Author

Omar Darwish

Date of Award

4-2018

Degree Name

Doctor of Philosophy

Department

Computer Science

First Advisor

Dr. Ala Al-Fuqaha

Second Advisor

Dr. Fahad Saeed

Third Advisor

Dr. Lina Sawalha

Abstract

Covert timing channels provide a mechanism to transmit unauthorized information across different processes. It utilizes the inter-arrival times between the transmitted packets to hide the communicated data. It can be exploited in a variety of malevolent scenarios such as leaking military secrets, trade secrets, and other forms of Intellectual Property (IP). They can be also used as a vehicle to attack existing computing systems to disseminate software viruses or worms while bypassing firewalls, intrusion detection and protection systems, and application filters. Therefore, the detection and mitigation of covert channels is a key issue in modern Information Technology (IT) infrastructure. Many companies, countries and government agencies such as the US government and the US military bodies, National Security Agency, US Air Force, and National Computer Security Centre are focused on devising better techniques to detect and potentially eliminate covert channels. This will serve as an important building block for a decision support system that protects the IT infrastructure against such vulnerabilities.

This research introduces new solutions to detect and minimize the amount of data that is potentially exchanged over covert timing channels. The main motivation behind employing the hierarchical statistical analysis approach is to detect the existence of covert timing channel irrespective of the time-scale within which it is concealed with respect to the overall data stream. In addition, compared to flat statistical analysis which is usually utilized in this context, a hierarchical statistical approach might give a more accurate indicator because it is applied on different levels of the time-scales of the data stream. This is because more features are involved in the analysis process such as means of data segments on different levels.

The massive data collected by decision support systems represent a perfect fuel for deep learning approaches. While deep learning shows many success stories with massive data, traditional analysis algorithms struggle even on high specs workstations. Developing an algorithm to detect covert timing channels using deep learning makes this work different from the others in the recent literature where the support vector machine is the main algorithm usually evaluated with different sets of features. This study also minimizes the amount of information that can be potentially exchanged over covert timing channels by attempting to mitigate the covert timing channels. This proposed approach works by finding a good compromise between eliminating the potential covert timing channels and the overall Quality of Service (QoS).

Access Setting

Dissertation-Campus Only

Restricted to Campus until

4-2020

Share

COinS