时间划分式网络隐蔽信道的设计与实现被引量：5

Design and implementation of covert channel based on time segmentation

下载PDF

导出

摘要网络隐蔽信道是一种特殊的网络通信机制,它以正常信道为载体,能够无视系统安全策略的设置,在不同的安全实体之间传输敏感数据。由于网络隐蔽信道检测难度大,它通常被恶意攻击者视为一种理想的数据窃取手段。但是,网络隐蔽信道很容易受到网络状况变化的影响,使得信道的解码出现错误,甚至使信道无法正常工作。提出一种对网络状况变化具有较强自适应能力的、基于时间划分的网络时间式隐蔽信道,它将隐蔽信息调制在单个网络包的时间信息之中,并以正常信道的数据包作为伪装,能在收发双方之间以较高的可靠性传输数据。实验结果显示所提出的隐蔽信道能够高效地在各种网络环境下传输隐蔽信息,并且能保持较高的传输正确率。 Network covert channel is one of the special network communication channels,it uses legitimate channels as its carrier,and can transfer information between different security entities in such a way that violates system security settings. Because of the difficulty in detecting their existence,network covert channels are thought to be an ideal way to steal information by most adverse attackers. But they are vulnerable to network jitters,which causes decoding error,and sometimes hinders them from working properly. This paper proposed a time-segmentation based covert channel that had strong adaption to network＇s ever changing conditions. It encoded covert information into a single packet＇s timing information,and used legitimate traffic as cover and transfers information between senders and receivers reliably. Experiments show that the proposed channel can transfer information efficiently in various conditions of different network environment,and can achieve high correct rate.

作者陆维迪兰少华田金川刘伟

机构地区南京理工大学计算机科学与工程学院

出处《计算机应用研究》 CSCD 北大核心 2014年第8期2502-2505,共4页 Application Research of Computers

基金国家自然科学基金资助项目(61170035)

关键词隐蔽信道网络安全信息窃取 covert channel network security information leakage

分类号 TP393.08 [自动化与计算机技术—计算机应用技术]

引文网络
相关文献

参考文献11

1CABUK S, BRODLEY C E, SHIELDS C. IP covert timing channels: design and detection [ C ]//Proc of the llth ACM Conference on Computer and Communications Security. New York: ACM Press, 2004 : 178-187. 被引量：1
2王永吉,吴敬征,曾海涛,丁丽萍,廖晓锋.隐蔽信道研究[J].软件学报,2010,21(9):2262-2288. 被引量：48
3FISK G, FISK M, PAPADOPOULOS C, et al. Eliminating steganogra- phy in Internet traffic with active wardens[ C ]//Proc of the 5th Inter- national Workshop on Information Hiding. London: Springer-Verlag, 2003:18-35. 被引量：1
4U. S. Department of Defense. DoD 5200.28-STD, trusted computer system evaluation criteria[ S]. 1985. 被引量：1
5BENHAM A, READ H, SUTHERLAND I. Network attack analysis and the behaviour engine[ C ]//Proc of the 27th IEEE International Con- ference on Advanced Information Networking and Applications. [ S. 1. ] : IEEE Press,2013 : 106-113. 被引量：1
6SHAH G, MOLINA A, BLAZE M. Keyboards and covert channels [ C]//Proc of the 15th Conference on USENIX Security Symposium. Berkeley : USENIX ,2006:5. 被引量：1
7GIANVECCHIO S, WANG H, WIJESEKERA D, et al. Model-based covert timing channels : automated modeling and evasion [ C ]//Proc of the 11th International Symposium on Recent Advances in Intrusion Detection. Berlin : Springer-Verlag ,2008:211-230. 被引量：1
8DONG Ping,QIAN Huan-yan,LU Zhong-jun,et al. A network covert channel based on packet classification [ J]. International Journal of Network Security ,2012,14 ( 2 ) : 109-116. 被引量：1
9PENG Pal, NING Peng, REEVES D S. On the secrecy of timing-based active watermarking trace-back techniques [ C ]//Proc of IEEE Sym- posium on Security and Privacy. [ S. 1. ] :IEEE Press,2006:349. 被引量：1
10GIANVECCHIO S, WANG H. Detecting covert timing channels: an entropy-based approach[ C]//Proc of the 14th ACM Conference on Computer and Communications Security. New York: ACM Press, 2007:307-316. 被引量：1