Simulation, optimisation and integration of covert channels, intrusion detection and packet filtering systems

Lilia Frikha; Zouheir Trabelsi; Sami Tabbane

doi:10.1109/GIIS.2009.5307102

Simulation, optimisation and integration of covert channels, intrusion detection and packet filtering systems

Lilia Frikha, Zouheir Trabelsi, Sami Tabbane

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

2 Citations (Scopus)

Abstract

In a Communication network, an advanced security system should include three security processes, namely a packet filter (Firewall), an Intrusion Detection System (IDS), and a Covert Channels Detection System (CCDS). The Firewall filters the incoming and outgoing network traffic. The IDS detects and stops attacks, such as Denial of Service (DoS) attacks. Covert channels allow individuals to comm unicate undetectable and exchange hidden information. A CCDS detects and stops covert channels. However, till now, security systems do not include dedicated processes for covert channel detection. In this paper we propose an optimized order regarding the execution of the three processes, and evaluate the system's performance when the LAN network is under different types of attacks. The results show that the proposed order enhances the processing time performance of the system. copy; 2009 IEEE.

Original language	English
Title of host publication	2009 Global Information Infrastructure Symposium, GIIS '09
DOIs	https://doi.org/10.1109/GIIS.2009.5307102
Publication status	Published - 2009
Externally published	Yes
Event	2009 Global Information Infrastructure Symposium, GIIS '09 - Hammemet, Tunisia Duration: Jun 23 2009 → Jun 26 2009

Publication series

Name	2009 Global Information Infrastructure Symposium, GIIS '09

Other

Other	2009 Global Information Infrastructure Symposium, GIIS '09
Country/Territory	Tunisia
City	Hammemet
Period	6/23/09 → 6/26/09

Keywords

Covert channel system
Detection TCP/IPprotocols
Firewall
Intrusion

ASJC Scopus subject areas

Computer Networks and Communications
Information Systems
Software
Electrical and Electronic Engineering

Access to Document

10.1109/GIIS.2009.5307102

Cite this

Simulation, optimisation and integration of covert channels, intrusion detection and packet filtering systems. / Frikha, Lilia; Trabelsi, Zouheir; Tabbane, Sami.
2009 Global Information Infrastructure Symposium, GIIS '09. 2009. 5307102 (2009 Global Information Infrastructure Symposium, GIIS '09).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Frikha, L, Trabelsi, Z & Tabbane, S 2009, Simulation, optimisation and integration of covert channels, intrusion detection and packet filtering systems. in 2009 Global Information Infrastructure Symposium, GIIS '09., 5307102, 2009 Global Information Infrastructure Symposium, GIIS '09, 2009 Global Information Infrastructure Symposium, GIIS '09, Hammemet, Tunisia, 6/23/09. https://doi.org/10.1109/GIIS.2009.5307102

@inproceedings{5b9377172e8a46a38ec751337b6776d4,

title = "Simulation, optimisation and integration of covert channels, intrusion detection and packet filtering systems",

abstract = "In a Communication network, an advanced security system should include three security processes, namely a packet filter (Firewall), an Intrusion Detection System (IDS), and a Covert Channels Detection System (CCDS). The Firewall filters the incoming and outgoing network traffic. The IDS detects and stops attacks, such as Denial of Service (DoS) attacks. Covert channels allow individuals to comm unicate undetectable and exchange hidden information. A CCDS detects and stops covert channels. However, till now, security systems do not include dedicated processes for covert channel detection. In this paper we propose an optimized order regarding the execution of the three processes, and evaluate the system's performance when the LAN network is under different types of attacks. The results show that the proposed order enhances the processing time performance of the system. copy; 2009 IEEE.",

keywords = "Covert channel system, Detection TCP/IPprotocols, Firewall, Intrusion",

author = "Lilia Frikha and Zouheir Trabelsi and Sami Tabbane",

year = "2009",

doi = "10.1109/GIIS.2009.5307102",

language = "English",

isbn = "9781424446247",

series = "2009 Global Information Infrastructure Symposium, GIIS '09",

booktitle = "2009 Global Information Infrastructure Symposium, GIIS '09",

note = "2009 Global Information Infrastructure Symposium, GIIS '09 ; Conference date: 23-06-2009 Through 26-06-2009",

}

TY - GEN

T1 - Simulation, optimisation and integration of covert channels, intrusion detection and packet filtering systems

AU - Frikha, Lilia

AU - Trabelsi, Zouheir

AU - Tabbane, Sami

PY - 2009

Y1 - 2009

N2 - In a Communication network, an advanced security system should include three security processes, namely a packet filter (Firewall), an Intrusion Detection System (IDS), and a Covert Channels Detection System (CCDS). The Firewall filters the incoming and outgoing network traffic. The IDS detects and stops attacks, such as Denial of Service (DoS) attacks. Covert channels allow individuals to comm unicate undetectable and exchange hidden information. A CCDS detects and stops covert channels. However, till now, security systems do not include dedicated processes for covert channel detection. In this paper we propose an optimized order regarding the execution of the three processes, and evaluate the system's performance when the LAN network is under different types of attacks. The results show that the proposed order enhances the processing time performance of the system. copy; 2009 IEEE.

AB - In a Communication network, an advanced security system should include three security processes, namely a packet filter (Firewall), an Intrusion Detection System (IDS), and a Covert Channels Detection System (CCDS). The Firewall filters the incoming and outgoing network traffic. The IDS detects and stops attacks, such as Denial of Service (DoS) attacks. Covert channels allow individuals to comm unicate undetectable and exchange hidden information. A CCDS detects and stops covert channels. However, till now, security systems do not include dedicated processes for covert channel detection. In this paper we propose an optimized order regarding the execution of the three processes, and evaluate the system's performance when the LAN network is under different types of attacks. The results show that the proposed order enhances the processing time performance of the system. copy; 2009 IEEE.

KW - Covert channel system

KW - Detection TCP/IPprotocols

KW - Firewall

KW - Intrusion

UR - http://www.scopus.com/inward/record.url?scp=71249120084&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=71249120084&partnerID=8YFLogxK

U2 - 10.1109/GIIS.2009.5307102

DO - 10.1109/GIIS.2009.5307102

M3 - Conference contribution

AN - SCOPUS:71249120084

SN - 9781424446247

T3 - 2009 Global Information Infrastructure Symposium, GIIS '09

BT - 2009 Global Information Infrastructure Symposium, GIIS '09

T2 - 2009 Global Information Infrastructure Symposium, GIIS '09

Y2 - 23 June 2009 through 26 June 2009

ER -

Simulation, optimisation and integration of covert channels, intrusion detection and packet filtering systems

Abstract

Publication series

Other

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this