On security-aware transmission scheduling

The problem of interest is to characterize to what extent nodes independently following certain transmission schedules can be hijacked to relay flows of information packets. Information flows can be embedded in given transmission schedules by properly adding delays and inserting dummy packets. Such hidden flows are usually indicators of network intrusion, and it is of interest to know their rates. The maximum rate of information flow that can be transmitted without causing the transmission activities to deviate from given transmission schedules is used to measure the covert capacity under these schedules. Based on the assumption that information flows have bounded delays, a theoretical framework is constructed to quantitively analyze the covert capacity under transmission schedules modeled by renewal processes. Explicit solution is obtained for Poisson processes. The results suggest a close correlation between the covert capacity and the traffic burstiness.

[1]  Lang Tong,et al.  Detecting Information Flows: Improving Chaff Tolerance by Joint Detection , 2007, 2007 41st Annual Conference on Information Sciences and Systems.

[2]  Vern Paxson,et al.  Multiscale Stepping-Stone Detection: Detecting Pairs of Jittered Interactive Streams by Exploiting Maximum Tolerable Delay , 2002, RAID.

[3]  Lang Tong,et al.  Detection of Information Flows , 2008, IEEE Transactions on Information Theory.

[4]  Lang Tong,et al.  Distributed Detection of Information Flows , 2008, IEEE Transactions on Information Forensics and Security.

[5]  Dawn Xiaodong Song,et al.  Detection of Interactive Stepping Stones: Algorithms and Confidence Bounds , 2004, RAID.

[6]  Ting He,et al.  Distributed Detection of Information Flows with Side-Information , 2007, 2007 Conference Record of the Forty-First Asilomar Conference on Signals, Systems and Computers.

[7]  Lang Tong,et al.  Detecting Encrypted Stepping-Stone Connections , 2007, IEEE Transactions on Signal Processing.

[8]  Lang Tong,et al.  Distributed Detection of Information Flows in Chaff , 2007, 2007 IEEE International Symposium on Information Theory.

[9]  Richard L. Tweedie,et al.  Markov Chains and Stochastic Stability , 1993, Communications and Control Engineering Series.

[10]  Stuart Staniford-Chen,et al.  Holding intruders accountable on the Internet , 1995, Proceedings 1995 IEEE Symposium on Security and Privacy.

[11]  Sally Floyd,et al.  Wide area traffic: the failure of Poisson modeling , 1995, TNET.