Detection of Jitterbug Covert Channel Based on Partial Entropy Test

机译：基于部分熵测试的Jitterbug Covert通道检测

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

Jitterbug is a typical delay-based covert timing channel and supplies reliable covert communication in a passive manner. The existing entropy-based detection scheme based on training samples may suffer from model mismatching, which results in detection performance deterioration. In this paper, a new detection method for Jitterbug based on partial entropy test is proposed. A fixed binning strategy without training samples is used to obtain bins distribution feature. The first-order entropy is calculated for several sets of partial successive bins and the weighted mean is used to calculate the final entropy value to distinguish Jitterbug from legitimate traffic. Furthermore, the influence of detection performance caused by network jitter is also discussed. Experimental results show that the proposed detection method achieves high detection performance and is less affected by network jitter.

机译：Jitterbug是一种基于典型的延迟封闭定时通道，并以被动方式提供可靠的隐蔽通信。基于训练样本的基于熵的检测方案可能遭受模型不匹配，这导致检测性能劣化。本文提出了一种基于部分熵试验的JITTERBUG的新检测方法。没有训练样本的固定分数策略用于获得箱体分配特征。为几组部分连续箱计算了一阶熵，并且加权均值用于计算最终的熵值，以区分Jitterbug与合法流量。此外，还讨论了网络抖动引起的检测性能的影响。实验结果表明，该检测方法达到了高检测性能，受网络抖动的影响较小。

著录项

来源
《International Conference on Cloud Computing and Security》|2017年|879p|共12页
会议地点
作者
Hao Wang; Guangjie Liu; Weiwei Liu; Jiangtao Zhai; Yuewei Dai;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类 TP393-53;
关键词
Jitterbug; Covert channel detection; Timing channel; Partial entropy;

机译：jitterbug;隐蔽通道检测;时序频道;部分熵;

相似文献

外文文献
中文文献
专利

1. STRICTLY CONSISTENT TESTS FOR DETECTION OF STATISTICAL COVERT CHANNELS [J] . A. Grusho, A. Knyazev, E. Timonina Journal of Mathematical Sciences . 2007,第4期

机译：严格一致的检测统计隐蔽通道的测试
2. An Entropy-Based Approach to Detecting Covert Timing Channels [J] . Gianvecchio Steven, Wang Haining Dependable and Secure Computing, IEEE Transactions on . 2011,第6期

机译：基于熵的隐蔽定时信道检测方法
3. A Support Vector Machine-Based Framework for Detection of Covert Timing Channels [J] . P. L. Shrestha, M. Hempel, F. Rezaei, IEEE transactions on dependable and secure computing . 2016,第2期

机译：基于支持向量机的隐式定时信道检测框架
4. Detection of Jitterbug Covert Channel Based on Partial Entropy Test [C] . Hao Wang, Guangjie Liu, Weiwei Liu1, International Conference on Cloud Computing and Security . 2017

机译：基于局部熵测试的Jitterbug隐蔽通道检测
5. SPARTAN: A spectral and entropy-based partial-scan and test point insertion algorithm. [D] . Khan, Omar I. 2007

机译：SPARTAN：一种基于频谱和熵的部分扫描和测试点插入算法。
6. A Novel Hybrid Approach for Partial Discharge Signal Detection Based on Complete Ensemble Empirical Mode Decomposition with Adaptive Noise and Approximate Entropy [O] . Haikun Shang, Yucai Li, Junyan Xu, 2020

机译：一种基于完整集合经验模式分解的局部放电信号检测的新型混合方法自适应噪声和近似熵
7. An Entropy-Based Approach to Detecting Covert Timing Channels [O] . Steven Gianvecchio, Haining Wang 2013

机译：基于熵的隐蔽定时信道检测方法
8. Transportation Security: TSA Has Developed a Risk-Based Covert Testing Program, but Could Better Mitigate Aviation Security Vulnerabilities Identified Through Covert Tests [R] . 2008

机译：运输安全：Tsa已开发出基于风险的隐蔽测试计划，但可以更好地缓解通过秘密测试确定的航空安全漏洞

Detection of Jitterbug Covert Channel Based on Partial Entropy Test

摘要

著录项

相似文献

相关主题

期刊订阅