Summary-Invisible Networking: Techniques and Defenses
نویسندگان
چکیده
Numerous network anomaly detection techniques utilize traffic summaries (e.g., NetFlow records) to detect and diagnose attacks. In this paper we investigate the limits of such approaches, by introducing a technique by which compromised hosts can communicate without altering the behavior of the network as evidenced in summary records of many common types. Our technique builds on two key observations. First, network anomaly detection based on payload-oblivious traffic summaries admits a new type of covert embedding in which compromised nodes embed content in the space vacated by compressing the payloads of packets already in transit between them. Second, point-to-point covert channels can serve as a “data link layer” over which routing protocols can be run, enabling more functional covert networking than previously explored. We investigate the combination of these ideas, which we term Summary-Invisible Networking (SIN), to determine both the covert networking capacities that an attacker can realize in various tasks and the possibilities for defenders to detect these activities.
منابع مشابه
Query Focused Summary Generation System using Unique Discourse Structure
In this paper, the authors propose a query focussed summary generation system which is constructed on top of a unique language-independent discourse structure. The discourse structure is comprised of three text representation techniques, namely, Universal Networking Language (UNL), Rhetorical Structure Theory (RST) and saṅgatis. The discourse structure is indexed based on a concept called sūtra...
متن کاملDOS Attacks and Defenses at the Network Layer in AD-HOC and Sensor Wireless Networks, Wireless AD-HOC Sensor Networks: A Short Survey
Adhoc and sensor wireless networks are challenging and promising field for researchers. These networkingtechnology are not only significant on science and engineering but important on a broad range of applications such as critical infrastructure protection and security, disaster relief operations, biodiversity mapping, medicine and healthcare etc. Wireless Sensor Network applications require Wi...
متن کاملInvisible Phenomena in the Overall Personality of Man, in the Interpretive Study of the Verses 38 and 39 of Haqqah
There is a visible and invisible element in all creatures. There are also realities in human beings, some of which are visible and most of which are invisible. The preference of the invisible is not limitted only to quantities but includes qualitaties also. This division is inspired by the verses 38 and 39 of Haqqah: Most commentators of the Holy Qur'an believe that the external instances of th...
متن کاملDetecting Invisible Relevant Persons in a Homogeneous Social Network
An algorithm to detect invisible relevant persons in a homogeneous social network is studied with computer simulation. The network is effective as a model for contemporary inter-working terrorists where large hub persons do not exist. Absense of large hub persons results in that the observed communication flow is also homogeneous. Clues regarding invisible relevant persons are hardly found in c...
متن کاملImprove Invisible Ink Production by the Europium Complexes
The invisible inks have many applications, including the use of banknote printing, code load, securitydocuments and much of its application in the exchange of security information. Photoluminescenceproperties of lanthanide compounds that attracted the attention of many scholars in recent decades are one ofthe important factors in drying and fluidity of the ink. The solvent eva...
متن کامل