Research On Covert Channel In Secure Operating System

The covert channel is generated along with the emergence of the system securitypolicy. In the monitoring of the system security policy, it uses the legitimate operationto communicate illegally, resulting in the leakage of confidential information. Manydomestic and international secure criterion require covert channel analysis, such asGB17859-1999, TCSEC, and so on.Covert channel analysis generally including channel search, measurement andprocessing, search and processing is relatively important. In the past30years, theresearcher has developed many algorithms for search and processing of covertchannel, and most of these methods are based on a top-level description of the systemor the system source code, and are required to be implemented in a non-operationalstate of the system, such methods are collectively referred to as static search anddisposal methods. Static analysis method of the present are the solutions proposed forthe problem at that time, so there are some limitations and shortcomings, and requireanalysis of all operations lead to clear the illegal flow of information flow andlegitimacy of analysis must be made for each of the flow of information in the system.But a wide variety of system information flow will result in this analysis is verydifficult work. On the one hand, it is prone to omissions; on the other hand, it is easyto search out the pseudo illegal flow of information does not appear in some systemsrunning, The processing of this information flow will not only believers consume alarge amount of human and material resources, but will also cause unnecessarydecline in system performance. So far, studies have shown that does not yet exist astatic method can detect all the covert channel in the system, and the system alsorequires real-time understanding of the status of the covert channel during operation,so there should be a mechanism that is dynamic search of the covert channel anddisposal methods when the system is running dynamically to detect the existence ofcovert channels.The paper analyzed and summarized the problems of covert channel in the secureoperating system and completed the following three aspects:First, research the necessary conditions of the covert channel, and design a covertchannel dynamic search algorithm based on grey relational analysis algorithm, and combined with the naive Bayes’ classifier, can obtain more intuitive results aboutcovert channel of the system running.Second, around dynamic search method to design a covert channel dynamicprocessing framework, making the system during operation can also be real-timecovert channel search. The framework is a virtuous cycle structure, and hasself-learning ability to be able to get a more accurate test results.Third, Design and implement simple covert channel simulation experiments canbe more accurate and intuitive understanding of covert channel, and simulation covertchannel approach to verify the correctness, applications and limitations.