• DocumentCode
    3127193
  • Title

    Detecting protocol switching covert channels

  • Author

    Wendzel, Steffen ; Zander, Sebastian

  • Author_Institution
    Fac. of Math. & Comput. Sci., Univ. of Hagen, Hagen, Germany
  • fYear
    2012
  • fDate
    22-25 Oct. 2012
  • Firstpage
    280
  • Lastpage
    283
  • Abstract
    Network covert channels enable hidden communication and can be used to break security policies. Within the last years, new techniques for such covert channels arose, including protocol switching covert channels (PSCCs). PSCCs transfer hidden information by sending network packets with different selected network protocols. In this paper we present the first detection methods for PSCCs. We show that the number of packets between network protocol switches and the time between switches can be monitored to detect PSCCs with 98-99% accuracy for bit rates of 4 bits/second or higher.
  • Keywords
    protocols; telecommunication channels; telecommunication security; telecommunication switching; PSCC; communication channel; packet network sending; protocol switching covert channel detection; security policy; transfer hidden information; Accuracy; Bit rate; Machine learning; Protocols; Receivers; Switches; Covert Channel; Network Security;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Local Computer Networks (LCN), 2012 IEEE 37th Conference on
  • Conference_Location
    Clearwater, FL
  • ISSN
    0742-1303
  • Print_ISBN
    978-1-4673-1565-4
  • Type

    conf

  • DOI
    10.1109/LCN.2012.6423628
  • Filename
    6423628
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3127193