Information Science and Applications (ICISA) 2016. Epishkina, A., Finoshin, M., & Kogos, K. Lecture Notes in Electrical Engineering, 376:641-650, 2016. ![Information Science and Applications (ICISA) 2016 [link]](https://bibbase.org/img/filetypes/link.svg "link")
Website abstract bibtex Almost all modern computer networks are based on TCP/IP protocol suite. However, structure features of IP allow constructing covert channels with high capacity using modification of inter-packets delays, packets’ header fields and packets lengths. A technique to eliminate such channels is traffic normalization which means sending packets with equal lengths and fixed header fields with equal inter-packets delays that leads to significant decreasing of efficient communication channels capacity and missing of functional capabilities of network protocols. Another way to counteract covert channel is to detect an active channel. Nevertheless, an attacker can reduce the covert channel capacity purposely to make it undetectable. We investigate on/off covert channel and give recommendations to choose the parameters of ε-similarity detection method with specified threshold values of covert channels capacity.
@article{
title = {Information Science and Applications (ICISA) 2016},
type = {article},
year = {2016},
identifiers = {[object Object]},
keywords = {Capacity,Dummy packet,Network covert channels,Packet length,Transfer rate,ε-similarity},
pages = {641-650},
volume = {376},
websites = {http://www.scopus.com/inward/record.url?eid=2-s2.0-84959162811&partnerID=tZOtx3y1},
id = {02e1f814-9854-319e-b866-0c06fdb8b584},
created = {2020-02-05T01:22:59.498Z},
accessed = {2020-02-04},
file_attached = {false},
profile_id = {66be748e-b1e3-36e1-95e1-5830d0ccc3ca},
group_id = {ed1fa25d-c56b-3067-962d-9d08ff49394c},
last_modified = {2020-02-05T01:22:59.864Z},
read = {false},
starred = {false},
authored = {false},
confirmed = {false},
hidden = {false},
folder_uuids = {c2955262-615e-4e71-ba11-ca23b3748d20},
private_publication = {false},
abstract = {Almost all modern computer networks are based on TCP/IP protocol suite. However, structure features of IP allow constructing covert channels with high capacity using modification of inter-packets delays, packets’ header fields and packets lengths. A technique to eliminate such channels is traffic normalization which means sending packets with equal lengths and fixed header fields with equal inter-packets delays that leads to significant decreasing of efficient communication channels capacity and missing of functional capabilities of network protocols. Another way to counteract covert channel is to detect an active channel. Nevertheless, an attacker can reduce the covert channel capacity purposely to make it undetectable. We investigate on/off covert channel and give recommendations to choose the parameters of ε-similarity detection method with specified threshold values of covert channels capacity.},
bibtype = {article},
author = {Epishkina, Anna and Finoshin, Mikhail and Kogos, Konstantin},
journal = {Lecture Notes in Electrical Engineering}
}
Downloads: 0
{"_id":"4gFRCCEDhK9unNaFF","bibbaseid":"epishkina-finoshin-kogos-informationscienceandapplicationsicisa2016-2016","authorIDs":[],"author_short":["Epishkina, A.","Finoshin, M.","Kogos, K."],"bibdata":{"title":"Information Science and Applications (ICISA) 2016","type":"article","year":"2016","identifiers":"[object Object]","keywords":"Capacity,Dummy packet,Network covert channels,Packet length,Transfer rate,ε-similarity","pages":"641-650","volume":"376","websites":"http://www.scopus.com/inward/record.url?eid=2-s2.0-84959162811&partnerID=tZOtx3y1","id":"02e1f814-9854-319e-b866-0c06fdb8b584","created":"2020-02-05T01:22:59.498Z","accessed":"2020-02-04","file_attached":false,"profile_id":"66be748e-b1e3-36e1-95e1-5830d0ccc3ca","group_id":"ed1fa25d-c56b-3067-962d-9d08ff49394c","last_modified":"2020-02-05T01:22:59.864Z","read":false,"starred":false,"authored":false,"confirmed":false,"hidden":false,"folder_uuids":"c2955262-615e-4e71-ba11-ca23b3748d20","private_publication":false,"abstract":"Almost all modern computer networks are based on TCP/IP protocol suite. However, structure features of IP allow constructing covert channels with high capacity using modification of inter-packets delays, packets’ header fields and packets lengths. A technique to eliminate such channels is traffic normalization which means sending packets with equal lengths and fixed header fields with equal inter-packets delays that leads to significant decreasing of efficient communication channels capacity and missing of functional capabilities of network protocols. Another way to counteract covert channel is to detect an active channel. Nevertheless, an attacker can reduce the covert channel capacity purposely to make it undetectable. We investigate on/off covert channel and give recommendations to choose the parameters of ε-similarity detection method with specified threshold values of covert channels capacity.","bibtype":"article","author":"Epishkina, Anna and Finoshin, Mikhail and Kogos, Konstantin","journal":"Lecture Notes in Electrical Engineering","bibtex":"@article{\n title = {Information Science and Applications (ICISA) 2016},\n type = {article},\n year = {2016},\n identifiers = {[object Object]},\n keywords = {Capacity,Dummy packet,Network covert channels,Packet length,Transfer rate,ε-similarity},\n pages = {641-650},\n volume = {376},\n websites = {http://www.scopus.com/inward/record.url?eid=2-s2.0-84959162811&partnerID=tZOtx3y1},\n id = {02e1f814-9854-319e-b866-0c06fdb8b584},\n created = {2020-02-05T01:22:59.498Z},\n accessed = {2020-02-04},\n file_attached = {false},\n profile_id = {66be748e-b1e3-36e1-95e1-5830d0ccc3ca},\n group_id = {ed1fa25d-c56b-3067-962d-9d08ff49394c},\n last_modified = {2020-02-05T01:22:59.864Z},\n read = {false},\n starred = {false},\n authored = {false},\n confirmed = {false},\n hidden = {false},\n folder_uuids = {c2955262-615e-4e71-ba11-ca23b3748d20},\n private_publication = {false},\n abstract = {Almost all modern computer networks are based on TCP/IP protocol suite. However, structure features of IP allow constructing covert channels with high capacity using modification of inter-packets delays, packets’ header fields and packets lengths. A technique to eliminate such channels is traffic normalization which means sending packets with equal lengths and fixed header fields with equal inter-packets delays that leads to significant decreasing of efficient communication channels capacity and missing of functional capabilities of network protocols. Another way to counteract covert channel is to detect an active channel. Nevertheless, an attacker can reduce the covert channel capacity purposely to make it undetectable. We investigate on/off covert channel and give recommendations to choose the parameters of ε-similarity detection method with specified threshold values of covert channels capacity.},\n bibtype = {article},\n author = {Epishkina, Anna and Finoshin, Mikhail and Kogos, Konstantin},\n journal = {Lecture Notes in Electrical Engineering}\n}","author_short":["Epishkina, A.","Finoshin, M.","Kogos, K."],"urls":{"Website":"http://www.scopus.com/inward/record.url?eid=2-s2.0-84959162811&partnerID=tZOtx3y1"},"bibbaseid":"epishkina-finoshin-kogos-informationscienceandapplicationsicisa2016-2016","role":"author","keyword":["Capacity","Dummy packet","Network covert channels","Packet length","Transfer rate","ε-similarity"],"downloads":0,"html":""},"bibtype":"article","creationDate":"2020-02-06T23:40:07.479Z","downloads":0,"keywords":["capacity","dummy packet","network covert channels","packet length","transfer rate","ε-similarity"],"search_terms":["information","science","applications","icisa","2016","epishkina","finoshin","kogos"],"title":"Information Science and Applications (ICISA) 2016","year":2016}