Skip to Main content Skip to Navigation
New interface
Conference papers

Evaluation of Statistical Tests for Detecting Storage-Based Covert Channels

Abstract : Individuals and organizations are more aware than ever of the importance and value of preserving the confidentiality and privacy of sensitive information. However, detecting the leakage of sensitive information in networked systems is still a challenging problem, especially when adversaries use covert channels to exfiltrate sensitive information to unauthorized parties. Presently, approaches for detecting timing-based covert channels have been studied more extensively than those for detecting storage-based covert channels. In this paper, we evaluate the effectiveness of a selection of statistical tests for detecting storage-based covert channels. We present the results of several experiments which show that complexity-based tests are effective at detecting storage-based covert channels when information is embedded into network packet header fields that are not expected to follow a particular pattern, such as the IP Identification and Time-to-Live. These results can help to guide the construction of practical detection platforms capable of effectively detecting the leakage of sensitive information via storage-based covert channels.
Document type :
Conference papers
Complete list of metadata

https://hal.inria.fr/hal-03440831
Contributor : Hal Ifip Connect in order to contact the contributor
Submitted on : Monday, November 22, 2021 - 3:32:50 PM
Last modification on : Monday, November 22, 2021 - 4:37:49 PM
Long-term archiving on: : Wednesday, February 23, 2022 - 7:57:53 PM

File

 Restricted access
To satisfy the distribution rights of the publisher, the document is embargoed until : 2023-01-01

Please log in to resquest access to the document

Licence


Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Collections

Citation

Thomas Sattolo, Jason Jaskolka. Evaluation of Statistical Tests for Detecting Storage-Based Covert Channels. 35th IFIP International Conference on ICT Systems Security and Privacy Protection (SEC), Sep 2020, Maribor, Slovenia. pp.17-31, ⟨10.1007/978-3-030-58201-2_2⟩. ⟨hal-03440831⟩

Share

Metrics

Record views

10