邪恶八进制信息安全团队技术讨论组 » 网络攻防技术{ Hacking and Defence } » [转载]Detection of Covert Channel Encoding in Network Packet Delays [查看完整版本]

EvilOctal 2005-11-5 22:46

[转载]Detection of Covert Channel Encoding in Network Packet Delays

信息来源：邪恶八进制信息安全团队（[url]www.eviloctal.com[/url]）

Covert channels are mechanisms for communicating information in ways that are dicult to detect. Data ex ltration can be an indication that a computer has been compromised by an attacker even when other intrusion detection schemes have failed to detect a successful attack. Covert timing channels use packet inter-arrival times, not header or payload embedded information, to encode covert messages. This paper investigates the channel capacity of Internet-based timing channels and proposes a methodology for detecting covert timing channels based on how close a source comes to achieving that channel capacity. A statistical approach is then used for the special case of binary codes.

查看完整版本: [转载]Detection of Covert Channel Encoding in Network Packet Delays

© 1999-2008 EvilOctal Security Team