Investigative support for information confidentiality

• Published in: Journal of ambient intelligence and humanized computing Vol. 6; no. 4; pp. 425 - 451
• Main Authors: Jaskolka, Jason, Khedri, Ridha, Sabri, Khair Eddin
• Format: Journal Article
• Language: English
• Published: Berlin/Heidelberg Springer Berlin Heidelberg 01.08.2015; Springer Nature B.V
• Subjects: Artificial Intelligence; Automation; Channels; Communication; Communication networks; Computational Intelligence; Confidentiality; Cryptography; Engineering; Forensic computing; Information theory; Leakage; Network security; Original Research; Robotics and Automation; User Interfaces and Human Computer Interaction; Covert channels; Cryptanalysis; Information confidentiality; Formal methods; Security; Digital forensics
• ISSN: 1868-5137; 1868-5145
• DOI: 10.1007/s12652-015-0289-4

With the ubiquity and pervasiveness of computers in daily activities and with the ever-growing complexity of communication networks and protocols, covert channels are becoming an eminent threat to the confidentiality of information. In light of this threat, we propose a technique to detect confidential information leakage via protocol-based covert channels. Although several works examine covert channel detection and analysis from the perspective of information theory by, for instance, analysing channel capacities, we propose a different technique that tackles the problem from a different perspective. The proposed technique takes an algebraic approach using relations. It provides tests to verify the existence of a leakage of information via a monitored covert channel. It also provides computations which show how the information was leaked if a leakage exists. We also discuss possible applications of the proposed technique in cryptanalysis and digital forensics based on a known-plaintext attack. We report on a prototype tool that allows for the automation of the proposed technique.