Elements of information theory
Elements of information theory
A pump for rapid, reliable, secure communication
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
Proceedings of the 27th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A Practical Approach to Identifying Storage and Timing Channels: Twenty Years Later
ACSAC '02 Proceedings of the 18th Annual Computer Security Applications Conference
Proceedings of the 10th ACM conference on Computer and communications security
An information-theoretic model for steganography
Information and Computation
IP covert timing channels: design and detection
Proceedings of the 11th ACM conference on Computer and communications security
Tracking anonymous peer-to-peer VoIP calls on the internet
Proceedings of the 12th ACM conference on Computer and communications security
The Pump: A Decade of Covert Fun
ACSAC '05 Proceedings of the 21st Annual Computer Security Applications Conference
On the Secrecy of Timing-Based Active Watermarking Trace-Back Techniques
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15
Network covert channels: design, analysis, detection, and elimination
Network covert channels: design, analysis, detection, and elimination
Covert messaging through TCP timestamps
PET'02 Proceedings of the 2nd international conference on Privacy enhancing technologies
An information-theoretic and game-theoretic study of timing channels
IEEE Transactions on Information Theory
A security domain model to assess software for exploitable covert channels
Proceedings of the third ACM SIGPLAN workshop on Programming languages and analysis for security
Model-Based Covert Timing Channels: Automated Modeling and Evasion
RAID '08 Proceedings of the 11th international symposium on Recent Advances in Intrusion Detection
Measurement and classification of humans and bots in internet chat
SS'08 Proceedings of the 17th conference on Security symposium
Putting Trojans on the Horns of a Dilemma: Redundancy for Information Theft Detection
Transactions on Computational Science IV
Hide and seek in time: robust covert timing channels
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Predictive network anomaly detection and visualization
IEEE Transactions on Information Forensics and Security
Evading stepping-stone detection under the cloak of streaming media with SNEAK
Computer Networks: The International Journal of Computer and Telecommunications Networking
Predictive black-box mitigation of timing channels
Proceedings of the 17th ACM conference on Computer and communications security
Who is tweeting on Twitter: human, bot, or cyborg?
Proceedings of the 26th Annual Computer Security Applications Conference
Robust and undetectable steganographic timing channels for i.i.d. traffic
IH'10 Proceedings of the 12th international conference on Information hiding
Stealthier inter-packet timing covert channels
NETWORKING'11 Proceedings of the 10th international IFIP TC 6 conference on Networking - Volume Part I
Evaluating the transmission rate of covert timing channels in a network
Computer Networks: The International Journal of Computer and Telecommunications Networking
Quantitatively analyzing stealthy communication channels
ACNS'11 Proceedings of the 9th international conference on Applied cryptography and network security
CoCo: coding-based covert timing channels for network flows
IH'11 Proceedings of the 13th international conference on Information hiding
An exploration of L2 cache covert channels in virtualized environments
Proceedings of the 3rd ACM workshop on Cloud computing security workshop
Cirripede: circumvention infrastructure using router redirection with plausible deniability
Proceedings of the 18th ACM conference on Computer and communications security
Humans and bots in internet chat: measurement, analysis, and automated classification
IEEE/ACM Transactions on Networking (TON)
Leaving timing-channel fingerprints in hidden service log files
Digital Investigation: The International Journal of Digital Forensics & Incident Response
Detecting co-residency with active traffic analysis techniques
Proceedings of the 2012 ACM Workshop on Cloud computing security workshop
Blog or block: Detecting blog bots through behavioral biometrics
Computer Networks: The International Journal of Computer and Telecommunications Networking
Mimic: An active covert channel that evades regularity-based detection
Computer Networks: The International Journal of Computer and Telecommunications Networking
Quantifying and Classifying Covert Communications on Android
Mobile Networks and Applications
PHY covert channels: can you see the idles?
NSDI'14 Proceedings of the 11th USENIX Conference on Networked Systems Design and Implementation
| Hi-index | 0.00 |
The detection of covert timing channels is of increasing interest in light of recent practice on the exploitation of covert timing channels over the Internet. However, due to the high variation in legitimate network traffic, detecting covert timing channels is a challenging task. The existing detection schemes are ineffective to detect most of the covert timing channels known to the security community. In this paper, we introduce a new entropy-based approach to detecting various covert timing channels. Our new approach is based on the observation that the creation of a covert timing channel has certain effects on the entropy of the original process, and hence, a change in the entropy of a process provides a critical clue for covert timing channel detection. Exploiting this observation, we investigate the use of entropy and conditional entropy in detecting covert timing channels. Our experimental results show that our entropy-based approach is sensitive to the current covert timing channels, and is capable of detecting them in an accurate manner.