摘要隐蔽信道是一种能被用于侵犯安全策略,且允许信息向非法的进程泄露的机制。两种隐蔽信道存在的方式:存储信道和时间信道。存储信道通过一个进程包含直接或者间接记录存储位置及直接或者间接的通过另外一个进程读出存储位置。时间信道则包含一个发送方进程,它能够通过调制它自己的源程序向另外的进程发送信号(例.中央处理机时间)。在这样一种方式中,这种操作通过第二个进程影响观察真正的响应时间。26788
在本文中,我们描述时间隐蔽信道的实现,讨论出现在设计中的微妙问题和目前对于信道的性能数据进行分析。然后我们使用我们的成果作为基础,在我们的实验中进行检测。我们将展示时间信道的规律可以被用于区别其他两种方式和提出两种这样做的方法及关于效率的措施。
关键词 时间隐蔽信道 时间间隔 安全 毕业论文设计说明书外文摘要
Title IPCTC designs of Covert Timing Channels based on the Linux platform
Abstract
A covert channel is a mechanism that can be used to violate a security policy by allowing information to leak to an unauthorized process. Two types of covert channels exist: storage and timing channels. A storage channel involves the direct or indirect writing of a storage location by one process and the direct or indirect reading of the storage location by another process. A timing channel involves a sender process that signals information to another by modulating its own use of system resources (e.g. CPU time) in such a way that this manipulation affects the real response time observed by the second process.This classification can be taken further by identifying hybrid channels in which the timing and storage information are used together, and counting channels in which the number of events come into play instead of the occurrence of a single event.
In this paper, we describe our implementation of a covert network timing channel, discuss the subtle issues that arose in its design, and present performance data for the channel. We then use our implementation as the basis for our experiments in its detection. We show that the regularity of a timing channel can be used to differentiate it from other traffic and present two methods of doing so and measures of their efficiency.
Keywords designs of Covert Timing Channels The time interval security
目 次
1. 绪论 2
1.1 研究背景及意义 2
1.2 研究现状 3
1.3 具体要求和主要工作 4
2 隐蔽信道的分类、模型 5
2.1 隐蔽信道的分类 5
2.2 隐蔽信道参考模型 6
3 开发环境和开发工具介绍 9
3.1 Linux 系统 9
3.2 QT4 creator 10
3.3 wireshark 10
3.3 libpcap 10
4 隐蔽信道中基于网络时间的隐蔽信道简介 11
4.1 几种时间隐蔽信道 11
4.1.1 TRCTC时间隐蔽信道 11
4.1.2 IPCTC时间隐蔽信道 12
4.2 编码方式与传输速率 12
4.2.1 编码方式 12
4.2.2 数据传输速率 13
5 基于LINUX的IPCTC的时间隐蔽信道设计与实现 13
5.1 实现算法 14
5.2 解码算法 15
5.3 抓取数据包 16
5.4 模块设计 16
5.4.1可视化设计 16