Search engine for discovering works of Art, research articles, and books related to Art and Culture
Javascript must be enabled to continue!
Evaluation of the timing covert channel capacity considering packet transfer time distribution
View through CrossRef
Lampson was the first to introduce a covert channel as a channel that was not designed for information transmission. The problem of information leakage via network covert channels has a large scale due to the facts that IP protocol is widely used and has a lot of features to use it for hidden information transmission. Usually covert channels are divided into two groups by transmission technic: storage and timing covert channels. In the paper authors provide brief survey for network timing and storage covert channels as well as methods of information leakage counteraction. According to best practices, information systems and infrastructure have an information security policy with the requirements about allowable level of covert channel capacity. However, to take a decision about any method activation it is important not to allow underestimation of covert channel capacity. For the effective prevention of information leakage via network covert channels authors suggest a way to assess timing covert channel capacity. Two binary timing channels have been investigated: on/off and channel based on inter packet intervals modulation. In on/off covert channel the sender sends a packet during a preliminarily agreed time interval to transmit the bit «1» and does not send to transmit the bit «0». In a covert channel based on inter packet intervals modulation the sender sends packets with different time intervals defining different bits. The scientific novelty consists in taking into account network load conditions while assessing maximum amount of information that can be stealthily transmitted from secure infrastructure to an illegitimate receiver beyond secure perimeter. Authors investigated cases when packet transfer time from the sender to the receiver in the network (PTT) is defined by normal and exponential distribution – the most common distribution according to current research. Covert channel capacity is evaluated as a function of covert channel parameters and parameters of the PTT distribution (DPTT). Conducted research shows that in case when secure officer does not take into account typical load for the network and DPTT type maximum covert channel capacity will most likely be underestimated. If allowable level of covert channel capacity is set up, obtained results allow to take right decision about activation of countermeasures to prevent information leakage.
Publishing house "Radiotekhnika"
Title: Evaluation of the timing covert channel capacity considering packet transfer time distribution
Description:
Lampson was the first to introduce a covert channel as a channel that was not designed for information transmission.
The problem of information leakage via network covert channels has a large scale due to the facts that IP protocol is widely used and has a lot of features to use it for hidden information transmission.
Usually covert channels are divided into two groups by transmission technic: storage and timing covert channels.
In the paper authors provide brief survey for network timing and storage covert channels as well as methods of information leakage counteraction.
According to best practices, information systems and infrastructure have an information security policy with the requirements about allowable level of covert channel capacity.
However, to take a decision about any method activation it is important not to allow underestimation of covert channel capacity.
For the effective prevention of information leakage via network covert channels authors suggest a way to assess timing covert channel capacity.
Two binary timing channels have been investigated: on/off and channel based on inter packet intervals modulation.
In on/off covert channel the sender sends a packet during a preliminarily agreed time interval to transmit the bit «1» and does not send to transmit the bit «0».
In a covert channel based on inter packet intervals modulation the sender sends packets with different time intervals defining different bits.
The scientific novelty consists in taking into account network load conditions while assessing maximum amount of information that can be stealthily transmitted from secure infrastructure to an illegitimate receiver beyond secure perimeter.
Authors investigated cases when packet transfer time from the sender to the receiver in the network (PTT) is defined by normal and exponential distribution – the most common distribution according to current research.
Covert channel capacity is evaluated as a function of covert channel parameters and parameters of the PTT distribution (DPTT).
Conducted research shows that in case when secure officer does not take into account typical load for the network and DPTT type maximum covert channel capacity will most likely be underestimated.
If allowable level of covert channel capacity is set up, obtained results allow to take right decision about activation of countermeasures to prevent information leakage.
Related Results
En skvatmølle i Ljørring
En skvatmølle i Ljørring
A Horizontal Mill at Ljørring, Jutland.Horizontal water-mills have been in use in Jutland since the beginning of the Christian era 2). But the one here described shows so close a c...
A Covert Timing Channels Data Encryption Sceme In Cloud Simulation
A Covert Timing Channels Data Encryption Sceme In Cloud Simulation
Covert Timing Channels (CTC) have become an impending network security problem as the sophistication and use of data exfiltration carried out by cyber-attacks has increased. Inter-...
Network Covert Channels
Network Covert Channels
With the rapid advancement of communication and computer network technologies, covert channels are now more secure, quicker to set up, harder to detect, and easier to design than e...
Cortisol and Oxytocin Could Predict Covert Aggression in Some Psychotic Patients
Cortisol and Oxytocin Could Predict Covert Aggression in Some Psychotic Patients
Background: The covert or indirect type of aggression has a risk of converting in violent acts and, considering that, it is very important to identify it in order to apply effectiv...
An ensemble model to detect packet length covert channels
An ensemble model to detect packet length covert channels
<span lang="EN-US">Covert channel techniques have enriched the way to commit dangerous and unwatched attacks. They exploit ways that are not intended to convey information; t...
Wave packet dynamics of the photodetachment ofH- near a metal surface
Wave packet dynamics of the photodetachment ofH- near a metal surface
The wave packet dynamics of the photodetachment of H- near metal surface is studied by using the wave packet evolution and the autocorrelation function. The results show that the e...
Recovery of loss of packet in network using constant packet reordering
Recovery of loss of packet in network using constant packet reordering
When the packet is reordered the most standard implementation of the Transmission control protocol (TCP) gives poor performance. This paper proposes a new version of the TCP which ...
Covert Channel Communication as an Emerging Security Threat in 2.5D/3D Integrated Systems
Covert Channel Communication as an Emerging Security Threat in 2.5D/3D Integrated Systems
In this paper, first, a broad overview of existing covert channel communication-based security attacks is provided. Such covert channels establish a communication link between two ...