CSP-Based General Detection Model of Network Covert Storage Channels - Information and Communication Technology
Conference Papers Year : 2013

CSP-Based General Detection Model of Network Covert Storage Channels

Hui Zhu
  • Function : Author
  • PersonId : 1003111
Tingting Liu
  • Function : Author
Guanghui Wei
  • Function : Author
Beishui Liu
  • Function : Author
Hui Li
  • Function : Author

Abstract

A network covert channel is a malicious conversation mechanism, which brings serious security threat to security-sensitive systems and is usually difficult to be detected. Data are hidden in the header fields of protocols in network covert storage channels. In this paper, a general detection model based on formal protocol analysis for identifying possible header fields in network protocols that may be used as covert storage channels is proposed. The protocol is modeled utilizing the Communication Sequential Processes (CSP), in which a modified property of header fields is defined and the header fields are classified into three types in accordance to the extent to which their content can be altered without impairing the communication. At last, verification of the model in Transmission Control Protocol (TCP) shows that the proposed method is effective and feasible.
Fichier principal
Vignette du fichier
978-3-642-36818-9_51_Chapter.pdf (689.9 Ko) Télécharger le fichier
Origin Files produced by the author(s)
Loading...

Dates and versions

hal-01480205 , version 1 (01-03-2017)

Licence

Identifiers

Cite

Hui Zhu, Tingting Liu, Guanghui Wei, Beishui Liu, Hui Li. CSP-Based General Detection Model of Network Covert Storage Channels. 1st International Conference on Information and Communication Technology (ICT-EurAsia), Mar 2013, Yogyakarta, Indonesia. pp.459-468, ⟨10.1007/978-3-642-36818-9_51⟩. ⟨hal-01480205⟩
106 View
109 Download

Altmetric

Share

More