О каналах скрытых, потайных, побочных. И не только

2006 г.

О каналах скрытых, потайных, побочных. И не только

В.А. Галатенко (Доктор физико-математических наук)
Информационный бюллетень JET INFO

Литература

[1] Е.Е. Тимонина -- Скрытые каналы (обзор). -- Jet Info, 2002, 11

[2] А. Галатенко -- О скрытых каналах и не только. -- Jet Info, 2002, 11

[3] R.A. Kemmerer -- A Practical Approach to Identifying Storage and Timing Channels: Twenty Years Later. — Proceedings of the 18th Annual Computer Security Applications Conference (ACSAC'02). -- IEEE, 2002

[4] E. Tumoian , M. Anikeev -- Network Based Detection of Passive Covert Channels in TCP/IP. — Proceedings of the IEEE Conference on Local Computer Networks 30th Anniversary (LCN'05). -- IEEE, 2005

[5] S. Cabuk , C.E. Brodley , C. Shields -- IP Covert Timing Channels: Design and Detection. — Proceedings of the CCS'04. -- ACM, 2004

[6] P.A. Karger , H. Karth -- Increased Information Flow Needs for High-Assurance Composite Evaluations. — Proceedings of the Second IEEE International Information Assurance Workshop (IWIA'04). -- IEEE, 2004

[7] В.Б. Бетелин , С.Г. Бобков , В.А. Галатенко , А.Н. Годунов , А.И. Грюнталь , А.Г. Кушниренко , П.Н. Осипенко -- Анализ тенденций развития аппаратно-программного обеспечения и их влияния на информационную безопасность. — Сб. статей под ред. академика РАН В.Б. Бетелина. -- М.: НИИСИ РАН, 2004

[8] P. Efstathopoulos , M. Krohn , S. VanDeBogart , C. Frey , D. Ziegler , E. Kohler , D. Mazieres , F. Kaashoek , R. Morris -- Labels and Event Processes in the Asbestos Operating System. — Proceedings of the SOOP'05. -- ACM, 2005

[9] Y. Zhu , R. Bettati -- Anonymity v.s. Information Leakage in Anonymity Systems. — Proceedings of the 25th IEEE International Conference on Distributed Computing Systems (ICDCS'05). -- IEEE, 2005

[10] B. Graham , Y. Zhu , X. Fu , R. Bettati -- Using Covert Channels to Evaluate the Effectiveness of Flow Confidentiality Measures. — Proceedings of the 2005 11th International Conference on Parallel and Distributed Systems (ICPADS'05). -- IEEE, 2005

[11] Y. Zhu , R. Sivakumar -- Challenges: Communication through Silence in Wireless Sensor Networks. — Proceedings of the MobiCom'05. -- ACM, 2005

[12] R. Browne -- An Entropy Conservation Law for Testing the Completeness of Covert Channel Analysis. — Proceedings of the CCS'94. -- ACM, 1994

[13] S. Weber , P.A. Karger , A. Paradkar -- A Software Flaw Taxonomy: Aiming Tools At Security. — Proceedings of the Conference on Software Engineering for Secure Systems — Building Trustworthy Applications (SESS'05). -- ACM, 2005

[14] J.C. Wray -- An Analysis of Covert Timing Channels. -- IEEE, 1991

[15] В.Б. Бетелин , В.А. Галатенко , М.Т. Кобзарь , А.А. Сидак , И.А. Трифаленков -- Обзор профилей защиты, построенных на основе "Общих критериев". Специфические требования к сервисам безопасности. -- "Безопасность информационных технологий", 2003, 3

[16] K. Loepere -- Resolving Covert Channels withing a B2 Class Secure System. -- Honeywell Information Systems.

[17] J.J. Harmsen , W.A. Pearlman -- Capacity of Steganographic Channels. — Proceedings of the MM-SEC'05. -- ACM, 2005

[18] I.S. Moskowitz , L. Chang , R. Newman -- Capacity is the Wrong Paradigm. — Proceedings of the 2002 Workshop on New Security Paradigms. -- ACM, 2002

[19] M. Bauer -- New Covert Channels in HTTP. Adding Unwitting Web Browsers to Anonymity Sets. — Proceedings of the WPES'03. -- ACM, 2003

[20] K. Borders , A. Prakash -- Web Tap: Detecting Covert Web Traffic. — Proceedings of the CCS'04. -- ACM, 2004

[21] D. Slater -- A note on the Relationship Between Covert Channels and Application Verification. -- Computer Sciences Corporation, 2005

[22] K. Tiri , I. Verbauwhede -- Simulation Models for Side-Channel Information Leaks. — Proceedings of the DAC 2005. -- ACM, 2005

[23] J.R. Rao , P. Rohatgi , H Scerzer , S. Tinguely -- Partitioning Attacks: Or How to Rapidly Clone Some GSM Cards. — Proceedings of the 2002 IEEE Symposium on Security and Privacy (S&P'02). -- IEEE, 2002

[24] R. Muresan , C. Gebotys -- Current Flattening in Software nad Hardware for Security Applications. — Proceedings of the CODES+ISSS'04. -- ACM, 2004

[25] V. Roth , U. Pinsdorf , J. Peters -- A Distributed Content-Based Search Engine Based on Mobile Code. — Proceedings of the 2005 ACM Symposium on Applied Computing (SAC'05). -- ACM, 2005

[26] M. Carvalho , T. Cowin , N. Suri , M. Breedy , K. Ford -- Using Mobile Agents as Roaming Security Guards to Test and Improve Security of Hosts and Networks. — Proceedings of the 2004 ACM Symposium on Applied Computing (SAC'04). -- ACM, 2004

[27] T. Pedireddy , J.M. Vidal -- A Prototype MultiAgent Network Security System. — Proceedings of the AAMAS'03. -- ACM, 2003

[28] R. Menezes -- Self-Organization and Computer Security. — Proceedings of the 2005 ACM Symposium on Applied Computing (SAC'05). -- ACM, 2005

[29] J. Page , A. Zaslavsky , M. Indrawan -- Countering Agent Security Vulnerabilities using an Extended SENSE Schema. — Proceedings of the IEEE/WIC/ACM International Conference on Intelligent Agent Technology (IAT'04). -- IEEE, 2004

[30] J. Page , A. Zaslavsky , M. Indrawan -- Countering Security Vulnerabilities in Agent Execution using a Self Sxecuting Security Examination. — Proceedings of the AAMAS'04. -- ACM, 2004

[31] J. Ameiller , S. Robles , J.A. Ortega-Ruiz -- Self-Protected Mobile Agents. — Proceedings of the AAMAS'04. -- ACM, 2004

[32] M. Christodorescu , S. Jha -- Testing Malware Detectors. — Proceedings of the ISSTA'04. -- ACM, 2004

[33] M. Christodorescu , S. Jha , S.A. Seshia , D. Song , R.E. Bryant -- Semantics-Aware Malware Detection. — Proceedings of the 2005 IEEE Symposium on Security and Privacy (S&P'05). -- IEEE, 2005

[34] J.A.M. McHugh , F.P. Deek -- An Incentive System for Reducing Malware Attacks. -- Communications of the ACM, 2005, 6

[35] J.V. Harrison -- Enhancing Network Security By Preventing User-Initiated Malware Execution. — Proceedings of the International Conference on Information Technology Coding and Computing (ITCC'05). -- IEEE, 2005

[36] A. Bohra , I. Neamtiu , P. Gallard , F. Sultan , L. Iftode -- Remote Repair of Operating System State Using Backdoors. — Proceedings of the International Conference on Autonomic Computing (ICAC'04). -- IEEE, 2004

[37] F. Sultan , A. Bohra , S. Smaldone , Y. Pan , P. Gallard , I. Neamtiu , L. Iftode -- Recovering Internet Service Sessions from Operating System Failures. -- IEEE Internet Computing, 2005, March/April

[38] J.B. Grizzard , S. Krasser , H.L. Owen , G.J. Conti , E.R. Dodson -- Towards an Approach for Automatically Repairing Compromised Network Systems. — Proceedings of the Third IEEE International Symposium on Network Computing and Applications (NCA'04). -- IEEE, 2004

[39] A. Goel , K. Po , K. Farhadi , Z. Li , E. de Lara -- The Taser Intrusion Recovery System. — Proceedings of the SOSP'05. -- ACM, 2005

[40] J. Levine , J. Grizzard , H. Owen -- A Methodology to Detect and Characterize Kernel Level Rootkit Exploits Involving Redirection of the System Call Table. — Proceedings of the Second IEEE International Information Assurance Workshop (IWIA'04). -- IEEE, 2004

[41] C. Kruegel , W. Robesrtson , G. Vigna -- Detecting Kernel-Level Rootkits Through Binary Analysis. — Proceedings of the 20th Annual Computer Security Applications Conference (ACSAC'04). -- IEEE, 2004

[42] H. Xu , W. Du , S.J. Chapin -- Detecting Exploit Code Execution in Loadable Kernel Modules. — Proceedings of the 20th Annual Computer Security Applications Conference (ACSAC'04). -- IEEE, 2004

[43] Y.-M. Wang , D. Beck , B. Vo , R. Roussev , C. Verbowski -- Detecting Stealth Software with Strider GhostBuster. — Proceedings of the 2005 International Conference on Dependable Systems and Networks (DSN'05). -- IEEE, 2005

[44] S. Ring , D. Esler , E. Cole -- Self-Healing Mechanisms for Kernel System Compromises. — Proceedings of the WOSS'04. -- ACM, 2004

[45] M. Laureano , C. Maziero , E. Jamhour -- Intrusion Detection in Virtual Machine Environments. — Proceedings of the 30th EUROMICRO Conference (EUROMICRO'04). -- IEEE, 2004

[46] M. Vrable , J. Ma , J. Chen , D. Moore , E. Vandekieft , A.C. Snoeren , G.M. Voelker , S. Savage -- Scalability, Fidelity, and Containment in the Potemkin Virtual Honeyfarm. — Proceedings of the SOSP'05. -- ACM, 2005

[47] S. Ring , E. Cole -- Taking a Lesson from Stealthy Rootkits. -- IEEE Security & Privacy, 2004, July/August

[48] W. Shi , H.-H.S. Lee , G. Gu , L. Falk -- An Intrusion-Tolerant and Self-Recoverable Network Service System Using A Security Enhanced Chip Multiprocessor. — Proceedings of the Second International Conference on Autonomic Computing (ICAC'05) -- IEEE, 2005

Назад Оглавление