$k$-order statistics to build a stochastic process that has the same $k$-order stationary statistics but possesses different, deliberately designed, $(k+1)$ -order statistics if desired. Such a model realizes a “complexification” of the process or behavior which a defender can use to monitor whether an attacker is shaping the behavior. We also describe a source coding technique that respects the $k$ -order statistics, including entropy which is a first order statistic for example, of a process while encoding information covertly, and we show how to achieve optimizing information rates. Although the main results and examples are stated in terms of behavioral anomaly detection for covert channels, the techniques are more generally applicable to behavioral anomaly analysis. One fundamental consequence of these results is that certain types of behavioral anomaly detection techniques come down to an arms race in the sense that the advantage goes to the party that has more computing resources applied to the problem.">

Engineering Statistical Behaviors for Attacking and Defending Covert Channels (original) (raw)

IEEE Account

Purchase Details

Profile Information

Need Help?

A not-for-profit organization, IEEE is the world's largest technical professional organization dedicated to advancing technology for the benefit of humanity.
© Copyright 2026 IEEE - All rights reserved. Use of this web site signifies your agreement to the terms and conditions.