Covert Channel Detection: Machine Learning Approaches
نویسندگان
چکیده
The advanced development of computer networks and communication technologies has made covert communications easier to construct, faster, undetectable more secure than ever. A channel is a path through which secret messages can be leaked by violating system security policy. detection such dangerous, unwatchable, hidden threats still one the most challenging aspects. This threat exploits methods that are not dedicated purposes, meaning traditional measures fail detect its existence. review introduced brief introduction definitions, types developments, with particular focus on techniques using machine learning (ML) approaches. It provides thorough common channels ML used counter them, as well addressing their achievements limitations. In addition, this paper introduces comparative experimental study for some approaches commonly in field. Accordingly, performance these classifiers was evaluated reported. concludes our information at risk, nothing said secured work required.
منابع مشابه
Machine Learning Approaches to Network Anomaly Detection
Networks of various kinds often experience anomalous behaviour. Examples include attacks or large data transfers in IP networks, presence of intruders in distributed video surveillance systems, and an automobile accident or an untimely congestion in a road network. Machine learning techniques enable the development of anomaly detection algorithms that are non-parametric, adaptive to changes in ...
متن کاملCovert Channel Detection Using Process Query Systems
In this paper we use traffic analysis to investigate a stealthy form of data exfiltration. We present an approach to detect covert channels based on a Process Query System (PQS), a new type of information retrieval technology in which queries are expressed as process descriptions.
متن کاملCovert channel detection using Information Theory
This paper presents an information theory based detection framework for covert channels. We first show that the usual notion of interference does not characterize the notion of deliberate information flow of covert channels. We then show that even an enhanced notion of “iterated multivalued interference” can not capture flows with capacity lower than one bit of information per channel use. We t...
متن کاملCovert Channel Detection in the ICMP Payload Using Support Vector Machine
ICMP traffic is ubiquitous to almost TCP/IP based network. As such, many network devices consider ICMP traffic to be benign and will allow it to pass through, unmolested. So, attackers can generate arbitrary information tunneling in the payload of ICMP packets. To detect a ICMP covert channel, we used SVM which has excellent performance in pattern classification problems. Our experiments showed...
متن کاملApproaches to machine learning
The field of machine learning strives to develop methods and techniques to automate the acquisition of new information, new skills, and new ways of organizing existing information. In this article, we review the major approaches to machine learning in symbolic domains, covering the tasks of learning concepts from examples, learning search methods, conceptual clustering, and language acquisition...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: IEEE Access
سال: 2022
ISSN: ['2169-3536']
DOI: https://doi.org/10.1109/access.2022.3164392