• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.4
• /
• pp.1927-1943
• /
• 2016

Jitterbug is a passive network covert timing channel supplying reliable stealthy transmission. It is also the basic manner of some improved covert timing channels designed for higher undetectability. The existing entropy-based detection scheme based on training sample binning may suffer from model mismatching, which results in detection performance deterioration. In this paper, a new detection method based on the feature of Jitterbug covert channel traffic is proposed. A fixed binning strategy without training samples is used to obtain bins distribution feature. Coefficient of variation (CV) is calculated for several sets of selected bins and the weighted mean is used to calculate the final CV value to distinguish Jitterbug from normal traffic. Furthermore, the timing window parameter of Jitterbug is estimated based on the detected traffic. Experimental results show that the proposed detection method can achieve high detection performance even with interference of network jitter, and the parameter estimation method can provide accurate values after accumulating plenty of detected samples.

• International journal of advanced smart convergence
• /
• v.6 no.4
• /
• pp.56-59
• /
• 2017

In this paper, we design a covert channel based on instruction gadgets in smart sensing devices. Unlike the existing convert channels that usually utilize diverse physical characteristics or user behaviors or sensory data of smart sensing devices, we show that instruction gadgets could be exploited for covert channel establishment in smart sensing devices. In our devised covert channels, trojan smart sensing devices exchange attack packets in such a way that they encode an attack bit in attack packet to a series of addresses of instruction gadgets and decode an attack bit from a series of addresses of instruction gadgets.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.1
• /
• pp.35-45
• /
• 2004

In explosively increasing internet environments, information security is one of the most important consideration. Nowadays, various security solutions are used as such problems countermeasure; IDS, Firewall and VPN. However, basically internet has much vulnerability of protocol itself. Specially, it is possible to establish a covert channel using TCP/IP header fields such as identification, sequence number, acknowledge number, timestamp and so on. In this Paper, we focus cm the covert channels using identification field of IP header and the sequence number field of TCP header. To detect such covert channels, we used Support Vector Machine which has excellent performance in pattern classification problems. Our experiments showed that proposed method could discern the abnormal cases(including covert channels) from normal TCP/IP traffic using Support Vector Machine.

• Journal of Communications and Networks
• /
• v.17 no.5
• /
• pp.525-533
• /
• 2015

MS Office suit software is the most widely used electronic documents by a large number of users in the world, which has absolute predominance in office software market. MS Office 2007-2013 documents, which use new office open extensible markup language (OOXML) format, could be illegally used as cover mediums to transmit secret information by offenders, because they do not easily arouse others suspicion. This paper proposes nine forensic methods and an integrated forensic tool for OOXML format documents on the basis of researching the potential information hiding methods. The proposed forensic methods and tool cover three categories; document structure, document content, and document format. The aim is to prevent covert communication and provide security detection technology for electronic documents downloaded by users. The proposed methods can prevent the damage of secret information embedded by offenders. Extensive experiments based on real data set demonstrate the effectiveness of the proposed methods.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.8
• /
• pp.1422-1430
• /
• 2016

Researches for oceans are limited to military purpose such as underwater sound detection and tracking system. Underwater acoustic communications with low-probability-of-interception (LPI) covert characteristics were received much attention recently. Covert communications are conducted at a low received signal-to-noise ratio to prevent interception or detection by an eavesdropper. This paper proposed optimal covert communication model based on direct sequence spread spectrum for underwater environments. Spread spectrum signals may be used for data transmission on underwater acoustic channels to achieve reliable transmission by suppressing the detrimental effect of interference and self-interference due to jamming and multipath propagation. The characteristics of the underwater acoustic channel present special problems in the design of covert communication systems. To improve performance and probability of interception, we applied BCJR(Bahl, Cocke, Jelinek, Raviv) decoding method and the direct sequence spread spectrum technology in low SNR. Also, we compared the performance between conventional model and proposed model based on turbo equalization by simulation and lake experiment.

• Journal of Convergence for Information Technology
• /
• v.8 no.3
• /
• pp.161-168
• /
• 2018

This study examined the relationship between covert narcissism on depression for College students as a mediator Emotional Clarity and Ambivalence over Emotional Expressiveness through structural equation modeling. To this end, we conducted a survey of 343 university students living in central area of Korea, a measure of CNS, BDI, TMMS, AEQ-K. The result of the study were as follows. First, all the variables had meaningful positive of negative correlations. Secondly, When Covert Narcissism affects Depression, Emotional Clarity and Ambivalence over emotional expressiveness were full mediated. Third, the indirect effects of Emotional Clarity, Ambivalence over Emotional Expressiveness on the effects of covert narcissism on depression were relevance. Finally, the implications and limitations of the study were discussed.

• The Journal of the Acoustical Society of Korea
• /
• v.41 no.2
• /
• pp.227-234
• /
• 2022

Covert Underwater Communication (CUC) signals should not be detected by other unintended users. Similar to the method used in Radio Frequency (RF), covert communication technique sending information underwater is designed in consideration of the characteristics of Low Probability of Detection (LPD) and Low Probability of Intercept (LPI). These conventional methods, however, are difficult to be used in the underwater communications because of the narrow frequency bandwidth. Unlike the conventional methods of reducing transmission power or increasing the modulation bandwidth, a method of mimicking the acoustic signal of an underwater mammal is being studied. The biomimetic underwater acoustic communication mainly mimics the click or whistle sound produced by dolphin or whale. This paper investigates biomimetic communication method and introduces research trends to understand the potential for the development of such biomimetic covert underwater acoustic communication and future research areas.

• Phonetics and Speech Sciences
• /
• v.15 no.4
• /
• pp.35-43
• /
• 2023

This study aimed to investigate the relationship between overt and covert characteristics of stuttering. This study included 10 adult participants who stutter. To analyze the overt characteristics, stuttering frequency, duration of stuttering moments, concomitant behaviors, and total score were scored based on the Stuttering Severity Instrument-Fourth Edition (SSI-4). Additionally, the modified Erickson scale of communication attitudes (S-24) and the Overall Assessment of the Speaker's Experience of Stuttering for Adults (OASES-A; general information, reactions to stuttering, communication in daily situations, quality of life, and total score) were used to determine the covert characteristics. Correlation analyses showed no significant association between the overt and covert variables. However, there were significant correlations between the scores on the S-24 and the OASES-A. These findings support the perspective that the overt characteristics of stuttering do not predict the covert characteristics, and vice versa. Therefore, when evaluating and intervening with adults who stutter, it is important to consider these characteristics separately.

• Proceedings of the Korean Information Science Society Conference
• /
• 1998.10b
• /
• pp.211-213
• /
• 1998

실시간 응용을 위한 데이터베이스 시스템은 시간 제약 조건을 만족시켜야 하며, 데이터 일관성을 유지해야 한다. 또한 다중레벨을 지원하는 보안 프로토콜은 cover channel의 생성을 방지하는 것이 중요하다. Son과 Mukkamala는 primary copy와 secondary copy를 사용한 SRT-2PL을 개발하였다. 이 프로토콜은 보안 레벨간의 불간섭(non-interference)을 지원하며, covert channel의 발생을 막을 수 있으며, 지연이 적고 취소가 적으므로 실시간 데이터베이스 시스템에서 보안을 유지하는데 사용될 수 있다. 그러나 secondary copy를 모든 데이터 오브젝트에 대해 항상 보존해야 하므로 작업공간의 낭비가 있고, 데이터의 갱신을 위해 update queue를 관리해야 하는 오버헤드와 그에 따른 예측성 결여가 문제점으로 나타난다. 따라서, 본 논문에서는 불간섭을 지원하여 covert channel의 발생을 방지하면서, 복사본의 유지 기간을 줄여 실시간 지원을 강화시키고, 예측성을 좀더 높인 개선된 SRT-2PL 실시간 데이터베이스 보안 프로토콜을 제안한다. 본 논문에서 제안하는 동적 복사 알고리즘은 트랜잭션의 동작에 따라 동적으로 복사본을 생성하여 레벨간의 불간섭을 제공함과 동시에, 복사본의 유지 기간을 줄여 작업공간의 낭비를 줄이고 예측성을 높일 수 있다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.8
• /
• pp.3187-3200
• /
• 2020

Finding key users in microblog has been a research hotspot in recent years. There are two kinds of key users: obvious and hidden ones. Influence of the former is direct while that of the latter is indirect. Most of existing methods evaluate user's direct influence, so key users they can find usually obvious ones, and their ability to identify hidden key users is very low as hidden ones exert influence in a very covert way. Consequently, the algorithm of finding hidden key users based on topic transfer entropy, called TTE, is proposed. TTE algorithm believes that hidden key users are those normal users possessing a high covert influence on obvious ones. Firstly, obvious key users are discovered based on microblog propagation scale. Then, based on microblogs' topic similarity and time correlation, the transfer entropy from ordinary users' blogs to obvious key users is calculated and used to measure the covert influence. Finally, hidden influence degrees of ordinary users are comprehensively evaluated by combining above indicators with the influence of both ordinary users and obvious ones. We conducted experiments on Sina Weibo, and the results showed that TTE algorithm had a good ability to identify hidden key users.