Network covert channel analysis based on the density multilevel two segment clustering
作者: Xuyang , Zouchenpeng , Yangning
DOI: 10.1109/ICSESS.2015.7339051
关键词:
摘要: On the problem of covert channel detection, traditional detection algorithms exist specific blind area, or it is useful for some kind but ignore other channels. In order to solve this problem, in paper proposes network analysis method based on density multilevel two segment clustering. Firstly, complex studied, and its mathematical model data feature extraction are presented; Secondly, hierarchical clustering design aggregation improved form using given coarsening results, at same time each layer coarse results algorithm implement thinning improve prediction accuracy. Finally, proposed can detect quickly accurately when noise no higher than 20%.
sci-hub.se 参考文章(7)
S. Bishop, H. Okhravi, S. Rahimi, Y.-C. Lee, Covert channel resistant information leakage protection using a multi-agent architecture Iet Information Security. ,vol. 4, pp. 233- 247 ,(2010) , 10.1049/IET-IFS.2009.0202
Valentino Crespi, George Cybenko, Annarita Giani, Engineering Statistical Behaviors for Attacking and Defending Covert Channels IEEE Journal of Selected Topics in Signal Processing. ,vol. 7, pp. 124- 136 ,(2013) , 10.1109/JSTSP.2012.2237378
Hong Zhao, Yun-Qing Shi, Detecting Covert Channels in Computer Networks Based on Chaos Theory IEEE Transactions on Information Forensics and Security. ,vol. 8, pp. 273- 282 ,(2013) , 10.1109/TIFS.2012.2231861
Butler W. Lampson, A note on the confinement problem Communications of the ACM. ,vol. 16, pp. 613- 615 ,(1973) , 10.1145/362375.362389
S. Gianvecchio, Haining Wang, An Entropy-Based Approach to Detecting Covert Timing Channels IEEE Transactions on Dependable and Secure Computing. ,vol. 8, pp. 785- 797 ,(2011) , 10.1109/TDSC.2010.46
Ronald W. Smith, Scott G. Knight, Predictable Three-Parameter Design of Network Covert Communication Systems IEEE Transactions on Information Forensics and Security. ,vol. 6, pp. 1- 13 ,(2011) , 10.1109/TIFS.2010.2094187
I.S. Moskowitz, M.H. Kang, Covert channels-here to stay? Proceedings of COMPASS'94 - 1994 IEEE 9th Annual Conference on Computer Assurance. pp. 235- 243 ,(1994) , 10.1109/CMPASS.1994.318449