Investigative Support for Information Confidentiality Part I: Detecting Confidential Information Leakage via Protocol-based Covert Channels
نویسندگان
چکیده
This is Part I in a two-part series discussing the development of investigative support for information confidentiality. In this paper, we propose a technique to detect confidential information leakage via protocol-based covert channels based on relation algebra. It provides tests to verify the existence of an information leakage via a monitored covert channel as well as computations which show how the information was leaked if a leakage exists. We also report on a prototype tool that allows for the automation of the proposed technique. Our focus is limited to protocol-based covert channels and instances where covert channel users modulate the sent information by some form of encoding such as encryption. c © 2014 The Authors. Published by Elsevier B.V. Peer-review under responsibility of the Program Chairs of FNC-2014.
منابع مشابه
Information Leakage via Protocol-Based Covert Channels: Detection, Automation, and Applications
With the emergence of computers in every day activities and with the ever-growing complexity of networks and network communication protocols, covert channels are becoming an eminent threat to the confidentiality of information. In light of this threat, we propose a technique to detect confidential information leakage via covert channels. Although several works examine covert channel detection a...
متن کاملDetection of Information leakage in cloud
Recent research shows that colluded malware in different VMs sharing physical host may use access latency of a resource as a covert channel to leak critical information. Covert channels employ time characteristics to transmit confidential information to attackers. In this manuscript we have made two important contributions and to the best of our knowledge they are novel. One is to propose a fra...
متن کاملC2Detector: a covert channel detection framework in cloud computing
Cloud computing is becoming increasingly popular because of the dynamic deployment of computing service. Another advantage of cloud is that data confidentiality is protected by the cloud provider with the virtualization technology. However, a covert channel can break the isolation of the virtualization platform and leak confidential information without letting it known by virtual machines. In t...
متن کاملMethods of IPD normalization to counteract IP timing covert channels
Covert channels are used for information transmission in a manner that is not intended for communication and is difficult to detect. We propose a technique to prevent the information leakage via IP covert timing channels by inter-packet delays normalization in the process of packets sending. Recommendations for using the counteraction methods and choosing parameters were given. The advantage of...
متن کاملDetection And Elimination Of Covert Communication In Transport And Internet Layer – A Survey
Covert channels use stealth communications to compromise the security policies of systems. They constitute an important security threat since they can be used to exfiltrate confidential data from networks. TCP/IP protocols are used everyday and are subject to covert channels problems. Covert channels are used for the secret transfer of information. Encryption only protects communication from be...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2014