Menu
Publications
2024
2023
2022
2021
2020
2019
2018
2017
2016
2015
2014
2013
2012
2011
2010
2009
2008
2007
2006
2005
2004
2003
2002
2001
Editor-in-Chief
Nikiforov
Vladimir O.
D.Sc., Prof.
Partners
doi: 10.17586/2226-1494-2018-18-5-834-842
COVERT CHANNEL TECHNIQUE BASED ON STREAMING PROTOCOL
Read the full article ';
Article in Russian
For citation:
Abstract
For citation:
Shipulin P.M., Kozin V.V., Shniperov A.N. Covert channel technique based on streaming protocol. Scientific and Technical Journal of Information Technologies, Mechanics and Optics, 2018, vol. 18, no. 5, pp. 834–842 (in Russian). doi: 10.17586/2226-1494-2018-18-5-834-842
Abstract
The paper presents analysis of modern network covert channels. The authors set forward a hypothesis of effective streaming protocol usage for covert channel creating. Covert channel technique for open networks is proposed. RTP-based covert channel functional model is described. Estimated characteristics of software prototype are reported. The results of stegano system software prototype operational testing in laboratory conditions and the Internet are described. Software prototype demonstrated high covertness with allowable capacity for many tasks. At the same time transfer characteristics decrease with the complication of network topology. Obtained research results have two application domains of prime importance. On the one hand, illegal covert channel detection methods can be used by DLP-systems developers, law-enforcement agencies and defense establishments. On the other hand, the proposed method for covert information transmission can be used in telemetered covert channel creation, for example, satellite communication.
Keywords: steganography, stegano system, covert channel, covert information transmission, network steganography, streaming transfer protocol
References
References
-
Gutierrez-Cardenas J.M. Steganography and data loss prevention: an overlooked risk? International Journal of Security and Its Applications, 2017, vol. 11, no. 4, pp. 71–84. doi: 10.14257/ijsia.2017.11.4.06
-
Karas M., Mazurczyk W., Szczypiorski K. SkyDe: a Skype-based steganographic method. International Journal of Computers, Communications & Control, 2014, vol. 8, no. 3, pp. 432–443. doi: 10.15837/ijccc.2013.3.469
-
Janicki A., Karas M., Mazurczyk W., Szczypiorski K. YouSkyde: information hiding for Skype video traffic. Multimedia Tools and Applications, 2016, vol. 75, no. 21, pp. 13521–13540. doi: 10.1007/s11042-015-2740-0
-
Mazurczyk W., Wendzel S., Zander S., Houmansadr A., Szczypiorski K. Information Hiding in Communication Networks: Fundamentals, Mechanisms, Applications, and Countermeasures. Wiley, 2016, 296 p.
-
Dyatlov A., Castro S. Exploitation of data streams authorized by a network access control system for arbitrary data transfers: tunneling and covert channels over the http protocol. Technical Report. Gray World, 2003, 8 p.
-
Rowland C.H. Covert channels in the TCP/IP protocol suite. First Monday, 1997, vol. 2, no. 5, 15 p. doi: 10.5210/fm.v2i5.528
-
Lewis S., Murdoch S.J. Embedding covert channels into TCP/IP. Lecture Notes in Computer Science, 2005, vol. 3727, pp. 247–261. doi: 10.1007/11558859_19
-
Berk V., Cybenko G., Giani A. Detection of covert channel encoding in network packet delays. Technical Report TR 2005-536. Dartmouth College, 2005, 11 p.
-
Gianvecchio S., Wang H., Wijesekera D., Jajodia S. Model-based covert timing channels: automated modeling and evasion. Lecture Notes in Computer Science, 2008, vol. 5230, pp. 211–230. doi: 10.1007/978-3-540-87403-4_12
-
Wendzel S., Mazurczyk W., Caviglione L., Meier M. Hidden and uncontrolled – on the emergence of network steganographic threats. Proc. ISSE 2014 Securing Electronic Business Processes, 2014, pp. 123–133.doi: 10.1007/978-3-658-06708-3_9
-
Fridrich J. Applications of data hiding in digital images. Proc. 5th Int. Symposium on Signal Processing and its Applications. Brisbane, Australia,1999, vol. 1, 9 p. doi: 10.1109/isspa.1999.818099
-
Casner S., Frederick R., Jacobson V., Schulzrinne H. RFC 3550. RTP: A Transport Protocol for Real-Time Applications. Network Working Group, 2003, 25 p.
-
Servetto S.D., Vetterli M. Communication using phantoms: covert channels in the Internet. Proc. IEEE Int. Symposium on Information Theory. Washington, 2001. doi: 10.1109/isit.2001.936092
-
Cabuk S., Brodley C., Shields C. IP covert timing channels: design and detection. Proc. 11th ACM Conference on Computer and Communications Security. New York, 2004, pp. 178–187. doi: 10.1145/1030083.1030108
-
Houmansadr A., Borisov N. CoCo: coding-based covert timing channels for network flows. Lecture Notes in Computer Science, 2011, vol. 6958, pp. 314–328. doi: 10.1007/978-3-642-24178-9_22
-
Panneton F., L’Ecuyer P. On the Xorshift random number generators. ACM Transactions on Modeling and Computer Simulati, 2005, vol. 15, no. 4, pp. 346–361. doi: 10.1145/1113316.1113319