| Indirect, covert communication has become a reality in our communication systems. This type of communication has the ability to bypass the monitoring and auditing components that have been employed in systems and networks, posing a thread to the access control and auditing in the information systems. Network covert timing channel can be utilized to transmit information in a stealthy way and therefore is an effective tool for parties who are interested in information leakage. Due to the threat they pose to confidentiality, network covert channels needs to be controlled in multi-level systems which handles sensitive information (e.g. military systems). In this context, this study concentrated on the mitigation of network covert timing channels, with a view to offer practical suggestions to assure the confidentiality and completeness of auditing in the design of multi-level systems. This research began with the existing covert timing channels in the computer networks and their implementations. Based on these designs and implementations, this paper studied the theoretical models of network covert timing channels and pointed out their strengths and weaknesses. That being done, this study concentrated on the mitigation plans of covert timing channels and presented an adaptive random delay based mitigation approach. This paper illustrated this approach with great detail, from both a theoretical and a technical point of view. After evaluating the approach both theoretically and in actual networks, we concluded this paper with a summary and directions for future research.The mitigation strategy presented in this study has been implemented on a Linux system. And the results of this study have been used in the development and research of the next generation secure segregation system. |
PDF Full Text Request