Towards Distributed Network Covert Channels Detection Using Data Mining-based Approach
Krzysztof Cabaj , Wojciech Mazurczyk , Piotr Nowakowski , Piotr Żórawski
AbstractCurrently, due to improvements in defensive systems network covert channels are increasingly drawing attention of cybercriminals and malware developers as they can provide stealthiness of the malicious communication and thus to bypass existing security solutions. On the other hand, the utilized data hiding methods are getting increasingly sophisticated as the attackers, in order to stay under the radar, distribute the covert data among many connections, protocols, etc. That is why, the detection of such threats becomes a pressing issue. In this paper we make an initial step in this direction by presenting a data mining-based detection of such advanced threats which relies on pattern discovery technique. The obtained, initial experimental results indicate that such solution has potential and should be further investigated.
|Publication size in sheets||0.5|
|Book||Doerr Christian, Schrittwieser Sebastian, Weippl Edgar (eds.): ARES 2018 Proceedings of the 13th International Conference on Availability, Reliability and Security, 2018, ACM, ISBN 978-1-4503-6448-5, 603 p.|
|project||Covert Communication Detection (CoCoDe). Project leader: Cabaj Krzysztof,
, Phone: +48 22 234 7711, start date 01-09-2017, planned end date 31-08-2020, II/2017/CoCoDe/1, Implemented
|Score|| = 15.0, 20-12-2018, BookChapterMatConf|
= 15.0, 20-12-2018, BookChapterMatConf
* presented citation count is obtained through Internet information analysis and it is close to the number calculated by the Publish or Perish system.