Identifying the origins of business’ data breaches utilizing covert timing channels

Author

Gayle L. Frisbie

Date Approved

2024

Degree Type

Open Access Thesis

Degree Name

Master of Science (MS)

Department or School

College of Engineering and Technology

Committee Member

Omar Darwish, Ph.D.

Committee Member

Munther Abualkibash, Ph.D.

Committee Member

Anas Alsobeh, Ph.D.

Committee Member

Suleiman Ashur, Ph.D.

Abstract

Cybersecurity events and data breaches are on the rise and are very costly to businesses. Businesses rely on connectivity and information systems to conduct business, yet those same information systems can be breached and the organization's data exposed. Today, there is a heavy reliance of organizations upon network connections to connect the entire organization in order to conduct business efficiently and from multiple locations. Covert timing channels are a cybersecurity attack method in which malicious actors embed privileged information into normal network traffic without authorization. Malicious actors, by carefully manipulating timing patterns in covert timing channels, can create a hidden communication channel that is difficult to detect. In the following research, a technique is proposed to detect/classify the type of privileged information leaked over a covert timing channel, using communication packets and a machine learning algorithm to train a classification model to identify the origin of a data breach.

Recommended Citation

Frisbie, Gayle L., "Identifying the origins of business’ data breaches utilizing covert timing channels" (2024). Master's Theses and Doctoral Dissertations. 1231.
https://commons.emich.edu/theses/1231