A novel covert channel detection method in cloud based on XSRM and improved event association algorithm
Covert channel is a major threat to the information system security and commonly found in operating systems, especially in cloud computing environment. Owing to the characteristics in cloud computing environment such as resources sharing and logic boundaries, covert channels become more varied and d...
Saved in:
| Main Authors: | , , , , , |
|---|---|
| Format: | text |
| Language: | English |
| Published: |
Institutional Knowledge at Singapore Management University
2016
|
| Subjects: | |
| Online Access: | https://ink.library.smu.edu.sg/sis_research/3425 https://ink.library.smu.edu.sg/context/sis_research/article/4426/viewcontent/Anovelcovertchanneldetectionmethod.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Singapore Management University |
| Language: | English |
| id |
sg-smu-ink.sis_research-4426 |
|---|---|
| record_format |
dspace |
| spelling |
sg-smu-ink.sis_research-44262017-03-30T01:33:40Z A novel covert channel detection method in cloud based on XSRM and improved event association algorithm WANG, Lina LIU, Weijie KUMAR, Neeraj HE, Debiao TAN, Cheng GAO, Debin Covert channel is a major threat to the information system security and commonly found in operating systems, especially in cloud computing environment. Owing to the characteristics in cloud computing environment such as resources sharing and logic boundaries, covert channels become more varied and difficult to find. Focusing on those problems, this paper presents a universal method for detecting covert channel automatically. To achieve a global detection, we leveraged a virtual machine event record mechanism in hypervisor to gather necessary metadata. Combining the shared resources matrix methodology with events association mechanism, we proposed a distinctive algorithm that can accurately locate and analyze malicious covert channels from the respect of behaviors. Compared with the popular statistical test methods focusing on the single covert channel, our method is capable of recognizing and detecting more covert channels in real time. Experimental results show that this method is not only able to detect multilevel and multiform covert channels in cloud environment effectively but also facilitates the implementation and deployment in practical scenarios without modifying the existing system. 2016-11-01T07:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/3425 info:doi/10.1002/sec.1560 https://ink.library.smu.edu.sg/context/sis_research/article/4426/viewcontent/Anovelcovertchanneldetectionmethod.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University cloud security covert channel detection event association analysis shared resource matrix Information Security |
| institution |
Singapore Management University |
| building |
SMU Libraries |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
SMU Libraries |
| collection |
InK@SMU |
| language |
English |
| topic |
cloud security covert channel detection event association analysis shared resource matrix Information Security |
| spellingShingle |
cloud security covert channel detection event association analysis shared resource matrix Information Security WANG, Lina LIU, Weijie KUMAR, Neeraj HE, Debiao TAN, Cheng GAO, Debin A novel covert channel detection method in cloud based on XSRM and improved event association algorithm |
| description |
Covert channel is a major threat to the information system security and commonly found in operating systems, especially in cloud computing environment. Owing to the characteristics in cloud computing environment such as resources sharing and logic boundaries, covert channels become more varied and difficult to find. Focusing on those problems, this paper presents a universal method for detecting covert channel automatically. To achieve a global detection, we leveraged a virtual machine event record mechanism in hypervisor to gather necessary metadata. Combining the shared resources matrix methodology with events association mechanism, we proposed a distinctive algorithm that can accurately locate and analyze malicious covert channels from the respect of behaviors. Compared with the popular statistical test methods focusing on the single covert channel, our method is capable of recognizing and detecting more covert channels in real time. Experimental results show that this method is not only able to detect multilevel and multiform covert channels in cloud environment effectively but also facilitates the implementation and deployment in practical scenarios without modifying the existing system. |
| format |
text |
| author |
WANG, Lina LIU, Weijie KUMAR, Neeraj HE, Debiao TAN, Cheng GAO, Debin |
| author_facet |
WANG, Lina LIU, Weijie KUMAR, Neeraj HE, Debiao TAN, Cheng GAO, Debin |
| author_sort |
WANG, Lina |
| title |
A novel covert channel detection method in cloud based on XSRM and improved event association algorithm |
| title_short |
A novel covert channel detection method in cloud based on XSRM and improved event association algorithm |
| title_full |
A novel covert channel detection method in cloud based on XSRM and improved event association algorithm |
| title_fullStr |
A novel covert channel detection method in cloud based on XSRM and improved event association algorithm |
| title_full_unstemmed |
A novel covert channel detection method in cloud based on XSRM and improved event association algorithm |
| title_sort |
novel covert channel detection method in cloud based on xsrm and improved event association algorithm |
| publisher |
Institutional Knowledge at Singapore Management University |
| publishDate |
2016 |
| url |
https://ink.library.smu.edu.sg/sis_research/3425 https://ink.library.smu.edu.sg/context/sis_research/article/4426/viewcontent/Anovelcovertchanneldetectionmethod.pdf |
| _version_ |
1770573164944818176 |