Method of auditing communication traffic
First Claim
1. A method of auditing communications traffic in a communications system comprising a plurality of nodes and a plurality of communications channels between said plurality of nodes, said method comprising the steps of:
- collecting network characteristics;
changing a granularity of change in the number of idle slots to change said network characteristics; and
repeating at predefined intervals.
8 Assignments
0 Petitions
Accused Products
Abstract
The present invention discloses a method for auditing and controlling overt and covert communication traffic in a communication system. The present invention identifies and uses a few parameters to characterize system communication traffic: the volume (V), the frequency (F), the order (O), the (extrinsic) nature (N) of communication between a given pair of nodes and the length (L) (or duration) of transmission. Using one or a combination of the parameters V, F, O, N, L, the invention determines "baseline" system conditions, and audit the behavior and operations of overt and covert communication activity to detect "out-of-baseline" traffic patterns. To further prevent covert channel communications, the present invention introduces an adaptive transmission scheduling policy and a channel handling policy based upon a channel auditing mechanism. The covert channel handling policy of the invention controls the covert channel capacity for noiseless and noisy channels by changing the granularity of change of idle slots in the system. An auditability threshold is used to determine the range of system operations that is accepted as "normal or baseline." When a communication system under supervision is observed to be falling out of "normal or baseline" range, a system audit can be initiated to detect system faults and control overt and covert communication traffic.
78 Citations
16 Claims
-
1. A method of auditing communications traffic in a communications system comprising a plurality of nodes and a plurality of communications channels between said plurality of nodes, said method comprising the steps of:
-
collecting network characteristics; changing a granularity of change in the number of idle slots to change said network characteristics; and repeating at predefined intervals. - View Dependent Claims (2, 3)
-
-
4. A method of auditing communications traffic in a communications system comprising a plurality of nodes and a plurality of communications channels between said plurality of nodes, said method comprising the steps of:
-
collecting network characteristics; and repeating at predefined intervals, wherein said communication system further comprises a trusted computing base (TCB).
-
-
5. A method of controlling a communication system comprising a plurality of communication channels, said method comprising:
-
using a threshold to specify a "baseline" range of said communication system; monitoring said threshold to detect said communication system falling outside of said "baseline" range; using a parameter to change said communication system'"'"'s characteristic. - View Dependent Claims (6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
Specification