Automatic Detection of Covert Channels in Networks

Abstract

A covert channel is a mechanism that can be used to violate a security policy by allowing information to leak to an unauthorized process. Two types of covert channels exist; storage and timing channels. A storage channel involves the direct or indirect writing of a storage location by one process and the direct or indirect reading of the storage by another process. A timing channel involves a sender process that signals information to another by modulating its own use of systems resources in such a way that this manipulation affects the real response time observed by the second process. In this research, we focused on the analysis and detection of covert timing channels in the TCP/IP protocol suite.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
May 01, 2007
Accession Number
ADA469998

Entities

People

  • C. E. Brodley

Organizations

  • Tufts University

Tags

Communities of Interest

  • Materials and Manufacturing Processes

DTIC Thesaurus Topics

  • Accuracy
  • Air Force
  • Air Force Research Laboratories
  • Automatic
  • Cybersecurity
  • Data Sets
  • Detection
  • Government Procurement
  • Governments
  • Identification
  • Identification Systems
  • Information Operations
  • Intellectual Property
  • Intrusion Detection
  • Intrusion Detectors
  • Security
  • Step Functions

Readers

  • Computer Science/Computer Engineering/Data Science/Digital Signal Processing.
  • Cybersecurity.
  • Radio communications and signal processing.