论文信息 - Detect Covert Channels in TCP/IP Header using Naive Bayes

Detect Covert Channels in TCP/IP Header using Naive Bayes

Covert channels via the widely used TCP/IP protocols have become a new challenging issue for network security. It is a methodology of communication which illicitly transfers data, it means by breaking security policy of system. Any shared resource will be used as a covert channel. It may be a good thing if covert channels are used to protect privacy or increase security of critical communication. Hidden data in the payload can detect by most of the detection systems in early days, but hidden data in IP and TCP packet headers survives a struggle. In this paper, proposed method is based on naive bayes classifier to detect covert channels in TCP ISN and IP ID fields of TCP/IP packets. Keywords— TCP, IP, TCP ISN, IP ID, covert

Apurva N. Mahajan | Prof. I. R. Shaikh

[1] Craig A. Shue,et al. Reporting Insider Threats via Covert Channels , 2013, 2013 IEEE Security and Privacy Workshops.

[2] Yun Q. Shi,et al. Detecting Covert Channels in Computer Networks Based on Chaos Theory , 2013, IEEE Transactions on Information Forensics and Security.

[3] Taeshik Shon,et al. A Study on the Covert Channel Detection of TCP/IP Header Using Support Vector Machine , 2003, ICICS.

[4] Jibi Abraham,et al. PERFORMANCE ANALYSIS OF TRANSPORT LAYER BASED Hybrid Covert Channel Detection Engine , 2013 .

[5] Ross J. Anderson,et al. On the limits of steganography , 1998, IEEE J. Sel. Areas Commun..

[6] Gideon Juve,et al. Information Sciences Institute , 2010, XRDS.

[7] Vincent H. Berk,et al. Covert Channel Detection Using Process Query Systems , 2005 .

[8] Vincent H. Berk,et al. Detection of Covert Channel Encoding in Network Packet Delays , 2005 .