A Study on the Covert Channel Detection of TCP/IP Header Using Support Vector Machine

Taeshik Sohn, JungTaek Seo and Jongsub Moon

View Related Documents

Book Chapter
Covert Channel Detection in the ICMP Payload Using Support Vector Machine
Taeshik Sohn, Jongsub Moon, Sangjin Lee, Dong Hoon Lee and Jongin Lim
Lecture Notes in Computer Science, 2003, Volume 2869, Computer and Information Sciences - ISCIS 2003, Pages 828-835
- Download PDF (139.0 KB)
Book Chapter
Support Vector Machine Based ICMP Covert Channel Attack Detection
Taeshik Sohn, Taewoo Noh and Jongsub Moon
Lecture Notes in Computer Science, 2003, Volume 2776, Computer Network Security, Pages 461-464
- Download PDF (93.2 KB)
Book Chapter
Basic Operating System and TCP/IP Concepts
2007, Practical Internet Security, Part V, Pages 185-192
- Download PDF (80.2 KB)
Book Chapter
Embedding Covert Channels into TCP/IP
Steven J. Murdoch and Stephen Lewis
Lecture Notes in Computer Science, 2005, Volume 3727, Information Hiding, Pages 247-261
- Download PDF (420.3 KB)
Book Chapter
Eliminating Steganography in Internet Traffic with Active Wardens
Gina Fisk, Mike Fisk, Christos Papadopoulos and Joshua Neil
Lecture Notes in Computer Science, 2003, Volume 2578, Information Hiding, Pages 18-35
- Download PDF (226.2 KB)
Book Chapter
Covert Messaging through TCP Timestamps
John Giffin, Rachel Greenstadt, Peter Litwack and Richard Tibbetts
Lecture Notes in Computer Science, 2003, Volume 2482, Privacy Enhancing Technologies, Pages 189-193
- Download PDF (227.4 KB)
Book Chapter
Ensuring Immediate Processing of Real-Time Packets at Kernel Level
Jeong Seob Kim, Dae Sung Lee, Ki Chang Kim and Jae Hyun Park
Lecture Notes in Computer Science, 2006, Volume 4331, Frontiers of High Performance Computing and Networking – ISPA 2006 Workshops, Pages 738-747
- Download PDF (439.5 KB)
Book Chapter
Achieving 10Gbps Network Processing: Are We There Yet?
Priya Govindarajan, Srihari Makineni, Donald Newell, Ravi Iyer and Ram Huggahalli, et al.
Lecture Notes in Computer Science, 2008, Volume 5374, High Performance Computing - HiPC 2008, Pages 518-528
- Download PDF (398.5 KB)
Book Chapter
Internet communication Protocols
Charles Shoniregun
Advances in Information Security, 1, Volume 34, Synchronizing Internet Protocol Security (SIPSec), Pages 31-74
- Download PDF (841.8 KB)
Book Chapter
An Efficient Probabilistic Packet Marking Scheme (NOD-PPM)
Huifang Yin and Jun Li
Lecture Notes in Computer Science, 2006, Volume 4176, Information Security, Pages 373-382
- Download PDF (364.7 KB)

Abstract

Nowadays, threats of information security have become a big issue in internet environments. Various security solutions are used as such problems’ countermeasure; IDS, Firewall and VPN. However, a TCP/IP protocol based Internet basically has great vulnerability of protocol itself. It is especially possible to establish a covert channel using TCP/IP header fields such as identification, sequence number, acknowledgement number, timestamp and so on [3]. In this paper, we focus on the covert channels using identification field of IP header and the sequence number field of TCP header. To detect such covert channels, our approach uses a Support Vector Machine which has excellent performance in pattern classification problems. Our experiments showed that the proposed method could discern the abnormal cases(including covert channels) from normal TCP/IP traffic using a Support Vector Machine.

Keywords Intrusion detection - covert channel - support vector machine - TCP/IP protocol security

This research is supported by Korea University Grant

Fulltext Preview

Image of the first page of the fulltext document

Frequently asked questions General info on journals and books Send us your feedback Impressum Contact us

SpringerLink

A Study on the Covert Channel Detection of TCP/IP Header Using Support Vector Machine

View Related Documents

Abstract

Fulltext Preview