TY - GEN
T1 - Fingerprint embedding
T2 - 15th International Conference on Information and Communications Security, ICICS 2013
AU - Wang, Jing
AU - Liu, Peng
AU - Liu, Limin
AU - Guan, Le
AU - Jing, Jiwu
PY - 2013
Y1 - 2013
N2 - The detection of covert timing channels is notoriously a difficult work due to the high variation of network traffic. The existing detection methods, mainly based on statistical tests, cannot effectively detect a variety of covert timing channels. In this paper, we propose a proactive strategy of detecting covert timing channels. The basic idea is that a timing fingerprint is embedded into outgoing traffic of the to-be-protected host in advance. The presence of a covert timing channel is exposed, provided that the fingerprint is absent from the traffic during transmission. As a proof of concept, we design and implement a detection system, which consists of two modules for fingerprint embedding and checking, respectively. We also perform a series of experiments to validate if this system works effectively. The results show that it detects various timing channels accurately and quickly, while has less than 2.4‰ degradation on network performance.
AB - The detection of covert timing channels is notoriously a difficult work due to the high variation of network traffic. The existing detection methods, mainly based on statistical tests, cannot effectively detect a variety of covert timing channels. In this paper, we propose a proactive strategy of detecting covert timing channels. The basic idea is that a timing fingerprint is embedded into outgoing traffic of the to-be-protected host in advance. The presence of a covert timing channel is exposed, provided that the fingerprint is absent from the traffic during transmission. As a proof of concept, we design and implement a detection system, which consists of two modules for fingerprint embedding and checking, respectively. We also perform a series of experiments to validate if this system works effectively. The results show that it detects various timing channels accurately and quickly, while has less than 2.4‰ degradation on network performance.
UR - http://www.scopus.com/inward/record.url?scp=84893781897&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84893781897&partnerID=8YFLogxK
U2 - 10.1007/978-3-319-02726-5_17
DO - 10.1007/978-3-319-02726-5_17
M3 - Conference contribution
AN - SCOPUS:84893781897
SN - 9783319027258
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 229
EP - 244
BT - Information and Communications Security - 15th International Conference, ICICS 2013, Proceedings
Y2 - 20 November 2013 through 22 November 2013
ER -