The Role of Hierarchical Entropy Analysis in the Detection and Time-Scale Determination of Covert Timing Channels

被引:0
作者
Darwish, Omar [1 ]
Al-Fuqaha, Ala [1 ]
Anan, Muhammad [2 ]
Nasser, Nidal [2 ]
机构
[1] Western Michigan Univ, Dept Comp Sci, Kalamazoo, MI 49008 USA
[2] Alfaisal Univ, Coll Engn, Riyadh, Saudi Arabia
来源
2015 INTERNATIONAL WIRELESS COMMUNICATIONS & MOBILE COMPUTING CONFERENCE (IWCMC) | 2015年
关键词
Security; Covert timing channels; Pattern recognition; Time-scale determination; Hierarchical entropy;
D O I
暂无
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
this paper evaluates the potential use of hierarchal entropy analysis to detect covert timing channels and determine the best time-scale that reveals it. A data transmission simulator is implemented to generate a collection of overt and covert channels. The hierarchical entropy analysis approach is then utilized to detect the covert timing channels and identify the type-scale that provides the highest evidence that the underlying channel is covert. Hierarchical entropy divides the stream of inter-arrival times greedily to identify the time-scale the best reveals the existence of a covert-timing channel. The lowest entropy in the sequence is the best indicator that identifies non-random patterns in the given data stream. The results show that hierarchal entropy analysis performs significantly better than the classical flat entropy approach in the detection of covert timing channels. Furthermore, the hierarchical entropy analysis provides details about the best time-scale that reveals the features of the covert timing channel.
引用
收藏
页码:153 / 159
页数:7
相关论文
共 29 条
[1]  
Ajit B., 2014, INT J ADV RES COMPUT, V3
[2]  
[Anonymous], 2012, MOBILITY LARGE GLOBA
[3]  
[Anonymous], 2007, AUT DET COV CHANN NE
[4]  
[Anonymous], 2014, NY TIMES
[5]  
Cabuk S., 2004, P 11 ACM C COMP COMM, P178, DOI DOI 10.1145/1030083.1030108
[6]  
Gianvecchio S, 2008, LECT NOTES COMPUT SC, V5230, P211, DOI 10.1007/978-3-540-87403-4_12
[7]  
Gianvecchio S, 2007, CCS'07: PROCEEDINGS OF THE 14TH ACM CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY, P307
[8]   An Entropy-Based Approach to Detecting Covert Timing Channels [J].
Gianvecchio, Steven ;
Wang, Haining .
IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, 2011, 8 (06) :785-797
[9]   COVERT CHANNELS IN LANS [J].
GIRLING, CG .
IEEE TRANSACTIONS ON SOFTWARE ENGINEERING, 1987, 13 (02) :292-296
[10]  
Hall M., 2009, SIGKDD Explorations, V11, P10, DOI DOI 10.1145/1656274.1656278