Automatic Analysis Of Covert Channel Based On Source Codes Of Linux Kernel

In the social process of information-based,information has become an important resource for social development.And information security in information society will play a very important role.Operating system security is the fundamental issue to protect the security of information systems.In recent years,researching on secure operating systems is heated gradually.And effective covert channel analysis and processing mechanisms are important parts to ensure the operating system security.Building a operating system of high security level is also a bottleneck problem.This paper is to analyze covert channel in source codes of Linux kernel.Based on the summary of the existing analysis methods of covert channel,the main analysis combined with the information flow analysis method,shared resources matrix method and covert flow tree analysis method.The design proposal and prototype of covert channel identification and analysis tools are summarized and given.Specifically,the first step,source codes of Linux kernel are traversed and scanned to separate the shared variables and function names,and the result of the word segmentation is preserved;the second step,rules of information flow statements are formulated and information flow tree is constructed according to the corresponding rules;the third step,information flow tree should be simplified and result is preserved in the information flow diagram;the fourth step,shared resource matrix is constructed and transitive closure is computed in order to identify potential covert channels.Finally,Source codes of Linux2.4.18 kernel version are selected as the analysis object and potential covert channels are identified by automatic analysis of covert channel tool in order to verify the validity of the design tool.At the same time,parts of potential covert channels are confirmed factually.Furthermore,scene analysis of the potential covert channel is made and recommendations are given.In the end of the paper,existing problems of the research process are summed up and the directions of future efforts are forecasted.