Skip to Main content Skip to Navigation
Conference papers

CSP-Based General Detection Model of Network Covert Storage Channels

Abstract : A network covert channel is a malicious conversation mechanism, which brings serious security threat to security-sensitive systems and is usually difficult to be detected. Data are hidden in the header fields of protocols in network covert storage channels. In this paper, a general detection model based on formal protocol analysis for identifying possible header fields in network protocols that may be used as covert storage channels is proposed. The protocol is modeled utilizing the Communication Sequential Processes (CSP), in which a modified property of header fields is defined and the header fields are classified into three types in accordance to the extent to which their content can be altered without impairing the communication. At last, verification of the model in Transmission Control Protocol (TCP) shows that the proposed method is effective and feasible.
Complete list of metadata

Cited literature [17 references]  Display  Hide  Download
Contributor : Hal Ifip Connect in order to contact the contributor
Submitted on : Wednesday, March 1, 2017 - 11:06:12 AM
Last modification on : Wednesday, December 15, 2021 - 12:42:02 PM
Long-term archiving on: : Tuesday, May 30, 2017 - 2:58:43 PM


Files produced by the author(s)


Distributed under a Creative Commons Attribution 4.0 International License



Hui Zhu, Tingting Liu, Guanghui Wei, Beishui Liu, Hui Li. CSP-Based General Detection Model of Network Covert Storage Channels. 1st International Conference on Information and Communication Technology (ICT-EurAsia), Mar 2013, Yogyakarta, Indonesia. pp.459-468, ⟨10.1007/978-3-642-36818-9_51⟩. ⟨hal-01480205⟩



Record views


Files downloads