HomeAboutSolutionsTechnologyCareersNews & EventsContact Us


 

Talk Topic: Network Covert Channels
Carla Brodley, Tufts University
February 13, 2007

Abstract
Indirect communication channels have been effectively employed in the communications world to bypass mechanisms that do not permit direct communication between unauthorized parties. Such covert channels emerge as a threat to information-sensitive systems in which leakage to unauthorized parties may be unacceptable. In this talk, we present several IP-based covert channels and methods for detecting or rate limiting them. We first illustrate that traffic analysis can counter traditional event-based IP covert channels, which do not employ any additional scheme to obfuscate the channel. We then introduce a new family of covert channels, which transmit covert messages by adjusting packet timings consistent with inter-arrival time sequences that are extracts from recently recorded normal sequences. Under certain assumptions and lowered data rates, these "time-replay" covert channels generate output sequences that are sufficiently similar to normal sequences, allowing them to by-pass traffic anomaly detection schemes that are based on distribution analysis. Additionally, we illustrate that time-replay channels can potentially survive channel elimination schemes such as jammers and network data pumps with lowered data rates. Thus, we discuss two types of transformations on packet inter-arrival times to increase the efficacy of existing elimination schemes.

Bio
Carla E. Brodley is a professor in the Department of Computer Science at Tufts University. She received her PhD in computer science from the University of Massachusetts, at Amherst in 1994. From 1994-2004, she was on the faculty of the School of Electrical Engineering at Purdue University, West Lafayette, Indiana. Professor Brodley's research interests include machine learning, data mining and computer security. She has worked in the areas of intrusion detection, anomaly detection in networks, hardware support for security, classifier formation, unsupervised learning and applications of machine learning to remote sensing, computer security, digital libraries, astrophysics, chemistry and content-based image retrieval of medical images. She was a member of the 2004/2005 Defense Science Study Group. In 2001 she served as program co-chair for the International Conference on Machine Learning (ICML) and in 2004, she served as the general chair for ICML. Currently she is an associate editor of Computers and Security and the Machine Learning Journal. She is a member of the Computing Research Association's Committee on the Status of Women in Computing Research (CRA-W).
 
  Contact Us


See all jobs		  

 

Home    |    About    |    Products    |    Technology    |    Careers    |    News & Events    |    Contact

Copyright 2008 - ITA Software    |    Site Map   |    Privacy Policy    |    Acknowledgements   |   Terms of Use