Review Article
A Survey of Key Technologies for Constructing Network Covert Channel
Table 7
Attack against covert channels.
| Level | Covert channel | Elimination | Limitation | Detection |
| Communication content | Covert timing channels | — | Adding delays | (i) Detecting traffic shape. (ii) Detecting traffic regularity. (iii) Detecting traffic randomness. (iv) ML or DL technology. | Covert storage channels | Traffic normalization | — | ML or DL technology. |
| Transmission network | Proxy | (i) IP blocking (ii) URL blocking | — | (i) Regular expressions. (ii) Traffic watermark. (iii) ML or DL technology. | Anonymous communication | (i) Blocking the IPs of mix nodes (ii) Blocking official homepages (iii) Poisoning DNS resolutions | — | (i) Detecting mix nodes: ML or DL technology. (ii) Detecting the association between nodes: Sybil attack, etc. |
|
|