Abstract:Covert channnels are a class of techniques for hiding the presence of communication between parties. In the context of cybersecurity, covert channels can be used by attackers to evade detection and to exfiltrate sensitive data. In so doing, they create a need for effective detection techniques for the use of covert channels.In this thesis, we present the conception, design and implementation of a system for detecting covert messages stored in the headers of network protocols in real time.We start by identifyin… Show more
“…Sattolo [56] proposed a detection method using LR classifier to identify a covert channel that exploits ID field of the IP protocol. Their method obtained a remarkable accuracy rate to identify the aforementioned IP covert channel.…”
With the rapid advancement of communication and computer network technologies, covert channels are now more secure, quicker to set up, harder to detect, and easier to design than ever before. By breaking a system security policy, a covert channel can be utilized to leak confidential communications. Undoubtedly, one of the most difficult challenges is still detecting such harmful, unobservable, and covert dangers. Due to the fact that this danger takes advantage of techniques not intended for communication, it is invisible to conventional security solutions. This chapter offers a concise overview of covert channel concept, techniques, classifications, and countermeasures, emphasizing how new technologies are vulnerable to being exploited for initiation of different covert channels and how they offer a rich environment for developing effective but challenging covert channel attacks. It gives a comprehensive review of common covert channel countermeasures with more focus on machine learning detection techniques. Although some research studies have revealed beneficial uses of covert channel, which is natural given that many approaches have a double-edged sword impact, this chapter focuses on covert channels as a security threat that compromise our data and networks.
“…Sattolo [56] proposed a detection method using LR classifier to identify a covert channel that exploits ID field of the IP protocol. Their method obtained a remarkable accuracy rate to identify the aforementioned IP covert channel.…”
With the rapid advancement of communication and computer network technologies, covert channels are now more secure, quicker to set up, harder to detect, and easier to design than ever before. By breaking a system security policy, a covert channel can be utilized to leak confidential communications. Undoubtedly, one of the most difficult challenges is still detecting such harmful, unobservable, and covert dangers. Due to the fact that this danger takes advantage of techniques not intended for communication, it is invisible to conventional security solutions. This chapter offers a concise overview of covert channel concept, techniques, classifications, and countermeasures, emphasizing how new technologies are vulnerable to being exploited for initiation of different covert channels and how they offer a rich environment for developing effective but challenging covert channel attacks. It gives a comprehensive review of common covert channel countermeasures with more focus on machine learning detection techniques. Although some research studies have revealed beneficial uses of covert channel, which is natural given that many approaches have a double-edged sword impact, this chapter focuses on covert channels as a security threat that compromise our data and networks.
The advanced development of computer networks and communication technologies has made covert communications easier to construct, faster, undetectable and more secure than ever. A covert channel is a path through which secret messages can be leaked by violating a system security policy. The detection of such dangerous, unwatchable, and hidden threats is still one of the most challenging aspects. This threat exploits methods that are not dedicated to communication purposes, meaning that traditional security measures fail to detect its existence. This review has introduced a brief introduction of covert channel definitions, types and developments, with a particular focus on detection techniques using machine learning (ML) approaches. It provides a thorough review of the most common covert channels and ML techniques that are used to counter them, as well as addressing their achievements and limitations. In addition, this paper introduces a comparative experimental study for some common ML approaches that are commonly used in this field. Accordingly, the performance of these classifiers was evaluated and reported. The paper concludes that our information is still at risk, nothing is said to be secured and more work on the detection of covert channels is required.INDEX TERMS Classification algorithms, covert channel detection, machine learning, covert traffic, covert storage channel, cover timing channel, deep learning, network traffic, network covert channels, overt traffic.
Covert timing channels play pivotal roles in spying, hacking, and data theft, enabling secret communication and surreptitious data exchange. They also find utility in secure conversations, message concealment, security testing, and privacy protection, underscoring their versatile application across diverse domains. However, the accuracy of covert timing channels may be compromised by network traffic patterns and time delays, potentially affecting data integrity. This survey paper primarily provides an brief overview of identifying and mitigating these influencing factors of existing covert timing channels and presents a suggested system that integrates Reversible Covert Timing Channel (CTC) steganography and Elliptic Curve Cryptography (ECC) to ensure secure communication and data encryption. By leveraging this combination, the system aims to enhance the resilience of covert communication channels against adversarial interference while safeguarding the confidentiality and integrity of transmitted data.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.