Web Covert Timing Channels Detection Based on Entropy
| Title | Web Covert Timing Channels Detection Based on Entropy |
| Publication Type | Conference Paper |
| Year of Publication | 2019 |
| Authors | Nasseralfoghara, M., Hamidi, H. |
| Conference Name | 2019 5th International Conference on Web Research (ICWR) |
| Date Published | April 2019 |
| Publisher | IEEE |
| ISBN Number | 978-1-7281-1431-6 |
| Keywords | channel entropy, communication contrary, compositionality, computer network security, Convert Channel, covert channels, covert storage channels, delays, disclosure information, Entropy, entropy threshold, entropy-based detection method, Information security, Internet, memory storage, modulation, Noise measurement, public access permission, Receivers, resilience, Scalability, security, security attacks, system security policies, telecommunication channels, telecommunication traffic, timing channel, victim, web, Web covert timing channels detection, web vulnerabilities, Web weaknesses |
| Abstract | Todays analyzing web weaknesses and vulnerabilities in order to find security attacks has become more urgent. In case there is a communication contrary to the system security policies, a covert channel has been created. The attacker can easily disclosure information from the victim's system with just one public access permission. Covert timing channels, unlike covert storage channels, do not have memory storage and they draw less attention. Different methods have been proposed for their identification, which generally benefit from the shape of traffic and the channel's regularity. In this article, an entropy-based detection method is designed and implemented. The attacker can adjust the amount of channel entropy by controlling measures such as changing the channel's level or creating noise on the channel to protect from the analyst's detection. As a result, the entropy threshold is not always constant for detection. By comparing the entropy from different levels of the channel and the analyst, we conclude that the analyst must investigate traffic at all possible levels. |
| URL | https://ieeexplore.ieee.org/document/8765291 |
| DOI | 10.1109/ICWR.2019.8765291 |
| Citation Key | nasseralfoghara_web_2019 |
- Noise measurement
- Web weaknesses
- web vulnerabilities
- Web covert timing channels detection
- Web
- victim
- timing channel
- telecommunication traffic
- telecommunication channels
- system security policies
- security attacks
- security
- Scalability
- resilience
- Receivers
- public access permission
- channel entropy
- modulation
- memory storage
- internet
- information security
- entropy-based detection method
- entropy threshold
- Entropy
- disclosure information
- delays
- covert storage channels
- covert channels
- Convert Channel
- computer network security
- Compositionality
- communication contrary