Summaries - Office of Research & Innovation
Research Summaries
Back Network Traffic Covert Channel Detection and Mitigation
Fiscal Year | 2020 |
Division | Research & Sponsored Programs |
Department | NPS Naval Research Program |
Investigator(s) |
Monaco, John V.
Singh, Gurminder |
Sponsor | NPS Naval Research Program (Navy) |
Summary | This project will leverage emerging machine learning techniques to detect covert and side channels in a network. With the intent of avoiding detection, covert channels are commonly used by adversaries to steal private information or to exfiltrate data from within a network after a system has been compromised. Unintended information leakage can occur when either user or device behavior manifests in network traffic, enabling reconnaissance through, e.g., remote device fingerprinting. The proposed work will develop techniques to detect and mitigate such instances of information leakage. Covert channel detection will be addressed within an anomaly detection framework, and sequence models will be leveraged for this purpose. Information theoretic functions will measure covert channel capacity. Mitigations will be investigated, such as techniques to introduce perturbations to packet time, size, or structure to degrade covert channel capacity. |
Keywords | Anomaly Cyber Netflow machine learning |
Publications | Publications, theses (not shown) and data repositories will be added to the portal record when information is available in FAIRS and brought back to the portal |
Data | Publications, theses (not shown) and data repositories will be added to the portal record when information is available in FAIRS and brought back to the portal |