Study On Covert Information Flow Based On The Finite State Automata

Nowadays, the stats’ and society’s has paid more and more dependence on computers technology. The issue of information security has been paid more and more attention. Security system to a large extent determines the security of the system, and spread of confidential information is the study and practice of information security problems often encountered. Access control mechanism is an important means to protect the confidentiality and integrity of information. But even if the implementation of the mandatory access control mechanism of the information system still occurs in the low security level where users through covert channel access to high security level information, for this class of problems mainly through detection method based on information flow.The static information flow monitoring technology of manual workload, error prone sentence doesn’t secure information flow channel. And the dynamic information flow control technology is in the initial stage, it solves the problem that the static information flow monitoring technology can’t be changed according to the situation in real time. However, the existing dynamic information flow monitoring technology can’t monitor the channel of complex information flow. In order to solve the above problems, and we can detect and deal with the hidden information flow in the system in real time. The main contents of this paper are as follows:(1)According to the requirement of the dynamic analysis of the hidden information flow, we make an improvement of the finite state automaton. Based on the finite state automata based increase function and label identifier, we make it to obtain the better adaptability of finite state automata, and to improve the finite state automata as a tool to put forward a dynamic monitoring method for the flow of information.(2)According to the safety requirements of the SELinux system, the improved finite state automaton is used to monitor and control the hidden information flow.(3)Test the method proposed in this paper. In the simulation environment with known unsafe information flow, the improved method is used to monitor the actual system. The test results are used to verify the correctness and effectiveness of the proposed method.Based on the finite state automata covert information flow detection method can effectively monitor and prevent the dangerous information harm to the system. And according to the insecure information flow’s harm degree, to make corresponding processing.