Intrusion detection systems and multisensor data fusion
Communications of the ACM
A note on the confinement problem
Communications of the ACM
Covert Channels in LAN Protocols
LANSEC '89 Proceedings on the Workshop for European Institute for System Security on Local Area Network Security
Hiding Data in the OSI Network Model
Proceedings of the First International Workshop on Information Hiding
Malicious ICMP tunneling: defense against the vulnerability
ACISP'03 Proceedings of the 8th Australasian conference on Information security and privacy
Covert messaging through TCP timestamps
PET'02 Proceedings of the 2nd international conference on Privacy enhancing technologies
Embedding covert channels into TCP/IP
IH'05 Proceedings of the 7th international conference on Information Hiding
Hi-index | 0.00 |
In a Communication network, an advanced security system should include three security processes, namely a packet filter (Firewall), an Intrusion Detection System (IDS), and a Covert Channels Detection System (CCDS). The Firewall filters the incoming and outgoing network traffic. The IDS detects and stops attacks, such as Denial of Service (DoS) attacks. Covert channels allow individuals to communicate undetectable and exchange hidden information. A CCDS detects and stops covert channels. However, till now, security systems do not include dedicated processes for covert channel detection. In this paper we propose an optimized order regarding the execution of the three processes, and evaluate the system's performance when the LAN network is under different types of attacks. The results show that the proposed order enhances the processing time performance of the system.