A. Epishkina, Mikhail Finoshin, K. Kogos, Aleksandra Yazykova
{"title":"基于机器学习的定时隐蔽通道检测案例","authors":"A. Epishkina, Mikhail Finoshin, K. Kogos, Aleksandra Yazykova","doi":"10.1109/EISIC49498.2019.9108873","DOIUrl":null,"url":null,"abstract":"Currently, packet data networks are widespread. Their architectural features allow constructing covert channels that are able to transmit covert data under the conditions of using standard protection measures. However, encryption or packets length normalization, leave the possibility for an intruder to transfer covert data via timing covert channels (TCCs). In turn, inter-packet delay (IPD) normalization leads to reducing communication channel capacity. Detection is an alternative countermeasure. At the present time, detection methods based on machine learning are widely studied. The complexity of TCCs detection based on machine learning depends on the availability of traffic samples, and on the possibility of an intruder to change covert channels parameters. In the current work, we explore the cases of TCCs detection via","PeriodicalId":117256,"journal":{"name":"2019 European Intelligence and Security Informatics Conference (EISIC)","volume":"76 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Timing Covert Channels Detection Cases via Machine Learning\",\"authors\":\"A. Epishkina, Mikhail Finoshin, K. Kogos, Aleksandra Yazykova\",\"doi\":\"10.1109/EISIC49498.2019.9108873\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Currently, packet data networks are widespread. Their architectural features allow constructing covert channels that are able to transmit covert data under the conditions of using standard protection measures. However, encryption or packets length normalization, leave the possibility for an intruder to transfer covert data via timing covert channels (TCCs). In turn, inter-packet delay (IPD) normalization leads to reducing communication channel capacity. Detection is an alternative countermeasure. At the present time, detection methods based on machine learning are widely studied. The complexity of TCCs detection based on machine learning depends on the availability of traffic samples, and on the possibility of an intruder to change covert channels parameters. In the current work, we explore the cases of TCCs detection via\",\"PeriodicalId\":117256,\"journal\":{\"name\":\"2019 European Intelligence and Security Informatics Conference (EISIC)\",\"volume\":\"76 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2019-11-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2019 European Intelligence and Security Informatics Conference (EISIC)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/EISIC49498.2019.9108873\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 European Intelligence and Security Informatics Conference (EISIC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/EISIC49498.2019.9108873","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Timing Covert Channels Detection Cases via Machine Learning
Currently, packet data networks are widespread. Their architectural features allow constructing covert channels that are able to transmit covert data under the conditions of using standard protection measures. However, encryption or packets length normalization, leave the possibility for an intruder to transfer covert data via timing covert channels (TCCs). In turn, inter-packet delay (IPD) normalization leads to reducing communication channel capacity. Detection is an alternative countermeasure. At the present time, detection methods based on machine learning are widely studied. The complexity of TCCs detection based on machine learning depends on the availability of traffic samples, and on the possibility of an intruder to change covert channels parameters. In the current work, we explore the cases of TCCs detection via