A Classifier Method for Detection of Covert Channels over LTE
With the rapid development of cellular network systems,LTE is turning to be a wonderful carrier for covert channels.In this paper,we present a method based on the k-nearest neighbor(KNN)classification for detecting hidden information in Sequence Number(SN)fields of PDCP and RLC layer,which is known as the most difficult covert storage channel(CSC)to be detected.Our classifier is trained by the fingerprints extracted from overt traffic packets,and obtains the distribution zone of the distance between the SNs and their neighbors.The width of the distribution zone is seen as a confidence metric to the traffic data for detection.We simulate our proposed approach in NS3 platform,and the results have demonstrated that our proposed detection method is sensitive to the hidden information in the SN fields of the PDCP and RLC layer.It can detect them in an accurate manner.and can be used for both online and offline detection.
Covert Channels Detection Sequence Number KNN Classification
Zukui Wang Liusheng Huang Wei Yang Zhiqiang He
School of CS & Tech.,USTC,Hefei,230027,China Suzhou Institute for Advanced Study,USTC,Suzhou,215123,China
国际会议
南京
英文
454-460
2017-10-12(万方平台首次上网日期,不代表论文的发表时间)