Covert channel communication detection method, device and equipment

A covert channel and communication detection technology, which is applied in the field of network communication, can solve the problems of small data packets and difficulty in ensuring the network security of user hosts, and achieve the effect of ensuring network security

Inactive Publication Date: 2020-07-31
SANGFOR TECH INC
View PDF5 Cites 10 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Since the ICMP protocol is a communication protocol with a low standard, and its data packets usually occupy a small amount of traffic in the network, it is often ignored by traffic analyzers and network administrators, and the current malicious controller may pass ICMP data The packet carries malicious behavior data to communicate with the user host, so as to achieve the purpose of malicious control of the user host, and it is difficult to ensure the network security of the user host

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Covert channel communication detection method, device and equipment
  • Covert channel communication detection method, device and equipment
  • Covert channel communication detection method, device and equipment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0045] The following will clearly and completely describe the technical solutions in the embodiments of the present application with reference to the drawings in the embodiments of the present application. Obviously, the described embodiments are only some of the embodiments of the present application, not all of them. Based on the embodiments in this application, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the protection scope of this application.

[0046] Covert channel communication based on ICMP protocol, as its name implies, is a method of using ICMP protocol for data transmission to achieve communication means. Since the ICMP protocol is a communication protocol with a low standard, and its data packets usually occupy a small amount of traffic in the network, it is often ignored by traffic analyzers and network administrators, and the current malicious controller may pass ICMP data The packet carries ma...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a covert channel communication detection method, device and equipment. The method comprises the following steps: acquiring an ICMP data packet; extracting the preset feature ofthe ICMP data packet, and executing feature statistics according to the preset feature to obtain an execution feature statistics to obtain a target feature vector; and detecting the target feature vector by using the detection model to determine whether an ICMP covert channel exists or not. According to the method, the detection model is used for detecting the target feature vector to determine whether the ICMP covert channel exists or not, so that covert channel communication detection based on the ICMP data message is realized, and the network security of the user host is relatively ensured. In addition, the invention further provides a covert channel communication detection device and equipment based on ICMP and a storage medium, and the beneficial effects are as described above.

Description

technical field [0001] The present application relates to the field of network communication, in particular to a method, device and equipment for detecting covert channel communication. Background technique [0002] ICMP (Internet Control Message Protocol, Internet Control Message Protocol) is a sub-protocol of the TCP / IP protocol suite, and is used to transmit control messages between IP hosts and routers. The control message refers to the message of the network itself such as whether the network is unreachable, whether the host is reachable, and whether the route is available. The current common ping and tracert both use the ICMP protocol to implement network functions, and they are typical examples of applying network protocols to daily network management. [0003] Covert channel communication based on ICMP protocol, as its name implies, is a method of using ICMP protocol for data transmission to achieve communication means. Since the ICMP protocol is a communication pr...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L12/24
CPCH04L63/1408H04L63/1441H04L63/1425H04L69/161H04L41/145
Inventor 周运金吴振宇
Owner SANGFOR TECH INC
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap