{"title":"基于最小长度分布的名称引用的间接DNS隐蔽通道","authors":"S. N. Omar, I. Ahmedy, M. Ngadi","doi":"10.1109/ICIMU.2011.6122768","DOIUrl":null,"url":null,"abstract":"Covert Channels is the methods to conceal a message in network communications. Until now, covert channels based on packet length produce abnormal packet length when the size of the packets' length is minima. Standard DNS request has minima range in length, which is could not support by previous packet length covert channels. Abnormal packet length, especially in normal DNS requests will expose the covert channels to network security perimeter. Therefore, it motivated the study to propose a method based on reference matrix to hide the secret message in DNS request. Standard DNS requests' packet was collected from campus network. The proposed and the previous packet length covert channels were compared to standard DNS requests. The comparisons were done through percentages and frequency range of length and statistical T-test. The results show that, there is no significant different between the packet lengths of standard DNS request and propose covert, which outperform the previous packet length covert channels.","PeriodicalId":102808,"journal":{"name":"ICIMU 2011 : Proceedings of the 5th international Conference on Information Technology & Multimedia","volume":"59 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2011-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Indirect DNS covert channel based on name reference for minima length distribution\",\"authors\":\"S. N. Omar, I. Ahmedy, M. Ngadi\",\"doi\":\"10.1109/ICIMU.2011.6122768\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Covert Channels is the methods to conceal a message in network communications. Until now, covert channels based on packet length produce abnormal packet length when the size of the packets' length is minima. Standard DNS request has minima range in length, which is could not support by previous packet length covert channels. Abnormal packet length, especially in normal DNS requests will expose the covert channels to network security perimeter. Therefore, it motivated the study to propose a method based on reference matrix to hide the secret message in DNS request. Standard DNS requests' packet was collected from campus network. The proposed and the previous packet length covert channels were compared to standard DNS requests. The comparisons were done through percentages and frequency range of length and statistical T-test. The results show that, there is no significant different between the packet lengths of standard DNS request and propose covert, which outperform the previous packet length covert channels.\",\"PeriodicalId\":102808,\"journal\":{\"name\":\"ICIMU 2011 : Proceedings of the 5th international Conference on Information Technology & Multimedia\",\"volume\":\"59 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2011-11-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"ICIMU 2011 : Proceedings of the 5th international Conference on Information Technology & Multimedia\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICIMU.2011.6122768\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"ICIMU 2011 : Proceedings of the 5th international Conference on Information Technology & Multimedia","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICIMU.2011.6122768","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Indirect DNS covert channel based on name reference for minima length distribution
Covert Channels is the methods to conceal a message in network communications. Until now, covert channels based on packet length produce abnormal packet length when the size of the packets' length is minima. Standard DNS request has minima range in length, which is could not support by previous packet length covert channels. Abnormal packet length, especially in normal DNS requests will expose the covert channels to network security perimeter. Therefore, it motivated the study to propose a method based on reference matrix to hide the secret message in DNS request. Standard DNS requests' packet was collected from campus network. The proposed and the previous packet length covert channels were compared to standard DNS requests. The comparisons were done through percentages and frequency range of length and statistical T-test. The results show that, there is no significant different between the packet lengths of standard DNS request and propose covert, which outperform the previous packet length covert channels.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
