Seminar: Exploring the use of hierarchal statistical analysis and deep neural networks to detect and mitigate covert timing channels
Assistant Professor and Program Coordinator of Computer Information Systems, Ferrum College
Wednesday, April 29, 2020
1:00pm - 2:00pm
Covert timing channels provide a mechanism to transmit unauthorized information across different processes. It utilizes the inter-arrival times between the transmitted packets to hide the communicated data. It can be exploited in a variety of malevolent scenarios such as leaking military secrets, trade secrets, and other forms of Intellectual Property (IP). They can be also used as a vehicle to attack existing computing systems to disseminate software viruses or worms while bypassing firewalls, intrusion detection and protection systems, and application filters. Therefore, the detection and mitigation of covert channels is a key issue in modern Information Technology (IT) infrastructure. Many companies, countries and government agencies such as the USA government and the USA military bodies, National Security Agency, US Air Force, and National Computer Security Centre are focused on devising better techniques to detect and potentially eliminate covert channels. This will serve as an important building block for a decision support system that protects the IT infrastructure against such vulnerabilities.
In this talk I will introduce new solutions to detect and minimize the amount of data that is potentially exchanged over covert timing channels. The main motivation behind employing the hierarchical statistical analysis approach is to detect the existence of covert timing channel irrespective of the time-scale within which it is concealed with respect to the overall data stream. In addition, compared to flat statistical analysis which is usually utilized in this context, hierarchical statistical approach might give an accurate indicator because it is applied on different levels of the time-scales of the data stream. This is because more features get involved in the analysis process such as means of data segments on different levels.
The massive data collected by decision support systems represent a perfect fuel to the deep learning approaches. While deep learning show many success stories with massive data, traditional analysis algorithms struggle even on high specs workstations. Developing an algorithm to detect covert timing channels using deep learning makes this work different from the others in the recent literature where support vector machine is the main algorithm usually evaluated with different sets of features.
In addition, I will present my research achievements and future research plans. I will also introduce my teaching philosophy, curriculum interests, and potential ideas for curriculum improvements in the near future and longer term.
Dr. Omar Darwish is an Assistant Professor and Program Coordinator of Computer Information Systems at Ferrum College. He received his PhD degree in computer science from Western Michigan University in USA, and the MS degree from Jordan University of Science and Technology in Jordan. He worked as a Visiting Assistant Professor at West Virginia University Institute of Technology, Software Engineer at MathWorks, and a programmer at Nuqul group. His research interests include: cyber security, machine learning, and natural language processing. Dr. Darwish has published a number of papers in top-tier venues.