期刊名称:International Journal of Network Security & Its Applications
印刷版ISSN:0975-2307
电子版ISSN:0974-9330
出版年度:2013
卷号:5
期号:6
DOI:10.5121/ijnsa.2013.560555
出版社:Academy & Industry Research Collaboration Center (AIRCC)
摘要:Computer network is unpredictable due to information warfareand is prone to various attacks. Such attacks on network compromiseson the most important attribute, the privacy. Most of such attacksare devised using special communication channel called \Covert Channel".The word \Covert" stands for hidden or non-transparent.Network Covert Channel is concealed communication paths within legitimatenetwork communication that clearly violates security policies laiddown. Non-transparency in covert channel is also referred to as trapdoor.A trapdoor is unintended design within legitimate communication whosemotto is leak information. Subliminal channel, a variant of covert channelworks similarly as network covert channel except that trapdoor is setin cryptographic algorithm. A composition of covert channel with subliminalchannel is the \Hybrid Covert Channel". Hybrid covert channelis the homogeneous or heterogeneous mixture of two or more variantsof covert channel either active at same instance or at different instanceof time. Detecting such malicious channel activity plays a vital role inremoving threat to legitimate network.In this paper, we introduce new detection engine for hybrid covert channelin transport layer visualized in TCP and SSL. A setup made onexperimental test bed (DE-HCC9) in RD Lab of our department. Thepurpose of this study is to introduce few performance metrics to evaluatedetection engine and also to understand the multi-trapdoor natureof covert channel
