Covert Timing Channel Analysis Either as Cyber Attacks or Confidential Applications

Covert timing channels are an important alternative for transmitting information in the world of the Internet of Things (IoT). In covert timing channels data are encoded in inter-arrival times between consecutive packets based on modifying the transmission time of legitimate traffic. Typically, the modification of time takes place by delaying the transmitted packets on the sender side. A key aspect in covert timing channels is to find the threshold of packet delay that can accurately distinguish covert traffic from legitimate traffic. Based on that we can assess the level of dangerous of security threats or the quality of transferred sensitive information secretly. In this paper, we study the inter-arrival time behavior of covert timing channels in two different network configurations based on statistical metrics, in addition we investigate the packet delaying threshold value. Our experiments show that the threshold is approximately equal to or greater than double the mean of legitimate inter-arrival times. In this case covert timing channels become detectable as strong anomalies.

Download Full-text

IP covert timing channels

Proceedings of the 11th ACM conference on Computer and communications security - CCS '04 ◽

10.1145/1030083.1030108 ◽

2004 ◽

Cited By ~ 164

Author(s):

Serdar Cabuk ◽

Carla E. Brodley ◽

Clay Shields

Keyword(s):

Timing Channels ◽

Covert Timing Channels

Download Full-text

Anonymization Based on Improved Bucketization (AIB): A Privacy-Preserving Data Publishing Technique for Improving Data Utility in Healthcare Data

Journal of Medical Imaging and Health Informatics ◽

10.1166/jmihi.2021.3901 ◽

2021 ◽

Vol 11 (12) ◽

pp. 3164-3173

Author(s):

R. Indhumathi ◽

S. Sathiya Devi

Keyword(s):

Medical Information ◽

Threshold Value ◽

Privacy Preserving ◽

Data Publishing ◽

Published Data ◽

Sensitive Information ◽

Data Utility ◽

Healthcare Data ◽

Privacy Preserving Data Publishing ◽

Horizontal Partitioning

Data sharing is essential in present biomedical research. A large quantity of medical information is gathered and for different objectives of analysis and study. Because of its large collection, anonymity is essential. Thus, it is quite important to preserve privacy and prevent leakage of sensitive information of patients. Most of the Anonymization methods such as generalisation, suppression and perturbation are proposed to overcome the information leak which degrades the utility of the collected data. During data sanitization, the utility is automatically diminished. Privacy Preserving Data Publishing faces the main drawback of maintaining tradeoff between privacy and data utility. To address this issue, an efficient algorithm called Anonymization based on Improved Bucketization (AIB) is proposed, which increases the utility of published data while maintaining privacy. The Bucketization technique is used in this paper with the intervention of the clustering method. The proposed work is divided into three stages: (i) Vertical and Horizontal partitioning (ii) Assigning Sensitive index to attributes in the cluster (iii) Verifying each cluster against privacy threshold (iv) Examining for privacy breach in Quasi Identifier (QI). To increase the utility of published data, the threshold value is determined based on the distribution of elements in each attribute, and the anonymization method is applied only to the specific QI element. As a result, the data utility has been improved. Finally, the evaluation results validated the design of paper and demonstrated that our design is effective in improving data utility.

Download Full-text

Smishing Detection: Using Artificial Intelligence

International Journal for Research in Applied Science and Engineering Technology ◽

10.22214/ijraset.2021.37737 ◽

2021 ◽

Vol 9 (8) ◽

pp. 2218-2224

Author(s):

Samyak Sadanand Shravasti

Keyword(s):

Artificial Intelligence ◽

Short Message Service ◽

Personal Information ◽

Critical Issue ◽

Cyber Attacks ◽

Sensitive Information ◽

Short Message ◽

Proposed Model ◽

Message Service ◽

A Company

Abstract: Phishing occurs when people's personal information is stolen via email, phone, or text communications. In Smishing Short Message Service (SMS) is used for cyber-attacks, Smishing is a type of theft of sensitive information. People are more likely to give personal information such as account details and passwords when they receive SMS messages. This data could be used to steal money or personal information from a person or a company. As a result, Smishing is a critical issue to consider. The proposed model uses an Artificial Intelligence to detect smishing. Analysing a SMS and successfully detecting Smishing is possible. Finally, we evaluate and analyse our proposed model to show its efficacy. Keywords: Phishing, Smishing, Artificial Intelligence, LSTM, RNN

Download Full-text

Covert Timing Channels Exploiting Cache Coherence Hardware: Characterization and Defense

International Journal of Parallel Programming ◽

10.1007/s10766-018-0608-4 ◽

2018 ◽

Vol 47 (4) ◽

pp. 595-620 ◽

Cited By ~ 2

Author(s):

Fan Yao ◽

Miloš Doroslovački ◽

Guru Venkataramani

Keyword(s):

Cache Coherence ◽

Timing Channels ◽

Covert Timing Channels

Download Full-text

Base communication model of IP covert timing channels

Frontiers of Computer Science ◽

10.1007/s11704-016-5089-2 ◽

2016 ◽

Vol 10 (6) ◽

pp. 1130-1141 ◽

Cited By ~ 2

Author(s):

Changda Wang ◽

Yulin Yuan ◽

Lei Huang

Keyword(s):

Communication Model ◽

Timing Channels ◽

Covert Timing Channels

Download Full-text

Hide and Seek in Time — Robust Covert Timing Channels

Computer Security – ESORICS 2009 - Lecture Notes in Computer Science ◽

10.1007/978-3-642-04444-1_8 ◽

2009 ◽

pp. 120-135 ◽

Cited By ~ 32

Author(s):

Yali Liu ◽

Dipak Ghosal ◽

Frederik Armknecht ◽

Ahmad-Reza Sadeghi ◽

Steffen Schulz ◽

...

Keyword(s):

Timing Channels ◽

Covert Timing Channels

Download Full-text

Model-Based Covert Timing Channels: Automated Modeling and Evasion

Lecture Notes in Computer Science - Recent Advances in Intrusion Detection ◽

10.1007/978-3-540-87403-4_12 ◽

2008 ◽

pp. 211-230 ◽

Cited By ~ 56

Author(s):

Steven Gianvecchio ◽

Haining Wang ◽

Duminda Wijesekera ◽

Sushil Jajodia

Keyword(s):

Timing Channels ◽

Automated Modeling ◽

Covert Timing Channels ◽

Model Based

Download Full-text

Efficient Cyber Security Framework for Smart Cities

Secure Cyber-Physical Systems for Smart Cities - Advances in Computer and Electrical Engineering ◽

10.4018/978-1-5225-7189-6.ch006 ◽

2019 ◽

pp. 130-157 ◽

Cited By ~ 2

Author(s):

Amtul Waheed ◽

Jana Shafi

Keyword(s):

Cyber Security ◽

Smart City ◽

Smart Cities ◽

Cost Effective ◽

Cyber Attacks ◽

Security And Privacy ◽

Sensitive Information ◽

Security Framework ◽

Smart Transportation ◽

Security Issues

Smart cities are established on some smart components such as smart governances, smart economy, science and technology, smart politics, smart transportation, and smart life. Each and every smart object is interconnected through the internet, challenging the security and privacy of citizen's sensitive information. A secure framework for smart cities is the only solution for better and smart living. This can be achieved through IoT infrastructure and cloud computing. The combination of IoT and Cloud also increases the storage capacity and computational power and make services pervasive, cost-effective, and accessed from anywhere and any device. This chapter will discuss security issues and challenges of smart city along with cyber security framework and architecture of smart cities for smart infrastructures and smart applications. It also presents a general study about security mechanism for smart city applications and security protection methodology using IOT service to stand against cyber-attacks.

Download Full-text

Using hierarchical statistical analysis and deep neural networks to detect covert timing channels

Applied Soft Computing ◽

10.1016/j.asoc.2019.105546 ◽

2019 ◽

Vol 82 ◽

pp. 105546 ◽

Cited By ~ 5

Author(s):

Omar Darwish ◽

Ala Al-Fuqaha ◽

Ghassen Ben Brahim ◽

Ilyes Jenhani ◽

Athanasios Vasilakos

Keyword(s):

Neural Networks ◽

Statistical Analysis ◽

Deep Neural Networks ◽

Timing Channels ◽

Covert Timing Channels

Download Full-text

Comparative Study between Big Data Analysis Techniques in Intrusion Detection

Big Data and Cognitive Computing ◽

10.3390/bdcc3010001 ◽

2018 ◽

Vol 3 (1) ◽

pp. 1 ◽

Cited By ~ 4

Author(s):

Mounir Hafsa ◽

Farah Jemili

Keyword(s):

Intrusion Detection ◽

Real Time ◽

Large Scale ◽

Fault Tolerant ◽

Time Frame ◽

Cyber Attacks ◽

Sensitive Information ◽

Cyber Attack ◽

Processing Power ◽

Damage Costs

Cybersecurity ventures expect that cyber-attack damage costs will rise to $11.5 billion in 2019 and that a business will fall victim to a cyber-attack every 14 seconds. Notice here that the time frame for such an event is seconds. With petabytes of data generated each day, this is a challenging task for traditional intrusion detection systems (IDSs). Protecting sensitive information is a major concern for both businesses and governments. Therefore, the need for a real-time, large-scale and effective IDS is a must. In this work, we present a cloud-based, fault tolerant, scalable and distributed IDS that uses Apache Spark Structured Streaming and its Machine Learning library (MLlib) to detect intrusions in real-time. To demonstrate the efficacy and effectivity of this system, we implement the proposed system within Microsoft Azure Cloud, as it provides both processing power and storage capabilities. A decision tree algorithm is used to predict the nature of incoming data. For this task, the use of the MAWILab dataset as a data source will give better insights about the system capabilities against cyber-attacks. The experimental results showed a 99.95% accuracy and more than 55,175 events per second were processed by the proposed system on a small cluster.

Download Full-text