• DocumentCode
    1408132
  • Title

    Covert channel resistant information leakage protection using a multi-agent architecture

  • Author

    Bishop, Steve ; Okhravi, Hamed ; Rahimi, S. ; Lee, Young-Chul

  • Author_Institution
    Dept. of Comput. Sci., Southern Illinois Univ., Carbondale, IL, USA
  • Volume
    4
  • Issue
    4
  • fYear
    2010
  • fDate
    12/1/2010 12:00:00 AM
  • Firstpage
    233
  • Lastpage
    247
  • Abstract
    Covert channel attacks utilise shared resources to indirectly transmit sensitive information to unauthorised parties. Current operating systems (e.g. SELinux) rely on tagging the filesystem with security labels and enforcing security policies at the time of access to a file or resource. However, such mechanisms do not provide strong protection against information laundering via covert channels. Colored Linux, an extension to SELinux, utilises watermarking algorithms to `colour` the contents of each file with their respective security classification, or context, to enhance resistance to information laundering attacks. In this study, the authors propose a mobile agent-based approach to automate the process of detecting and colouring receptive hosts` filesystems and monitoring the coloured filesystem for instances of potential information leakage. Implementation details and execution results are included to illustrate the merits of the proposed approach. The authors have also evaluated the performance of their agent-based system over a single host as well as a local network of machines. Finally, using formal method techniques, the authors have proved correctness properties about the agent-based approach and identified and corrected a flaw in their initial implementation.
  • Keywords
    Linux; formal specification; formal verification; mobile agents; multi-agent systems; security of data; watermarking; SELinux operating systems; colored Linux; coloured filesystem monitoring; correctness property; covert channel attack; formal method techniques; information laundering attacks; information leakage protection; mobile agent; multi-agent architecture; security classification; security labels; security policy; watermarking algorithms;
  • fLanguage
    English
  • Journal_Title
    Information Security, IET
  • Publisher
    iet
  • ISSN
    1751-8709
  • Type

    jour

  • DOI
    10.1049/iet-ifs.2009.0202
  • Filename
    5672440