Network Packet Length Covert Channel Based on Empirical Distribution Function
نویسندگان
چکیده
Network packet length covert channel modulates secret message bits onto the packet lengths to transmit secret messages. In this paper, a novel network packet length covert channel is proposed. The proposed scheme is based on the empirical distribution function of packet length series of legitimate traffic. Different from the existing schemes, the lengths of packets which are generated by the covert sender follow the distribution of normal traffic more closely in our scheme. To validate the security of the proposed scheme, the state-of-the-art packet length covert channel detection algorithm is adopted. The experimental results show that the packet length covert channel provides a significant performance improvement in detection resistance meanings.
منابع مشابه
New High Secure Network Steganography Method Based on Packet Length
In network steganography methods based on packet length, the length of the packets is used as a carrier for exchanging secret messages. Existing methods in this area are vulnerable against detections due to abnormal network traffic behaviors. The main goal of this paper is to propose a method which has great resistance to network traffic detections. In the first proposed method, the sender embe...
متن کاملIndirect DNS Covert Channel based on Base 16 Matrix for Stealth Short Message Transfer
Covert Channel are the methods to conceal a message in the volatile medium carrier such as radio signal and network packets. Until now, covert channels based on the packet length produce abnormal packet length when the length of the message is long. Abnormal packet length, especially in the normal network will expose the covert channels to network security perimeter. Therefore, it motivates the...
متن کاملطراحی و ارزیابی روش کدگذاری ترکیبی برای کانال پوششی زمانبندیدار در شبکه اینترنت
Covert channel means communicating information through covering of overt and authorized channel in a manner that existence of channel to be hidden. In network covert timing channels that use timing features of transmission packets to modulating covert information, the appropriate encoding schema is very important. In this paper, a hybrid encoding schema proposed through combining "the inter-pac...
متن کاملA Detection Method for Cloak Covert Channel Based on Distribution of TCP Burst Size
Cloak is a new class of network covert timing channel relied on multilink with high reliability and enhanced data rate. The existing detection schemes are less effective to detect this kind of covert channel. In this paper, the detection method for Cloak covert channel based on burst size distribution is proposed. The statistical distribution of burst size is calculated and Chi-Squared test is ...
متن کاملA Network Covert Channel Based on Packet Classification
A network covert channel violates security rules and leaks information imperceptibly. Many researchers have been studying how to construct it, and the basic methods involve exploiting packets head, packets sorting and packets timing, etc. To construct a more secret covert channel, this paper proposes a novel approach based on packet classification. With this method, covert information is encode...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- JNW
دوره 9 شماره
صفحات -
تاریخ انتشار 2014