上海交通大学学报

上海交通大学学报(自然版)

• 自动化技术、计算机技术 • 上一篇    下一篇

基于带标签有限自动机的隐蔽存储通道搜索

姚立红1,2,訾小超1,2,潘理1,李建华1   

  1. (1. 上海交通大学 信息安全工程学院, 上海 200240;
    2. 南京大学 计算机软件新技术国家重点实验室, 南京 210093)
  • 收稿日期:2007-11-21 修回日期:1900-01-01 出版日期:2008-10-28 发布日期:2008-10-28

Covert Storage Channel Identification Based on Labeled Finite Automaton

YAO Li-hong1,2, ZI Xiao-chao1,2, PAN Li1, LI Jian-hua1   

  1. (1. School of Information Security Engineering, Shanghai Jiaotong University, Shanghai 200240, China;
    2. State Key Laboratory of Novel Software Technology, Nanjing University, Nanjing 210093, China)
  • Received:2007-11-21 Revised:1900-01-01 Online:2008-10-28 Published:2008-10-28

摘要: 分析了隐蔽存储通道存在时的系统运行特征,在此基础上提出一种隐蔽存储通道搜索方法.该方法运用有限自动机模型描述系统运行规则,通过自动化过程发现系统中潜在的隐蔽存储通道.该搜索方法为潜在的隐蔽存储通道描绘出存在场景和信息传递过程,并由此计算出带宽.

关键词: 安全操作系统, 隐蔽通道, 带标签有限自动机, 信息熵

Abstract: The characteristic of an information system was analyzed while covert storage channels exist. Then a covert storage channel identification method was put forward. It models the system as a labelled finite automaton and identifies the potential covert storage channels automatically. Then the existence scenarios and the information transferring processes of these channels were described. Furthermore, the calculation of the channel bandwidth was discussed.

中图分类号: