一种基于文件存储分布的隐蔽信道构造方法

doi:10.3969/j.issn.1000-3428.2017.09.035

计算机工程

一种基于文件存储分布的隐蔽信道构造方法

陆思妍,兰少华

(南京理工大学计算机科学与工程学院,南京 210094)

收稿日期:2016-06-20 出版日期:2017-09-15 发布日期:2017-09-15
作者简介:陆思妍(1992—),女,硕士,主研方向为网络安全;兰少华,教授、博士。

A Construction Method of Covert Channel Based on File Storage Distribution

LU Siyan,LAN Shaohua

(School of Computer Science and Engineering,Nanjing University of Science and Technology,Nanjing 210094,China)

Received:2016-06-20 Online:2017-09-15 Published:2017-09-15

摘要/Abstract

摘要： 针对现有的长度式隐蔽信道在信道熵和长度分布特征中与合法信道有差异的问题,提出一种基于隐蔽信息存储分布的隐蔽信道构造方法。将不同编码方式下的隐蔽信息转换为二进制比特流,研究比特流中作为隐蔽信息的比特或者比特串的分布概率。分析该概率对传统长度式隐蔽信道的影响,将概率分布统计应用到长度式隐蔽信道的模型构建中,并实现信道熵和长度分布检测。实验结果表明,与传统参考长度隐蔽信道相比,提出方法具有更好的隐蔽性。

关键词: 隐蔽信道, 存储分布, 统计分布, 信道熵, 隐蔽性, 熵检测

Abstract: A covert channel construction method based on covert information storage distribution is proposed to solve the problem that the existing reference length covert channels are different from legal channels in the channel entropy and length distribution features.The secret information encoded by different encoding modes is converted to binary stream.The distribution probability of bit or bit string acting as secret information in the binary stream is studied.The effect of this probability on traditional length covert channel is analyzed.A new construction model of length covert channel applied by probability distribution statistics is designed.Channel entropy and length distribution are detected.Experimental results prove that compared with the traditional reference length covert channel,the proposed method has better imperceptibility.

Key words: covert channel, storage distribution, statistical distribution, channel entropy, imperceptibility, entropy detection

中图分类号:

TP393.08

陆思妍,兰少华. 一种基于文件存储分布的隐蔽信道构造方法[J]. 计算机工程, doi: 10.3969/j.issn.1000-3428.2017.09.035.

LU Siyan,LAN Shaohua. A Construction Method of Covert Channel Based on File Storage Distribution[J]. Computer Engineering, doi: 10.3969/j.issn.1000-3428.2017.09.035.

http://www.ecice06.com/CN/Y2017/V43/I9/199

参考文献

参考文献［1］ZANDER S,ARMITAGE G,BRANCH P.A Survey of Covert Channels and Countermeasures in Computer Network Protocols［J］.IEEE Communications Surveys & Tutorials,2007,9(3):44-57. ［2］HANDEL T G,SANDFORD M T.Hiding Data in the OSI Network Model［C］//Proceedings of International Workshop on Information Hiding.Berlin,Germany:Springer,1996:23-38. ［3］AHSAN K,KUNDUR D.Practical Data Hiding in TCP/IP［C］//Proceedings of International Conference on Emerging Trends in Technology.New York,USA:ACM Press,2002:7-14. ［4］GIRLING C G.Covert Channels in LAN’s［J］.IEEE Transactions on Software Engineering,1987,13(2):292-296. ［5］LUO Xiapu,CHAN E W W,CHANG R K C.TCP Covert Timing Channels:Design and Detection［C］//Proceedings of IEEE International Conference on Dependable Systems & Networks with Ftcs & Dcc.Washington D.C.,USA:IEEE Press,2008:420-429. ［6］CABUK S,BRODLEY C E,SHIELDS C.IP Covert Timing Channels:Design and Detection［C］//Proceedings of the 11th ACM Conference on Computer and Communications Security.New York,USA:ACM Press,2004:178-187. ［7］SHAH G,MOLINA A,BLAZE M.Keyboards and Covert Channels［C］//Proceedings of Conference on USENIX Security Symposium.New York,USA:ACM Press,2006:59-75. ［8］邹昕光,金海军,郝克成,等.基于HTTP协议的参数排序通信隐藏算法［J］.计算机工程,2006,32(20):147-149. ［9］ZI Xiaochao,YAO Lihong,PAN Li,et al.Implementing a Passive Network Covert Timing Channel［J］.Computers & Security,2010,29(6):686-696. ［10］姚全珠,张鹏.基于数据包长度的网络隐蔽通道［J］.计算机工程,2008,34(3):183-185. ［11］钱玉文,李勇,王执铨.网络包长度隐蔽信道的建模与仿真［J］.系统仿真学报,2010,22(7):1773-1776. ［12］JI Liping,JIANG Wenhao,DAI Benyang,et al.A Novel Covert Channel Based on Length of Messages［C］//Proceedings of International Symposium on Information Engineering and Electronic Commerce.Washington D.C.,USA:IEEE Press,2009:551-554. ［13］OMAR S N,NGADI M A.DNS Request for Normal Minima Length Distribution Based on Reference Matrix［J］.Communications in Computer and Information Science,2011,251:248-258. ［14］NAIR A S,KUMAR A,SUR A,et al.Length Based Network Steganography Using UDP Protocol［C］//Proceedings of the 3rd International Conference on Communication Software and Networks.Washington D.C.,USA:IEEE Press,2011:726-730. ［15］王茗倩.基于数据流模型的长度式网络隐信道技术研究［D］.镇江:江苏科技大学,2014. 编辑顾逸斐

[1]	周伟枭, 蓝雯飞. 融合文本分类的多任务学习摘要模型[J]. 计算机工程, 2021, 47(4): 48-55.
[2]	沈国良, 翟江涛, 戴跃伟. 基于Markov模型的HTTP参数排序隐蔽信道检测方法[J]. 计算机工程, 2020, 46(2): 154-158,169.
[3]	邓雨欣, 唐彰国, 张健, 李焕洲. 基于MQTT协议命令分组编码的隐蔽信道研究[J]. 计算机工程, 2019, 45(11): 138-143.
[4]	袁健,王涛. 基于聚类分析的网络存储隐蔽信道检测算法[J]. 计算机工程, 2015, 41(9): 168-173.
[5]	邹昕光;金海军;郝克成;孙圣和. 基于HTTP协议的参数排序通信隐藏算法[J]. 计算机工程, 2006, 32(20): 147-149.

选择文件类型/文献管理软件名称

选择包含的内容

一种基于文件存储分布的隐蔽信道构造方法

A Construction Method of Covert Channel Based on File Storage Distribution

PDF

可视化

被引次数

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 5

编辑推荐

Metrics

本文评价

模态框（Modal）标题

选择文件类型/文献管理软件名称

选择包含的内容

一种基于文件存储分布的隐蔽信道构造方法

A Construction Method of Covert Channel Based on File Storage Distribution

PDF

可视化

被引次数

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 5

编辑推荐

Metrics

本文评价