DocumentCode
3660168
Title
A probability-model-based approach to detect covert timing channel
Author
Peng Yang;Hui Zhao;Zhonggui Bao
Author_Institution
Computer department, Beijing Institute of Tracking and Telecommunications Technology, China
fYear
2015
Firstpage
1043
Lastpage
1047
Abstract
Interest of detecting covert timing channels is increasing rapidly. A lot of exploitation has been done on the construction and detection of covert timing channels over the internet. But the detection of covert timing channels is a challenging task because legitimate network traffic is so various that it´s hard to detect and distinguish. The existing detection approaches are not so effective to detect the variety of covert timing channels known to security community. In this paper, we first review some typical detection methods of covert timing channels and then evaluate every approach. After that we introduce a new model-based approach to detecting various covert timing channels. Our new approach is based on the probability model that covert timing channels have different distribution from the legitimate channels. At last, we do an experiment to confirm the effectiveness of our model-based approach. The experiment result shows that our model-based approach is sensitive to the current timing channels, and is capable of detecting them in an accurate manner.
Keywords
"Delays","Entropy","Security","Computers","Telecommunication traffic","Random variables"
Publisher
ieee
Conference_Titel
Information and Automation, 2015 IEEE International Conference on
Type
conf
DOI
10.1109/ICInfA.2015.7279440
Filename
7279440
Link To Document