期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

复杂网络隐蔽信道的检测算法研究 被引量:2

Study on Detection Algorithm of Complicated Covert Channel
原文传递
导出
摘要 为解决某一种隐蔽信道检测算法只能检测某种特定的隐蔽信道而无法检测其它种类隐蔽信道的问题,分析了隐蔽信道的工作方式、数据特征,提出了基于密度聚类的隐蔽信道检测算法。该算法不但能够检测出不同种类的隐蔽信道,也可以检测出这些隐蔽信道合成的复杂隐蔽信道。构建了复杂隐蔽信道的仿真系统,并进行了隐蔽信道检测实验。检测结果表明:在噪声低于20%的环境中,该算法可以快速、准确地检测到复杂隐蔽信道。 To solve the problem that different kinds of covert channels can not be detected by a particular detection algorithm,the working mode and characters of covert channel were analyzed,and then the detection algorithm based on density cluster was proposed.The algorithm could find not only different kinds of single covert channels but also complicated covert channels which were composed of several kinds of covert channels.In the simulation system,a complicated covert channel composed by five kinds of covert channels was implemented.The algorithm was used to detect the complicated covert channel.The detection results show that the algorithm can work well even the noise in the channel was about 20%.
作者 钱玉文 王飞 孔建寿
机构地区 r南京理工大学自动化学院
出处 《系统仿真学报》 CAS CSCD 北大核心 2012年第4期825-829,836,共6页 Journal of System Simulation
基金 国家自然科学基金(60974129,70931002) 江苏省自然科学基金(BK2009388)
关键词 计算机网络 网络安全 隐写 隐蔽信道 聚类 computer network network security steganography covert channel cluster
分类号 TP393 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献13

  • 1Lampson B W.A note on the confinement problem[J].Communications of the ACM(S0001-0782),1973,16(10):613-115.
  • 2Helouet L,Jard C Zeitoun.Covert channels detection in protocolsusing scenarios[C]//Security Protocols Verification,Berlin,Germany.USA:IEEE,2003:21-25.
  • 3Cabuk S,Brodley C,Shields C.IP covert timing channels:Designand detection[C]//Computer and Communications SecurityWashington,USA.USA:ACM,2004.
  • 4T Sohn,J Moon,S Lee,D H Lee,J Lim.Covert channel detectionin the ICMP payload using support vector machine[C]//ISCIS,Antalya,Turkey.USA:IEEE,2003:828-835.
  • 5Cabuk S.Network Covert Channels:Design,Analysis,Detection,and Elimination[D].West Lafayette,USA:Purdue University,December 2006.
  • 6钱玉文,王飞,孔建寿,王执铨.基于多智能体的网络信息隐藏系统研究[J].南京理工大学学报,2009,33(3):302-306. 被引量:2
  • 7王飞,钱玉文,王执铨.基于无监督聚类算法的入侵检测[J].南京理工大学学报,2009,33(3):288-292. 被引量:8
  • 8丛蓉,王秀坤,李进军,杨南海.基于层次和密度聚类分析的航迹关联算法[J].系统仿真学报,2005,17(4):841-843. 被引量:7
  • 9I S Moskowitz,M H Kang.Covert Channels Here to Stay?[M].Gaithersburg,MD,USA:Computer Assurance,1994:235-243.
  • 10杨智丹,刘克胜,王康,汪松鹤.基于IP报头选项的网络隐蔽通道技术[J].计算机工程,2009,35(13):125-127. 被引量:6

二级参考文献31

  • 1徐杰锋.基于TCP/IP协议的网络隐蔽通道研究[J].北京邮电大学学报,2003,26(z1):144-150. 被引量:4
  • 2马祺,戴浩,赵新昱,赵鹏.运用跳端口技术进行信息隐藏[J].计算机工程与设计,2007,28(4):849-851. 被引量:20
  • 3李明欣,佘堃.基于NDIS中间驱动的入侵检测[J].计算机工程与设计,2007,28(1):51-52. 被引量:5
  • 4王会华,李宝平.m序列发生器的设计与实现[J].北京电子科技学院学报,2007,15(2):58-61. 被引量:32
  • 5Ilgun K,Kemmerer R A,Porras P A.State transition analysis:A rule-basedintrusion detection system[J].IEEE Transactions on Software Engineering,1995,21(3):181-199.
  • 6Portnoy L,Eskin E,Stolfo S J.Intrusion detection with unlabeled data using clustering[A].Proceedings of ACM CSS Workshop on Data Mining Applied to Security(DMSA-2001)[C].Philadelphia,PA,USA:ACM,2001.1-14.
  • 7Jiang Sh Y,Song X Y,Wang H,et al.A clustering-based method for unsupervised intrusion detections[J].Pattern Recognition Letters,2006,27(7):802-810.
  • 8KDD Cup 1999.KDD dataset[EB/OL].http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html,1999-10-28.
  • 9Barbara D,Jajodia S.Applications of data mining in computer security[M].Norwell,MA,USA:Kluwer academic publish,2002.77-102.
  • 10Ahsan K,Kundur D.Practical data hiding in TCP/IP[A].ACM WKSP Multimedia[C].Juan-les-Pins,France:ACM,2002.7-14.

共引文献19

同被引文献5

引证文献2

二级引证文献11

系统仿真学报
2012年 第4期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部