Covert Channel Detection in the ICMP Payload Using Support Vector Machine
نویسندگان
چکیده
ICMP traffic is ubiquitous to almost TCP/IP based network. As such, many network devices consider ICMP traffic to be benign and will allow it to pass through, unmolested. So, attackers can generate arbitrary information tunneling in the payload of ICMP packets. To detect a ICMP covert channel, we used SVM which has excellent performance in pattern classification problems. Our experiments showed that the proposed method could detect the ICMP covert channel from normal ICMP traffic using SVM.
منابع مشابه
Malicious ICMP Tunneling: Defense against the Vulnerability
This paper presents a systematic solution to the problem of using ICMP tunneling for covert channel. ICMP is not multiplexed via port numbers and the data part of the ICMP packet provides considerable bandwidth for malicious covert channels. These factors make it an integral part of many malicious software like remote access and denial of service attack tools. These tools use ICMP to establish ...
متن کاملAn Effective Covert Timing Channels Detection: Support Vector Machine & Hyperbolic Hopfield Neural Network
A network covert channel is a mechanism that can be used to leak information across a network in violation of a security policy and in a manner that can be difficult to detect. Detecting and preventing covert channels is particularly important for multilevel security systems in which processes working with classified information may leak information to processes with a lower classification leve...
متن کاملP65: Speech Recognition Based on Bbrain Signals by the Quantum Support Vector Machine for Inflammatory Patient ALS
People communicate with each other by exchanging verbal and visual expressions. However, paralyzed patients with various neurological diseases such as amyotrophic lateral sclerosis and cerebral ischemia have difficulties in daily communications because they cannot control their body voluntarily. In this context, brain-computer interface (BCI) has been studied as a tool of communication for thes...
متن کاملRobot control system using SMR signals detection
One of the important issues in designing a brain-computer interface system is to select the type of mental activity to be imagined. In some of these systems, mental activity varies with user intent and action that must be controlled by the brain-computer system, and in a number of other signals, the received signals contain the same activity-related mental activity that should be performed by t...
متن کاملOutlier Detection for Support Vector Machine using Minimum Covariance Determinant Estimator
The purpose of this paper is to identify the effective points on the performance of one of the important algorithm of data mining namely support vector machine. The final classification decision has been made based on the small portion of data called support vectors. So, existence of the atypical observations in the aforementioned points, will result in deviation from the correct decision. Thus...
متن کامل