Review Article
A Survey of Key Technologies for Constructing Network Covert Channel
Table 7
Attack against covert channels.
| | Level | Covert channel | Elimination | Limitation | Detection |
| | Communication content | Covert timing channels | — | Adding delays | (i) Detecting traffic shape.
(ii) Detecting traffic regularity.
(iii) Detecting traffic randomness.
(iv) ML or DL technology. | | Covert storage channels | Traffic normalization | — | ML or DL technology. |
| | Transmission network | Proxy | (i) IP blocking
(ii) URL blocking | — | (i) Regular expressions.
(ii) Traffic watermark.
(iii) ML or DL technology. | | Anonymous communication | (i) Blocking the IPs of mix nodes
(ii) Blocking official homepages
(iii) Poisoning DNS resolutions | — | (i) Detecting mix nodes: ML or DL technology.
(ii) Detecting the association between nodes: Sybil attack, etc. |
|
|
