Method of auditing communication traffic

US 5,923,849 A
Filed: 05/07/1996
Issued: 07/13/1999
Est. Priority Date: 05/07/1996
Status: Expired due to Term

First Claim

Patent Images

1. A method of auditing communications traffic in a communications system comprising a plurality of nodes and a plurality of communications channels between said plurality of nodes, said method comprising the steps of:

collecting network characteristics;

changing a granularity of change in the number of idle slots to change said network characteristics; and

repeating at predefined intervals.

View all claims

8 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention discloses a method for auditing and controlling overt and covert communication traffic in a communication system. The present invention identifies and uses a few parameters to characterize system communication traffic: the volume (V), the frequency (F), the order (O), the (extrinsic) nature (N) of communication between a given pair of nodes and the length (L) (or duration) of transmission. Using one or a combination of the parameters V, F, O, N, L, the invention determines "baseline" system conditions, and audit the behavior and operations of overt and covert communication activity to detect "out-of-baseline" traffic patterns. To further prevent covert channel communications, the present invention introduces an adaptive transmission scheduling policy and a channel handling policy based upon a channel auditing mechanism. The covert channel handling policy of the invention controls the covert channel capacity for noiseless and noisy channels by changing the granularity of change of idle slots in the system. An auditability threshold is used to determine the range of system operations that is accepted as "normal or baseline." When a communication system under supervision is observed to be falling out of "normal or baseline" range, a system audit can be initiated to detect system faults and control overt and covert communication traffic.

78 Citations

View as Search Results

16 Claims

1. A method of auditing communications traffic in a communications system comprising a plurality of nodes and a plurality of communications channels between said plurality of nodes, said method comprising the steps of:
- collecting network characteristics;
  
  changing a granularity of change in the number of idle slots to change said network characteristics; and
  
  repeating at predefined intervals.
- View Dependent Claims (2, 3)
- - 2. The method of claim 1 wherein said communication characteristics comprise a covert channel capacity.
  - 3. The method of claim 1 wherein said granularity of change is based on communication load of said communication system.

4. A method of auditing communications traffic in a communications system comprising a plurality of nodes and a plurality of communications channels between said plurality of nodes, said method comprising the steps of:
- collecting network characteristics; and
  
  repeating at predefined intervals,wherein said communication system further comprises a trusted computing base (TCB).

5. A method of controlling a communication system comprising a plurality of communication channels, said method comprising:
- using a threshold to specify a "baseline" range of said communication system;
  
  monitoring said threshold to detect said communication system falling outside of said "baseline" range;
  
  using a parameter to change said communication system'"'"'s characteristic.
- View Dependent Claims (6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
- - 6. The method of claim 5 wherein said threshold comes from a fault dictionary.
  - 7. The method of claim 5 wherein said threshold comprises a communication system load.
  - 8. The method of claim 5 wherein said threshold is based on V (volume), F (frequency), N (nature), O (order), and L (length) of communication.
  - 9. The method of claim 8 further comprising the step of controlling V, F, O, N and L parameters.
  - 10. The method of claim 5 wherein said communication system'"'"'s characteristic is a channel capacity.
  - 11. The method of claim 10 wherein said channel capacity comprises a covert channel capacity.
  - 12. The method of claim 10 wherein a communication on said plurality of communication channels comprises transmission slots during which a packet can be transmitted or received.
  - 13. The method of claim 12 wherein said slots comprise active slots and idle slots.
  - 14. The method of claim 13 wherein said parameter is a granularity of change in the number of idle slots.
  - 15. The method of claim 5 wherein said communication system further comprises a trusted computing base (TCB).
  - 16. The method of claim 15 wherein said step of changing said parameter comprises the steps of:
    - sending a request to change the value of said parameter to said TCB;
      
      changing said parameter to a new value when said TCB approves the new value.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Lucent Technologies, Inc. (Nokia Corporation)
Original Assignee
International Network Services, Inc. (BT Group PLC)
Inventors
Venkatraman, Balaji R.
Primary Examiner(s)
PEESO, THOMAS R

Application Number

US08/644,644
Time in Patent Office

1,162 Days
Field of Search

395/200.11, 395/200.54, 395/200.8, 395/392, 364/550, 364/551.01, 370/355, 370/458, 370/459, 371/67.1, 371/68.2
US Class Current

709/224
CPC Class Codes

H04B 3/46 Monitoring; Testing

Method of auditing communication traffic

First Claim

8 Assignments

0 Petitions

Accused Products

Abstract

78 Citations

16 Claims

Specification

Use Cases

Quick Links

Others

Method of auditing communication traffic

First Claim

8 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

78 Citations

16 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others