Abstract
The authors introduce a technique for detecting covert storage channels using a tree structure called a covert flow tree (CFT). CFTs are used to perform systematic searches for operation sequences that allow information to be relayed through attributes and eventually detected by a listening process. When traversed, the paths of a CFT yield a comprehensive list of operation sequences which support communication via a particular resource attribute. These operation sequences are then analyzed and either discharged as benign or determined to be covert communication channels. Algorithms for automating the construction of CFTs and potential covert channel operation sequences are presented. To illustrate this technique, two example systems are analyzed and their results compared to two currently accepted analysis techniques performed on identical systems. This comparison shows that the CFT approach not only identified all covert storage channels found by the other analysis techniques, but discovered a channel not detected by the other techniques. >
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
