Concealed channel identification method

A covert channel and identification technology, applied in the direction of security communication devices, digital transmission systems, electrical components, etc., can solve problems such as state explosion, achieve low false alarm rate and false negative rate, reduce system analysis complexity, and reduce complexity Effect

Inactive Publication Date: 2011-05-04
INST OF SOFTWARE - CHINESE ACAD OF SCI
View PDF4 Cites 10 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

But building a shared resource matrix from the source code level may cause state explosion, and this method cannot incrementally analyze new primitives

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Concealed channel identification method
  • Concealed channel identification method
  • Concealed channel identification method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0040] Below in conjunction with accompanying drawing, the present invention will be further described through embodiment, but the scope of the present invention is not limited in any way.

[0041] The overall flow of the code layer covert channel identification method based on the directed information flow graph of the present invention is as follows figure 1 As shown, taking the covert channel identification of the Linux system as an example, it specifically includes:

[0042] 1) First, divide the Linux system into relatively independent sub-modules (subsystems) according to the principle of low cohesion and high coupling. The sub-modules include {kernel, mm, ipc, fs, net, init, block, ...} , each submodule is analyzed separately as an independent part.

[0043] 2) Take the independent sub-module fs as the analysis object. Its shared variables include {i_hash_mask, last_type, s_free_inodes_count, s_free_blocks_count, nr_files, last_ino, inodes_stat.nr_inodes, inotify_mnt, ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a concealed channel identification method. A system source code is used as an analysis object. The method comprises the following steps of: formally describing a concealed channel in a secure information system as (V, PAh, PVl, P); then dividing a system to be analyzed into relatively independent subsystems; searching related function calling branches in the subsystems by using a shared variable as a basic unit, and further constructing directed information flow graphs according to an information flow relationship; and pruning each information flow graph according to the formal description of the concealed channel to eliminate invalid flow branches and variable aliases in the code, wherein all flow nodes and function calling branches in the finally obtained information flow graphs are potential concealed channel forming factors. The method is suitable for source codes of information systems such as an operating system, a database, a network and the like of high security level, has wide application range, high execution efficiency and low error report rate and missing report rate, can identify the potential concealed channel in the system, and meets the requirement of security standards on concealed channel analysis.

Description

technical field [0001] The invention relates to a covert channel analysis technology of a high security level information system, in particular to a covert channel identification method, and proposes a practical code layer covert channel identification method based on a directed information flow graph. Background technique [0002] A covert channel refers to a communication channel that allows a process to transmit information in a way that endangers system security policies. Both domestic and foreign security standards require that high-level security information systems must conduct covert channel analysis. Covert channel identification is the core technology of covert channel analysis, and its purpose is to find all potential covert channels in the system, which is the premise of channel measurement and treatment. Currently existing covert channel identification methods include information flow analysis method, shared resource matrix method, non-interference analysis meth...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L9/00
Inventor 吴敬征丁丽萍王永吉周启明刘剑
Owner INST OF SOFTWARE - CHINESE ACAD OF SCI
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap