Web Covert Timing Channel Detection based on Entropy

Q: How can I download an article?

To download an article from SID, first log in to the site, search for the article title, and click on the 'Download Article' option.

Q: How can I download an ISI article?

To download an ISI article on SID, enter the keyword or article title in the search bar, view the relevant results, click on the desired article, and select the 'Download Article' option.

Q: How can I access the SID database?

To access the SID database, visit SID.ir, create an account, and log in to access scientific resources.

Q: Is downloading articles from SID free?

Some articles on SID are available for free, while others require payment. Details are specified on the article's page.

Naserolfoghara M.; HAMIDI H.R.

مرکز اطلاعات علمی Scientific Information Database (SID) - Trusted Source for Research and Academic Resources

Journal Paper

Paper Information

Journal: JOURNAL OF ELECTRONIC AND CYBER DEFENCE Year:2020 | Volume:8 | Issue:3 (31) Page(s): 13-23

Download Full-Text

Persian Verion

View:

249

Download:

Cites:

Information Journal Paper

Title

Web Covert Timing Channel Detection based on Entropy

Author(s)

Naserolfoghara M. | HAMIDI H.R. | Issue Writer Certificate

Keywords

Information SecurityQ1

Convert ChannelQ1

Timing ChannelQ1

WEBQ1

EntropyQ1

Abstract

Regarding the general acceptance of the WEB, analyzing its weaknesses and vulnerabilities in order to find and face security attacks has become more urgent. In case there is a communication contrary to the system security policies, a covert channel has been created. The attacker can easily disclose information from the victim’ s system with just one public access permission. Covert Timing Channels, unlike covert storage channels, do not have memory storage and draw less attention. Different methods have been proposed for their identification, which generally benefit from the shape of traffic and the channel’ s regularity. The applicative nature of HTTP protocol allows the creation of a covert Timing Channel based on different features (or different levels) of this protocol, which has not been addressed in previous researches. In this article, the Entropy-based detection method was designed and implemented. The attacker can adjust the amount of channel Entropy by controlling measures such as changing the channel’ s level or creating noise on the channel to hide from the analyst’ s detection. As a result, the Entropy threshold is not always constant for detection. By comparing the Entropy from different levels of the channel and the analyst, we concluded that the analyst must investigate the traffic at all possible levels. We also illustrated that by making noise on the covert channel, although its capacity would decrease, but as the Entropy has increased, the attacker would have more difficulty in its detection.

Cites

No record.

References

No record.

Cite

APA: Copy

Naserolfoghara, M., & HAMIDI, H.R.. (2020). Web Covert Timing Channel Detection based on Entropy. JOURNAL OF ELECTRONIC AND CYBER DEFENCE, 8(3 (31) ), 13-23. SID. https://sid.ir/paper/387113/en

Vancouver: Copy

Naserolfoghara M., HAMIDI H.R.. Web Covert Timing Channel Detection based on Entropy. JOURNAL OF ELECTRONIC AND CYBER DEFENCE[Internet]. 2020;8(3 (31) ):13-23. Available from: https://sid.ir/paper/387113/en

IEEE: Copy

M. Naserolfoghara, and H.R. HAMIDI, “Web Covert Timing Channel Detection based on Entropy,” JOURNAL OF ELECTRONIC AND CYBER DEFENCE, vol. 8, no. 3 (31) , pp. 13–23, 2020, [Online]. Available: https://sid.ir/paper/387113/en

Related Journal Papers

No record.

Related Seminar Papers

No record.

Related Plans

No record.

Recommended Workshops