| With the computer network extensive application in many fields, network security becomes more and more serious because of openness, interaction and resource sharing of the Internet. Covert channel as a means of mixed attack brings great threats to network security. It helps us to better understand the inner mechanism of network attack mode by studying and analyzing the mechanism of covert channel, so as to reduce the harm that the network intrusion will bring. In addition, network covert channel is also the important means to evaluate the intrusion detection system and the safety performance of firewall system. According to TCSEC standard of the U.S. defense department, analyze to covert channel is needed when developping security system above of B2 . The research based on multi-layer protocol is as follows.Based on the introduction of technology and current development of covert channel, various defects of the TCP/IP protocol architecture are analysised in detail. Finally, put forward several methods of covert channel based on single-layer protocol. By analyzing bandwidth, reliability, concealment of covert channel based on single-layer protocol, there is the problem that its bandwidth is small. Therefore, a covert channel based on multi-layer protocol is designed. The idea is that concealed information is hidden in application layer, the transport layer, network layer. In order to hide multiple concealed information in different position of a packet. Finally, two models of covert channel based on tcp and udp multi-layer protocol are introduced in detail. |
PDF Full Text Request