引用本文: |
-
曾威,扈红超,霍树民,周大成.一种面向N变体系统的时延隐蔽信道攻击及其对策研究[J].信息安全学报,2022,7(3):91-106 [点击复制]
- ZENG Wei,HU Hongchao,HUO Shumin,ZHOU Dacheng.A Time-delayed Covert Channel Attack and Its Countermeasures for N-Variant Systems[J].Journal of Cyber Security,2022,7(3):91-106 [点击复制]
|
|
摘要: |
N变体系统具有高可靠性和高安全性的特点,能够有效防御多种安全风险,现已广泛应用于金融、医疗、军事和网络空间等多个具有高安全性需求的领域。但是N变体系统特有的裁决机制为实施时延隐蔽信道攻击提供了潜在的实现途径。针对这种潜在的安全威胁,本文首先分析了一种面向N变体系统的时延隐蔽信道攻击方法,该攻击方法以信息论为基础,利用N变体系统响应时延的差异特征来泄露系统信息。进而,推导出了攻击者使用响应时延样本均值和样本方差作为特征统计量时的检出率公式。然后针对该时延隐蔽信道攻击方法,从减少攻击者利用响应时延差异特征的角度上提出随机加扰策略、自适应加扰策略和先到先裁决策略三种防御策略,随机加扰策略通过引入延迟使响应时延具有相同的统计特征,自适应加扰策略通过动态调整裁决策略以平衡系统运行效率,先到先裁决策略通过优化裁决算法以减少攻击者利用时延差异特征来泄露系统信息,同时提升一定的系统性能。最后,开发了基于Nginx的原型系统并进行了广泛的实验,实验部分证明了该时延隐蔽信道攻击对N变体系统的安全威胁,同时验证了三种防御策略的可行性与有效性,性能对比测试结果表明先到先裁决策略相较于原裁决策略降低了10%的系统响应时延,吞吐量提升了18%,CPU利用率提升了3%。 |
关键词: 响应时延 隐蔽信道攻击 N变体系统 信息泄露 |
DOI:10.19363/J.cnki.cn10-1380/tn.2022.05.06 |
投稿时间:2021-04-02修订日期:2021-07-22 |
基金项目:本课题得到国家自然科学基金项目(No.62002383)、国家重点研发计划课题(No.2018YFB0804004)资助。 |
|
A Time-delayed Covert Channel Attack and Its Countermeasures for N-Variant Systems |
ZENG Wei, HU Hongchao, HUO Shumin, ZHOU Dacheng
|
(NDSC, People's Liberation Army Strategic Support Force Information Engineering University, Zhengzhou 450001, China) |
Abstract: |
The N-variant system has the characteristics of high reliability and high security, and can effectively defend against a variety of security risks. It has been widely used in many fields with high security requirements, such as finance, medical treatment, military, and cyberspace. However, the unique adjudication mechanism of the N-variant system provides a potential way to implement time-delayed covert channel attacks. In response to this potential security threat, this article first analyzes a time-delayed covert channel attack method for N-variant systems. The attack method is based on information theory and uses the difference characteristics of the N-variant system response time to leak system information. Furthermore, the formula of the detection rate when the attacker uses the response delay sample mean and sample variance as characteristic statistics is derived. Then, for this time-delayed covert channel attack method, three defensive strategies, random scrambling strategy, adaptive scrambling strategy, and first-come-first-ruling strategy, are proposed from the perspective of reducing the attacker's use of response delay difference characteristics. The random scrambling strategy introduces a delay to make the response delay have the same statistical characteristics. The adaptive scrambling strategy dynamically adjusts the ruling strategy to balance system operating efficiency. The first-come-first- ruling strategy optimizes the adjudication algorithm to reduce the attacker's use of delay difference characteristics to leak system information, and at the same time improve certain system performance. Finally, a prototype system based on Nginx was developed and extensive experiments were carried out. The experimental part proved the security threat of the time-delayed covert channel attack to the N-variant system, and verified the feasibility and effectiveness of the three defense strategies. The performance comparison test results show that compared with the original ruling strategy, the first-come-first-ruling strategy reduces the system response delay by 10%, the throughput increases by 18%, and the CPU utilization rate increases by 3%. |
Key words: response time delay covert channel attack N-variant system information leakage |