A Theory of Communicating Sequential Processes
Journal of the ACM (JACM)
Communicating sequential processes
Communications of the ACM
The Theory and Practice of Concurrency
The Theory and Practice of Concurrency
Concurrent and Real Time Systems: The CSP Approach
Concurrent and Real Time Systems: The CSP Approach
IEEE/ACM Transactions on Networking (TON)
Hiding Data in the OSI Network Model
Proceedings of the First International Workshop on Information Hiding
Eliminating Steganography in Internet Traffic with Active Wardens
IH '02 Revised Papers from the 5th International Workshop on Information Hiding
Network Based Detection of Passive Covert Channels in TCP/IP
LCN '05 Proceedings of the The IEEE Conference on Local Computer Networks 30th Anniversary
A Covert Channel Detection Algorithm Based on TCP Markov Model
MINES '10 Proceedings of the 2010 International Conference on Multimedia Information Networking and Security
An Entropy-Based Approach to Detecting Covert Timing Channels
IEEE Transactions on Dependable and Secure Computing
An asynchronous covert channel using spam
Computers & Mathematics with Applications
A Survey of Covert Channels and Countermeasures in Computer Network Protocols
IEEE Communications Surveys & Tutorials
Hi-index | 0.00 |
A network covert channel is a malicious conversation mechanism, which brings serious security threat to security-sensitive systems and is usually difficult to be detected. Data are hidden in the header fields of protocols in network covert storage channels. In this paper, a general detection model based on formal protocol analysis for identifying possible header fields in network protocols that may be used as covert storage channels is proposed. The protocol is modeled utilizing the Communication Sequential Processes (CSP), in which a modified property of header fields is defined and the header fields are classified into three types in accordance to the extent to which their content can be altered without impairing the communication. At last, verification of the model in Transmission Control Protocol (TCP) shows that the proposed method is effective and feasible.