Skip to Main content Skip to Navigation
Conference papers

CSP-Based General Detection Model of Network Covert Storage Channels

Abstract : A network covert channel is a malicious conversation mechanism, which brings serious security threat to security-sensitive systems and is usually difficult to be detected. Data are hidden in the header fields of protocols in network covert storage channels. In this paper, a general detection model based on formal protocol analysis for identifying possible header fields in network protocols that may be used as covert storage channels is proposed. The protocol is modeled utilizing the Communication Sequential Processes (CSP), in which a modified property of header fields is defined and the header fields are classified into three types in accordance to the extent to which their content can be altered without impairing the communication. At last, verification of the model in Transmission Control Protocol (TCP) shows that the proposed method is effective and feasible.
Complete list of metadata

Cited literature [17 references]  Display  Hide  Download

https://hal.inria.fr/hal-01480205
Contributor : Hal Ifip <>
Submitted on : Wednesday, March 1, 2017 - 11:06:12 AM
Last modification on : Thursday, March 2, 2017 - 1:04:26 AM
Long-term archiving on: : Tuesday, May 30, 2017 - 2:58:43 PM

File

978-3-642-36818-9_51_Chapter.p...
Files produced by the author(s)

Licence


Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Citation

Hui Zhu, Tingting Liu, Guanghui Wei, Beishui Liu, Hui Li. CSP-Based General Detection Model of Network Covert Storage Channels. 1st International Conference on Information and Communication Technology (ICT-EurAsia), Mar 2013, Yogyakarta, Indonesia. pp.459-468, ⟨10.1007/978-3-642-36818-9_51⟩. ⟨hal-01480205⟩

Share

Metrics

Record views

116

Files downloads

226