Browse By Repository:

 
 
 
   

Information detection with covert channel

Noorashid, Nurul Fazreen (2017) Information detection with covert channel. Project Report. Universiti Teknikal Malaysia Melaka, Melaka, Malaysia. (Submitted)

[img] Text (24 Pages)
Information detection with covert channel.pdf - Submitted Version
Download (677kB)
[img] Text (Full Text)
Information detection with covert channel.pdf - Submitted Version
Restricted to Registered users only
Download (3MB)

Abstract

The term covert channel was first introduced by Lampson and designates an information flow that violates a system‘s security policy. In a system, this policy can define who is allowed to communicate with whom, through which channels, and forbid all exchanges other than these legitimate ones. A covert channel is a misuse use of a system by two legal users. These users have access to system‘s functionalities, but use them in a way that bypasses the security policy (for instance to create a communication channel between two users that are not allowed to communicate usually the user is in different privilege, or to pass information between authorized users without paying for it, etc.). One usual assumption is that both corrupted users know perfectly the system, and have agreed on a particular use of the functionalities to encode and decode information. The problem statements are user might not have any knowledge about what is covert channel, user are exposed to malicious data that is embedded in network, it is difficult to identify the culprit that involved in covert communication channel and covert channel can result to exploitation of communication channel to transfer information in manner that is violates the system security policy. The objectives in this project are to study and describe what covert channel is, develop rules that can detect covert channel in network and test the rules in the IDS system rules. Methodology used in this project is incremental model and the project contribution for this project is comparing the normal tcp/ip header with the tcp/ip header which contain covert message. From that a rules can be created on detecting covert channel in TCP/IP by using snort program.

Item Type: Final Year Project (Project Report)
Uncontrolled Keywords: Covert channel, Information flow, System security policy
Subjects: T Technology > T Technology (General)
T Technology > TK Electrical engineering. Electronics Nuclear engineering
Divisions: Library > Final Year Project > FTMK
Depositing User: Norfaradilla Idayu Ab. Ghafar
Date Deposited: 14 May 2024 07:54
Last Modified: 14 May 2024 07:54
URI: http://digitalcollection.utem.edu.my/id/eprint/31618

Actions (login required)

View Item View Item
Download Statistics

Downloads

Downloads per month over past year
 
UNIVERSITI TEKNIKAL MALAYSIA MELAKA DIGITAL COLLECTION is powered by EPrints 3 which is developed by the School of Electronics and Computer Science at the University of Southampton. More information and software credits.