TY - GEN
T1 - Towards optimized TCP/IP covert channels detection, IDS and firewall integration
AU - Hammouda, Senda
AU - Maalej, Lilia
AU - Trabelsi, Zouheir
PY - 2008
Y1 - 2008
N2 - Covert channels exist in most communications systems and allow individuals to communicate truly undetectable and exchange hidden information. That's why their detection seems to be a big deal for security systems. However, till now, security systems do not include dedicated processes for covert channel detection. In this paper, we first propose mechanisms to detect common covert channels. Then, within a whole security system, we propose an optimized order regarding the execution of the three major security processes: Firewall, Intrusion Detection System (IDS) and Covert Channel Detection System (CCDS). It will be demonstrated that the proposed order would allow security systems to offer better processing performances.
AB - Covert channels exist in most communications systems and allow individuals to communicate truly undetectable and exchange hidden information. That's why their detection seems to be a big deal for security systems. However, till now, security systems do not include dedicated processes for covert channel detection. In this paper, we first propose mechanisms to detect common covert channels. Then, within a whole security system, we propose an optimized order regarding the execution of the three major security processes: Firewall, Intrusion Detection System (IDS) and Covert Channel Detection System (CCDS). It will be demonstrated that the proposed order would allow security systems to offer better processing performances.
KW - Covert channel system
KW - Firewall
KW - Intrusion detection
KW - TCP/IP protocols
UR - http://www.scopus.com/inward/record.url?scp=58049148085&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=58049148085&partnerID=8YFLogxK
U2 - 10.1109/NTMS.2008.ECP.101
DO - 10.1109/NTMS.2008.ECP.101
M3 - Conference contribution
AN - SCOPUS:58049148085
SN - 9782953244304
T3 - Proceedings of New Technologies, Mobility and Security Conference and Workshops, NTMS 2008
BT - Proceedings of New Technologies, Mobility and Security Conference and Workshops, NTMS 2008
T2 - New Technologies, Mobility and Security Conference and Workshops, NTMS 2008
Y2 - 5 November 2008 through 7 November 2008
ER -