Based Network Covert Channel For Packet Classification

Network covert channel is a branch of information hiding technology and it belongs to network security research. Covert channel violates security rules and leak information imperceptibly.The combination of Trojan horse and covert channel has made a serious threat to network information security that traditional security technology based on encryption cann't conquer.It has been an important area to figure out the mechanism of network covert channels and their counter measures.Many researchers have been studying how to construct network covert channels and their counter measures since they were introduced. From current research status, the basic methods to construct network covert channels are exploiting packets head, packets sorting and packets time etc. And there are also other ways of exploiting the third part resources. There is little complete design of covert communication systems.Even though there are some ways to eliminate, limit or audit network covert channels, there are little practical and effective systems so far.This dissertation firstly introduced correlative conceptions of network covert channel, including its definition,classification, mechanism and some parameters,and then the current research status is introduced. After the analysis of exsited ways to construct network covert channels, we offer a new way - packets classification, which is based on the analysis of composition of communication systems.We expatiate on the basic idea,communication process and the algorithm of information hiding based on packets classification. We offer a new way to classify network covert channels based on our analysis. And then we designed a reliable network covert communication system model.To concern with the unreliability,we offer two synchronization control ways and analyze correlative channel capacity with Shannon information theory as well as channel reliability and concealment.Finally,we implement a network covert channel based on packets classification exploiting ICMP and construct a simple covert communication system based on our model on Windows platform.The experiments and analysis indicate that covert channels based on packets classification are workable and effective,and their harmness to network information security cann't be ignored.