proposed ensemble classifier. It beats all single classification algorithms, with a 99.3% accuracy rate and negligible classification errors.

查看原文本刊更多论文

一个用于检测包长度隐蔽通道的集成模型

秘密通道技术丰富了实施危险和无人值守攻击的方式。他们利用并非旨在传达信息的方式；因此，传统的安全措施无法检测到它们。一类难以检测、减轻或消除的隐蔽信道是分组长度的隐蔽信道。这类隐蔽信道利用分组长度变化来传递隐蔽信息。大量研究文章反映了机器学习（ML）分类方法在发现隐蔽通道方面的有用用途。因此，本研究提出了一种有效的集合分类模型来检测这类攻击。集成模型由五个表示基本分类器的机器学习算法组成。基本分类器包括朴素贝叶斯（NB）、决策树（DT）、支持向量机（SVM）、k近邻（KNN）和随机森林（RF）。而采用逻辑回归（LR）分类器来聚合基本分类器的输出，从而生成集成分类器输出。结果表明，我们提出的集成分类器具有良好的性能。它击败了所有单一的分类算法，准确率为99.3%，分类误差可以忽略不计。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

International Journal of Electrical and Computer Engineering Computer Science-Computer Science (all)

CiteScore

4.10

自引率

0.00%

发文量

177

期刊介绍： International Journal of Electrical and Computer Engineering (IJECE) is the official publication of the Institute of Advanced Engineering and Science (IAES). The journal is open to submission from scholars and experts in the wide areas of electrical, electronics, instrumentation, control, telecommunication and computer engineering from the global world. The journal publishes original papers in the field of electrical, computer and informatics engineering which covers, but not limited to, the following scope: -Electronics: Electronic Materials, Microelectronic System, Design and Implementation of Application Specific Integrated Circuits (ASIC), VLSI Design, System-on-a-Chip (SoC) and Electronic Instrumentation Using CAD Tools, digital signal & data Processing, , Biomedical Transducers and instrumentation, Medical Imaging Equipment and Techniques, Biomedical Imaging and Image Processing, Biomechanics and Rehabilitation Engineering, Biomaterials and Drug Delivery Systems; -Electrical: Electrical Engineering Materials, Electric Power Generation, Transmission and Distribution, Power Electronics, Power Quality, Power Economic, FACTS, Renewable Energy, Electric Traction, Electromagnetic Compatibility, High Voltage Insulation Technologies, High Voltage Apparatuses, Lightning Detection and Protection, Power System Analysis, SCADA, Electrical Measurements; -Telecommunication: Modulation and Signal Processing for Telecommunication, Information Theory and Coding, Antenna and Wave Propagation, Wireless and Mobile Communications, Radio Communication, Communication Electronics and Microwave, Radar Imaging, Distributed Platform, Communication Network and Systems, Telematics Services and Security Network; -Control[...] -Computer and Informatics[...]