{"title":"基于TCP序列号的隐蔽信道的主动监测器","authors":"Dr. Dhananjay M Dakhane, P. Deshmukh","doi":"10.1109/PERVASIVE.2015.7087183","DOIUrl":null,"url":null,"abstract":"Network covert channel generally use for leak the information by violating the security policies. It allows the attacker to send as well as receive secret information without being detected by the network administrator or warden in the network. There are several ways to implement such covert channels; Storage covert channel and Timing covert channel. However there is always some possibility of these covert channels being identified depending on their behaviour. In this paper, we propose, an active warden, which normalizes incoming and outgoing network traffic for eliminating all possible storage based covert channels. It is specially design for TCP sequence number because this field is a maximum capacity vehicle for storage based covert channel. Our experimental result shows that propose active warden model eliminates covert communication up to 99%, while overt communication is as intact.","PeriodicalId":442000,"journal":{"name":"2015 International Conference on Pervasive Computing (ICPC)","volume":"5 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-04-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"12","resultStr":"{\"title\":\"Active warden for TCP sequence number base covert channel\",\"authors\":\"Dr. Dhananjay M Dakhane, P. Deshmukh\",\"doi\":\"10.1109/PERVASIVE.2015.7087183\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Network covert channel generally use for leak the information by violating the security policies. It allows the attacker to send as well as receive secret information without being detected by the network administrator or warden in the network. There are several ways to implement such covert channels; Storage covert channel and Timing covert channel. However there is always some possibility of these covert channels being identified depending on their behaviour. In this paper, we propose, an active warden, which normalizes incoming and outgoing network traffic for eliminating all possible storage based covert channels. It is specially design for TCP sequence number because this field is a maximum capacity vehicle for storage based covert channel. Our experimental result shows that propose active warden model eliminates covert communication up to 99%, while overt communication is as intact.\",\"PeriodicalId\":442000,\"journal\":{\"name\":\"2015 International Conference on Pervasive Computing (ICPC)\",\"volume\":\"5 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2015-04-16\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"12\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2015 International Conference on Pervasive Computing (ICPC)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/PERVASIVE.2015.7087183\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2015 International Conference on Pervasive Computing (ICPC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/PERVASIVE.2015.7087183","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Active warden for TCP sequence number base covert channel
Network covert channel generally use for leak the information by violating the security policies. It allows the attacker to send as well as receive secret information without being detected by the network administrator or warden in the network. There are several ways to implement such covert channels; Storage covert channel and Timing covert channel. However there is always some possibility of these covert channels being identified depending on their behaviour. In this paper, we propose, an active warden, which normalizes incoming and outgoing network traffic for eliminating all possible storage based covert channels. It is specially design for TCP sequence number because this field is a maximum capacity vehicle for storage based covert channel. Our experimental result shows that propose active warden model eliminates covert communication up to 99%, while overt communication is as intact.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
