DocumentCode
1408132
Title
Covert channel resistant information leakage protection using a multi-agent architecture
Author
Bishop, Steve ; Okhravi, Hamed ; Rahimi, S. ; Lee, Young-Chul
Author_Institution
Dept. of Comput. Sci., Southern Illinois Univ., Carbondale, IL, USA
Volume
4
Issue
4
fYear
2010
fDate
12/1/2010 12:00:00 AM
Firstpage
233
Lastpage
247
Abstract
Covert channel attacks utilise shared resources to indirectly transmit sensitive information to unauthorised parties. Current operating systems (e.g. SELinux) rely on tagging the filesystem with security labels and enforcing security policies at the time of access to a file or resource. However, such mechanisms do not provide strong protection against information laundering via covert channels. Colored Linux, an extension to SELinux, utilises watermarking algorithms to `colour` the contents of each file with their respective security classification, or context, to enhance resistance to information laundering attacks. In this study, the authors propose a mobile agent-based approach to automate the process of detecting and colouring receptive hosts` filesystems and monitoring the coloured filesystem for instances of potential information leakage. Implementation details and execution results are included to illustrate the merits of the proposed approach. The authors have also evaluated the performance of their agent-based system over a single host as well as a local network of machines. Finally, using formal method techniques, the authors have proved correctness properties about the agent-based approach and identified and corrected a flaw in their initial implementation.
Keywords
Linux; formal specification; formal verification; mobile agents; multi-agent systems; security of data; watermarking; SELinux operating systems; colored Linux; coloured filesystem monitoring; correctness property; covert channel attack; formal method techniques; information laundering attacks; information leakage protection; mobile agent; multi-agent architecture; security classification; security labels; security policy; watermarking algorithms;
fLanguage
English
Journal_Title
Information Security, IET
Publisher
iet
ISSN
1751-8709
Type
jour
DOI
10.1049/iet-ifs.2009.0202
Filename
5672440
Link To Document