Research On Network Covert Timing Channels Based On Frequency Domain

A large amount of data should be transm itted via networks because of the widespread application of com puter network technolo gy, making the security of inform ation transmission a very im portant issue to be solved urgently. As a way of secret information transmission, network covert channels have the ability of transmitting secret message safely and efficiently. Network stega nography has received widespread attention in the field of information security since their proposal.As a kind of network covert channels, cove rt timing channels have a high degree of invisibility by transm itting secret message in th e inter packet delay s of the overt traf fic. After a thorough research on covert tim ing channels, a data generation platform of covert channels is constructed in this paper. Two typical detection algorithms are studied and implemented. The existing covert tim ing channels have som e shortage in security, that’s why a covert tim ing channel based on frequency dom ain is proposed in this paper. The validity of the proposed scheme is verified. The main contents are as follows:(1)The existing covert tim ing channels have been analyzed and summarized. T wo typical covert tim ing channels, Jitterbug and C TCDM, have been studied and analyzed respectively. A data generation platform of covert channels has been constructed to provide data to subsequent experiments.(2)Two detection algorithm s of covert tim ing channels — IPD distribution-based detection algorithm and entropy-based detectio n algorithm are designed and im plemented respectively. Jitterbug and CTCDM are detect ed by these two detection m ethods and the results indicates that the invisibility of these two covert channels need to be improved.(3)A new covert tim ing channel based on frequency dom ain is proposed in this thesis to improve invisibility. The se cret message is inser ted into the DCT domain of the in ter packet delays. Experim ental results show th at it can e ffectively resist detection and interference, presenting comparatively better invisibility and stronger robustness.(4)In order to improve capacity of the DCT-based covert timing channel while keeping the invisibility, an embedding method of two-dimensional DCT is further discussed in this paper. Experimental results prove that 2-d DCT-based covert tim ing channel is able to improve capacity while keeping invisibility.Finally, the whole paper is concluded. The dr awbacks in the research are pointed o ut and the future research work is envisioned.