作者投稿和查稿 主编审稿 专家审稿 编委审稿 远程编辑

计算机工程

• 安全技术 • 上一篇    下一篇

基于聚类分析的网络存储隐蔽信道检测算法

袁健,王涛   

  1. (上海理工大学光电信息与计算机工程学院,上海 200093)
  • 收稿日期:2014-08-14 出版日期:2015-09-15 发布日期:2015-09-15
  • 作者简介:袁健(1971-),女,副教授、博士,主研方向:网络安全,数据分析与挖掘,智能交通;王涛,硕士研究生。
  • 基金资助:
    国家自然科学基金资助项目(61202376);上海市教育发展基金会晨光计划基金资助项目(10CG49);上海市教委科研创新基金资助项目(13YZ075)。

Detection Algorithm of Network Storage Covert Channel Based on Clustering Analysis

YUAN Jian,WANG Tao   

  1. (School of Optical-Electrical and Computer Engineering,University of Shanghai for Science and Technology,Shanghai 200093,China)
  • Received:2014-08-14 Online:2015-09-15 Published:2015-09-15

摘要: 在包含巨大通信量和多种通信协议的网络环境下,隐蔽信道允许进程以危害系统安全的方式传输信息,对安全信息系统构成威胁。为此,提出一种基于聚类分析的隐蔽信道检测算法,根据正常通信数据和隐蔽通信数据聚类的差别判断通信流中是否存在网络存储隐蔽信道。实验结果表明,该算法可根据通信量大小和待检测字段特点灵活调整实现算法,具有较高的实时性和准确率。

关键词: 聚类分析, 网络隐蔽信道, 隐蔽信道检测, 网络安全, 安全检测

Abstract: The huge communication traffic and vast of communication protocol turn to be perfect medium for covert channel.As a kind of communication channel which allows a process to transfer information in a manner that violates the system’s security,the covert channel is becoming a major threat to the secure information systems.A detection algorithm of Network Covert Storage Channel based on Cluster Analysis(NCSCCA) is proposed in this paper to detect covert storage channel,which is widely existed in network.This new method can identify whether a covert storage channel is existed in the communicating,depending on cluster analysis difference between normal and abnormal communication and has a high-speed feature.What’s more,this method has the ability to detect several kinds of covert storage channel.Preliminary experiment results show that the method is real-time and accurate.

Key words: clustering analysis, network covert channel, covert channel detection, network security, security detection

中图分类号: