Advertisement

Connecting Entropy-Based Detection Methods and Entropy to Detect Covert Timing Channels

  • Bukke Devendra Naik
  • Sarath Chandra Boddukolu
  • Pothula Sujatha
  • P. Dhavachelvan
Conference paper
Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 176)

Abstract

In this paper an entropy-based approach for detecting the covert timing channels is proposed. The detection of covert timing channels is the challenging task over the internet. Ordinary things such as existence of a file or time used for computation, have been the medium through which covert channel communicates. Covert timing channels are not easy to detect because these media are so numerous and frequently used. Different approaches are implemented to detect various covert timing channels. Existing techniques are efficient but have to adopt more than one approach. Applying more than one approach to detect the covert timing channels is the risk process. In this paper, only one approach is used by this efficiency is improved while applying this proposed technique improvements to be made for proposed entropy and corrected conditional entropy in detecting covert timing channels. An entropy-based approach is sensitive to the current covert timing channels.

Keywords

covert timing channel network security detection tests overt channel 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Cabuk, S.: Network Covert Channels: Design, Analysis, Detection and Elimination. Purdue Uni. (December 2006)Google Scholar
  2. 2.
    Cabuk, S., Brodley, C., Shields, C.: IP Covert Timing Channels: Design and Detection. In: Proc. ACM Conf. Computer and Common. Security (October 2004)Google Scholar
  3. 3.
    Shah, G.: Keyboards and Covert Channels. In: Proc. USENIX Security Symp. (July/August 2006)Google Scholar
  4. 4.
    Cloak: A Ten-Fold Way for Reliable Covert Communication. In: Luo, X. (ed.) Proc. European Symp. Research in Computer Security (September 2007)Google Scholar
  5. 5.
    Porta, Baselli, Liberati: Measuring Regularity by Means of a Corrected Conditional Entropy in Sympathetic Outflow. Biological Cybernetics (January 1998)Google Scholar
  6. 6.
    Arimoto, S.: An Algorithm for Computing the capacity of Arbitrary Discrete Memory less Channels. Proc. IEEE Trans. Information Theory (January 1972)Google Scholar
  7. 7.
    Blahut, R.E.: Computation of Channel Capacity and Rate-Distortion Functions. IEEE Trans. Information Theory (July 1972)Google Scholar
  8. 8.
    Luo, X., Chan, E.W.W., Chang, R.K.C.: TCP Covert Timing Channels: Design and Detection. In: Proc. IEEE Int’l Conf. Dependable Systems and Networks (June 2008)Google Scholar
  9. 9.
    Henry, P.A.: Covert channels provided hackers the opportunity and the means for the current distributed denial of service attacks. Technical report (2000)Google Scholar
  10. 10.
    Wang, X., Chen, S., Jajodia, S.: Tracking Anonymous Peer-to-Peer VoIP Calls on the Internet. In: Proc. ACM Conf. Computer and Comm. Security (November 2005)Google Scholar
  11. 11.
    Peng, P., Ning, P., Reeves, D.: On the Secrecy of Timing-Based Active Watermarking Trace-Back Techniques. In: Proc. IEEE Symp. Security and Privacy (May 2006)Google Scholar
  12. 12.
    Moddemeijer, R.: On Estimation of Entropy and Mutual Information of Continuous Distributions. Signal Processing (1989)Google Scholar
  13. 13.
    Huskamp, J.C.: Covert communication channels in timesharing systems, Ph.D. thesis. Univ. of Califomia, Berkeley, CA (1978); also tech. rep. UCB-CS-78-02 and Electron. Res. Lab. Memo. No. ERLM78/ 37Google Scholar
  14. 14.
    Ogurtsov, N., Orman, H., Schroeppel, R., O’Malley, S., Spatscheck, O.: Experimental Results of Covert Channel Limitation in One-way Communication Systems. Department of Computer Science University of Arizona Tucson, AZ 85721, nicko,ho,rcs,sean,spatsch @cs.arizona.eduGoogle Scholar
  15. 15.
    Ogurtsov, N., Orman, H., Schroeppel, R., O’Malley, S., Spatscheck, O.: Experimental Results of Covert Channel Limitation in One-way Communication Systems Department of Computer Science University of Arizona Tucson, AZ 85721 nicko,ho,rcs,sean,spatsch @cs.arizona.eduGoogle Scholar
  16. 16.
    A guide to understand covert channels analysis of trusted systems. Virgil Gligor. Technical Report NCSC_TG_030, National Computer Security Center, Ft. George G.Meade, Maryland, U.S.A (November 1993)Google Scholar
  17. 17.
    Shah, G.: Keywords and Covert Channels. Andres Molina and Matt blaze. University of PennsylvaniaGoogle Scholar
  18. 18.
    Gianvechio, S., Wang, H.: An Entropy-Based Approach to Detect Covert Timing Channels. IEEE Trans. Dependable and Secure Computing 8(6) (November 2011)Google Scholar
  19. 19.
    Berk, V., Giani, A., Cybenko, G.: Detection of Covert Channel Encoding in Network Packet Delays. Dept. of Comp. Sci. (November 2005)Google Scholar
  20. 20.
    Liua, Y., Ghosal, D., Katzenbeisser, S.: Hide and Seek in Time- Robust Covert Timing Channels. Dept. of Electrical and Comp. Sci., University of California, Davis, USAGoogle Scholar
  21. 21.
    Padlipsky, M., Snow, D., Karger, P.: Limitations of end-to-end encryption in secure computer networks. Tech. Rep. ESD TR-78-158, Mitre Corporation (1978)Google Scholar
  22. 22.
    Lampson, B.W.: A note on the confinement problem. Proc. of the Communications of the ACM (16), 10 (1973)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Bukke Devendra Naik
    • 1
  • Sarath Chandra Boddukolu
    • 1
  • Pothula Sujatha
    • 1
  • P. Dhavachelvan
    • 1
  1. 1.Department of Computer SciencePondicherry UniversityPondicherryIndia

Personalised recommendations