Packet Length Covert Channel: A Detection Scheme
| Title | Packet Length Covert Channel: A Detection Scheme |
| Publication Type | Conference Paper |
| Year of Publication | 2018 |
| Authors | Elsadig, M. A., Fadlalla, Y. A. |
| Conference Name | 2018 1st International Conference on Computer Applications Information Security (ICCAIS) |
| Date Published | April 2018 |
| Publisher | IEEE |
| ISBN Number | 978-1-5386-4427-0 |
| Keywords | communication channel, Communication channels, compositionality, content development, content-based features, covert channel, covert channels, covert traffic, detection, elimination, feature extraction, frequency-based features, illegal information flow, learning (artificial intelligence), machine learning, machine learning based detection scheme, network protocols, normal terrific, packet length covert channel, packet radio networks, packet size covert channel, Prevention, Protocols, Receivers, reliability, resilience, Scalability, security, security attack, system security policies, telecommunication channels, telecommunication security, telecommunication traffic, undetectable network covert channels |
| Abstract | A covert channel is a communication channel that is subjugated for illegal flow of information in a way that violates system security policies. It is a dangerous, invisible, undetectable, and developed security attack. Recently, Packet length covert channel has motivated many researchers as it is a one of the most undetectable network covert channels. Packet length covert channel generates a covert traffic that is very similar to normal terrific which complicates the detection of such type of covert channels. This motivates us to introduce a machine learning based detection scheme. Recently, a machine learning approach has proved its capability in many different fields especially in security field as it usually brings up a reliable and realistic results. Based in our developed content and frequency-based features, the developed detection scheme has been fully trained and tested. Our detection scheme has gained an excellent degree of detection accuracy which reaches 98% (zero false negative rate and 0.02 false positive rate). |
| URL | https://ieeexplore.ieee.org/document/8442026 |
| DOI | 10.1109/CAIS.2018.8442026 |
| Citation Key | elsadig_packet_2018 |
- Scalability
- packet length covert channel
- packet radio networks
- packet size covert channel
- Prevention
- Protocols
- Receivers
- Reliability
- resilience
- normal terrific
- security
- security attack
- system security policies
- telecommunication channels
- telecommunication security
- telecommunication traffic
- undetectable network covert channels
- elimination
- Communication channels
- Compositionality
- content development
- content-based features
- covert channel
- covert channels
- covert traffic
- detection
- communication channel
- feature extraction
- frequency-based features
- illegal information flow
- learning (artificial intelligence)
- machine learning
- machine learning based detection scheme
- network protocols