Computer Science – Learning
Scientific paper
2011-04-27
Computer Science
Learning
Scientific paper
In this paper we present methods for attacking and defending $k$-gram statistical analysis techniques that are used, for example, in network traffic analysis and covert channel detection. The main new result is our demonstration of how to use a behavior's or process' $k$-order statistics to build a stochastic process that has those same $k$-order stationary statistics but possesses different, deliberately designed, $(k+1)$-order statistics if desired. Such a model realizes a "complexification" of the process or behavior which a defender can use to monitor whether an attacker is shaping the behavior. By deliberately introducing designed $(k+1)$-order behaviors, the defender can check to see if those behaviors are present in the data. We also develop constructs for source codes that respect the $k$-order statistics of a process while encoding covert information. One fundamental consequence of these results is that certain types of behavior analyses techniques come down to an {\em arms race} in the sense that the advantage goes to the party that has more computing resources applied to the problem.
Crespi Valentino
Cybenko George
Giani Annarita
No associations
LandOfFree
Attacking and Defending Covert Channels and Behavioral Models does not yet have a rating. At this time, there are no reviews or comments for this scientific paper.
If you have personal experience with Attacking and Defending Covert Channels and Behavioral Models, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Attacking and Defending Covert Channels and Behavioral Models will most certainly appreciate the feedback.
Profile ID: LFWR-SCP-O-475068