| Covert channel is an information hiding technology which can transmit confidential information by the way to bypass the security policy of the system. Covert channel present in the operating system, network and database security system widely, which has a great threat to the security of the system. Thus, covert channel research is a focus in the field of information security. In recent years, with the development of cloud computing, research covert channel extends into the cloud. Study of the covert channels in cloud platform has important significance and value to ensure the security of user data, and the entire cloud environment.This article noted that the security threats including covert channels faced by the cloud platform Based on the characteristics of the cloud platform architecture, the virtualization technology analysis of cloud computing. Then introduced the definition, classification and analyzed existing instance of covert channel in cloud platform.First, for example, the shared memory based timing covert channel of cloud platform, we used channel modeling and metrics to evaluate their level of threat. On this basis, we propose a detection method of mixing entropy and. Because joining covert channel, the characteristics of time of the data transmission has a great regularity, while the entropy and ε-similarity can measure the random of variables. Using two indicators mixed detection methods can avoid false positives problems caused by single indicator. Experiments show that the method has a certain practicality.Ten the article researched the restrictions measures of timing covert channel of cloud platform. Inspired by the conventional method Network Pump equipment limitations and restrictions threshold model for limiting Channel, we proposed an interference model-Cloud Jammer. The interference model is divided into two parts, one is Jammer model located in the Hypervisor, which is responsible for monitoring super calls used by timing covert channel and time record. Another part is Analyzer module located in Dom0, which is responsible for receiving recording sent from the Jammer module. Firstly, calculate the corrected entropy and ε- similarity of the time series, and compared with a threshold value to determine whether the channel is a covert channel. If so, calculate the channel capacity is within the safety standards or not, if not, calculate a delay and sent to Jammer module, trigger Jammer to add the delay to the time channel. The interference model reaches the goal of limiting covert channel by reducing the channel capacity. Experimental results show that the interference model can effectively reduce the capacity and transmission accuracy of covert channel. |
PDF Full Text Request