## Towards Distributed Network Covert Channels Detection Using Data Mining-based Approach

### Krzysztof Cabaj , Wojciech Mazurczyk , Piotr Nowakowski , Piotr Żórawski

#### Abstract

Currently, due to improvements in defensive systems network covert channels are increasingly drawing attention of cybercriminals and malware developers as they can provide stealthiness of the malicious communication and thus to bypass existing security solutions. On the other hand, the utilized data hiding methods are getting increasingly sophisticated as the attackers, in order to stay under the radar, distribute the covert data among many connections, protocols, etc. That is why, the detection of such threats becomes a pressing issue. In this paper we make an initial step in this direction by presenting a data mining-based detection of such advanced threats which relies on pattern discovery technique. The obtained, initial experimental results indicate that such solution has potential and should be further investigated.
Author
Pages1-10
Publication size in sheets0.5
Book Doerr Christian, Schrittwieser Sebastian, Weippl Edgar (eds.): ARES 2018 Proceedings of the 13th International Conference on Availability, Reliability and Security, 2018, ACM, ISBN 978-1-4503-6448-5, 603 p.
DOIDOI:10.1145/3230833.3233264
URL https://dl.acm.org/citation.cfm?doid=3230833.3233264
projectCovert Communication Detection (CoCoDe). Project leader: Cabaj Krzysztof, , Phone: +48 22 234 7711, start date 01-09-2017, planned end date 31-08-2020, II/2017/CoCoDe/1, Implemented
WEiTI
Languageen angielski
File
 paper_267[9349].pdf 1.13 MB
Score (nominal)15
ScoreMinisterial score = 15.0, 13-09-2018, BookChapterMatConf
Ministerial score (2013-2016) = 15.0, 13-09-2018, BookChapterMatConf
Citation count*
Cite