Detection of Jitterbug Covert Channel Based on Partial Entropy Test

机译：基于局部熵测试的Jitterbug隐蔽通道检测

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

Jitterbug is a typical delay-based covert timing channel and supplies reliable covert communication in a passive manner. The existing entropy-based detection scheme based on training samples may suffer from model mismatching, which results in detection performance deterioration. In this paper, a new detection method for Jitterbug based on partial entropy test is proposed. A fixed binning strategy without training samples is used to obtain bins distribution feature. The first-order entropy is calculated for several sets of partial successive bins and the weighted mean is used to calculate the final entropy value to distinguish Jitterbug from legitimate traffic. Furthermore, the influence of detection performance caused by network jitter is also discussed. Experimental results show that the proposed detection method achieves high detection performance and is less affected by network jitter.

机译：Jitterbug是典型的基于延迟的隐蔽定时通道，并以被动方式提供可靠的隐蔽通信。现有的基于训练样本的基于熵的检测方案可能会出现模型不匹配的情况，从而导致检测性能下降。提出了一种基于局部熵检验的抖动检测方法。无需训练样本的固定装箱策略用于获得装箱分布特征。为几组部分连续的仓位计算一阶熵，并使用加权平均值计算最终熵值，以将Jitterbug与合法流量区分开。此外，还讨论了网络抖动对检测性能的影响。实验结果表明，该检测方法具有较高的检测性能，受网络抖动的影响较小。

著录项

来源
《International Conference on Cloud Computing and Security》|2017年|357-368|共12页
会议地点
作者
Hao Wang; Guangjie Liu; Weiwei Liu1; Jiangtao Zhai; Yuewei Dai;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类
关键词
Jitterbug; Covert channel detection; Timing channel; Partial entropy;

机译：Jitterbug;隐蔽通道检测;定时通道;偏熵;

相似文献

外文文献
中文文献
专利

1. STRICTLY CONSISTENT TESTS FOR DETECTION OF STATISTICAL COVERT CHANNELS [J] . A. Grusho, A. Knyazev, E. Timonina Journal of Mathematical Sciences . 2007,第4期

机译：严格一致的检测统计隐蔽通道的测试
2. An Entropy-Based Approach to Detecting Covert Timing Channels [J] . Gianvecchio Steven, Wang Haining Dependable and Secure Computing, IEEE Transactions on . 2011,第6期

机译：基于熵的隐蔽定时信道检测方法
3. A Support Vector Machine-Based Framework for Detection of Covert Timing Channels [J] . P. L. Shrestha, M. Hempel, F. Rezaei, IEEE transactions on dependable and secure computing . 2016,第2期

机译：基于支持向量机的隐式定时信道检测框架
4. Detection of Jitterbug Covert Channel Based on Partial Entropy Test [C] . Hao Wang, Guangjie Liu, Weiwei Liu, International Conference on Cloud Computing and Security . 2017

机译：基于部分熵测试的Jitterbug Covert通道检测
5. SPARTAN: A spectral and entropy-based partial-scan and test point insertion algorithm. [D] . Khan, Omar I. 2007

机译：SPARTAN：一种基于频谱和熵的部分扫描和测试点插入算法。
6. A Novel Hybrid Approach for Partial Discharge Signal Detection Based on Complete Ensemble Empirical Mode Decomposition with Adaptive Noise and Approximate Entropy [O] . Haikun Shang, Yucai Li, Junyan Xu, 2020

机译：一种基于完整集合经验模式分解的局部放电信号检测的新型混合方法自适应噪声和近似熵
7. An Entropy-Based Approach to Detecting Covert Timing Channels [O] . Steven Gianvecchio, Haining Wang 2013

机译：基于熵的隐蔽定时信道检测方法
8. Transportation Security: TSA Has Developed a Risk-Based Covert Testing Program, but Could Better Mitigate Aviation Security Vulnerabilities Identified Through Covert Tests [R] . 2008

机译：运输安全：Tsa已开发出基于风险的隐蔽测试计划，但可以更好地缓解通过秘密测试确定的航空安全漏洞

Detection of Jitterbug Covert Channel Based on Partial Entropy Test

摘要

著录项

相似文献

相关主题

期刊订阅