{"title":"网络Stegoinsider检测","authors":"A. Salita, A. Krasov","doi":"10.1109/SmartIndustryCon57312.2023.10110748","DOIUrl":null,"url":null,"abstract":"The number of crimes committed by insiders has increased dramatically over the past 10 years. Insiders use various technologies, including steganography, to bypass security measures and steal confidential information. In this paper, we analyse the methods that can be used to identify the steganographic channel and steganographic insider, such as Shannon information entropy method, Kolmogorov-Smirnov method, probability distribution variance comparison method, machine learning method and neural network method. Based on these methods, some programs were written to identify steganographic channels in the network. Each of the methods was tested on real enterprise traffic. As a result it is possible to say whether these methods are suitable for use in the enterprise network or nor.","PeriodicalId":157877,"journal":{"name":"2023 International Russian Smart Industry Conference (SmartIndustryCon)","volume":"145 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-03-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Network Stegoinsider Detection\",\"authors\":\"A. Salita, A. Krasov\",\"doi\":\"10.1109/SmartIndustryCon57312.2023.10110748\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The number of crimes committed by insiders has increased dramatically over the past 10 years. Insiders use various technologies, including steganography, to bypass security measures and steal confidential information. In this paper, we analyse the methods that can be used to identify the steganographic channel and steganographic insider, such as Shannon information entropy method, Kolmogorov-Smirnov method, probability distribution variance comparison method, machine learning method and neural network method. Based on these methods, some programs were written to identify steganographic channels in the network. Each of the methods was tested on real enterprise traffic. As a result it is possible to say whether these methods are suitable for use in the enterprise network or nor.\",\"PeriodicalId\":157877,\"journal\":{\"name\":\"2023 International Russian Smart Industry Conference (SmartIndustryCon)\",\"volume\":\"145 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2023-03-27\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2023 International Russian Smart Industry Conference (SmartIndustryCon)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SmartIndustryCon57312.2023.10110748\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2023 International Russian Smart Industry Conference (SmartIndustryCon)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SmartIndustryCon57312.2023.10110748","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
The number of crimes committed by insiders has increased dramatically over the past 10 years. Insiders use various technologies, including steganography, to bypass security measures and steal confidential information. In this paper, we analyse the methods that can be used to identify the steganographic channel and steganographic insider, such as Shannon information entropy method, Kolmogorov-Smirnov method, probability distribution variance comparison method, machine learning method and neural network method. Based on these methods, some programs were written to identify steganographic channels in the network. Each of the methods was tested on real enterprise traffic. As a result it is possible to say whether these methods are suitable for use in the enterprise network or nor.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
