Noise Tolerant Symbolic Learning of Markov Models of Tunneled Protocols


Bhanu H., Schwier J., Craven R., Ozcelik I. , Griffin C., Brooks R. R.

7th IEEE International Wireless Communications and Mobile Computing Conference (IWCMC), İstanbul, Türkiye, 4 - 08 Temmuz 2011, ss.1310-1314 identifier identifier

  • Cilt numarası:
  • Doi Numarası: 10.1109/iwcmc.2011.5982729
  • Basıldığı Şehir: İstanbul
  • Basıldığı Ülke: Türkiye
  • Sayfa Sayıları: ss.1310-1314

Özet

Recent research has exposed timing side channel vulnerabilities in many security applications. Hidden Markov models (HMMs) have used timing data to extract passwords from cryptographically protected communications tunnels. We extend that work to show how HMM models of protocols can be extracted directly from observations of protocol timing artifacts with no a priori knowledge. Since our approach uses symbolic reasoning, an important question is how to best translate continuous data observations to symbolic data. This translation is problematic when observation variance makes continuous to symbolic translation unreliable. We examine this problem and show that the HMMs we infer compensate automatically for significant observation jitter and symbol misclassification. Experimental verification is presented.