Concealed in the Internet: A Novel Covert Channel with Normal Traffic Imitating

Covert channel in network protocols has been an area absorbing great interests for many years in secret transmission. Recently, covert channels based on packet length have become a new preference among researchers in this field because of their excellent performance in simulating statistical features of network packets in real world. However, few approaches which can embed secret information with great security ensured has been worked out by so far. Therefore, in this paper, we analyze the traffic stream of UDP packets, several storage features of data files, then propose a novel network steganography scheme based on IP address, UDP packet length in order to overcome the drawbacks of existing schemes. A comprehensive set of corresponding experiment results show that the proposed covert channel follows the normal traffic statistical features well, thus ensures more security than that of the existing algorithms.

[1]  C. Gray Girling,et al.  Covert Channels in LAN's , 1987, IEEE Transactions on Software Engineering.

[2]  Colin Allison,et al.  Covert Channels in Internet Protocols: A Survey , 2005 .

[3]  Sebastian Zander,et al.  A survey of covert channels and countermeasures in computer network protocols , 2007, IEEE Communications Surveys & Tutorials.

[4]  R. Ciupa,et al.  International Conference , 2023, In Vitro Cellular & Developmental Biology - Animal.

[5]  M A Padlipsky,et al.  Limitations of End-to-End Encryption in Secure Computer Networks , 1978 .

[6]  Krzysztof Szczypiorski A Performance Analysis of HICCUPS--A Steganographic System for WLAN , 2009 .

[7]  Wojciech Mazurczyk,et al.  Principles and overview of network steganography , 2012, IEEE Communications Magazine.

[8]  Butler W. Lampson,et al.  A note on the confinement problem , 1973, CACM.

[9]  Kamran Ahsan,et al.  Covert Channel Analysis and Data Hiding in TCP/IP , 2002 .

[10]  Deepa Kundur,et al.  Practical Data Hiding in TCP/IP , 2002 .

[11]  R. Zamar,et al.  A multivariate Kolmogorov-Smirnov test of goodness of fit , 1997 .

[12]  Arijit Sur,et al.  Length based network steganography using UDP protocol , 2011, 2011 IEEE 3rd International Conference on Communication Software and Networks.

[13]  Saurabh Bagchi,et al.  TCP/IP Timing Channels: Theory to Implementation , 2009, IEEE INFOCOM 2009.

[14]  Arijit Sur,et al.  Detection of Packet Length Based Network Steganography , 2010, 2010 International Conference on Multimedia Information Networking and Security.

[15]  Ingemar J. Cox,et al.  Digital Watermarking and Steganography , 2014 .

[16]  Virgil D. Gligor,et al.  A Formal Method for the Identification of Covert Storage Channels in Source Code , 1987, 1987 IEEE Symposium on Security and Privacy.

[17]  Kevin Curran,et al.  Digital image steganography: Survey and analysis of current methods , 2010, Signal Process..

[18]  Arijit Sur,et al.  Steganalysis of Network Packet Length Based Data Hiding , 2013, Circuits Syst. Signal Process..

[19]  Craig H. Rowland,et al.  Covert Channels in the TCP/IP Protocol Suite , 1997, First Monday.

[20]  Joanna Rutkowska joanna The Implementation of Passive Covert Channels in the Linux Kernel , 2004 .

[21]  Krzysztof Szczypiorski,et al.  A performance analysis of HICCUPS—a steganographic system for WLAN , 2009, 2009 International Conference on Multimedia Information Networking and Security.

[22]  Carla E. Brodley,et al.  IP covert timing channels: design and detection , 2004, CCS '04.

[23]  Steven J. Murdoch,et al.  Embedding Covert Channels into TCP/IP , 2005, Information Hiding.

[24]  Xiamu Niu,et al.  A Normal-Traffic Network Covert Channel , 2009, 2009 International Conference on Computational Intelligence and Security.

[25]  Wojciech Mazurczyk,et al.  Hiding Information in Retransmissions , 2009, ArXiv.

[26]  Zhang Peng Coverting Channel Based on Packet Length , 2008 .

[27]  Xiamu Niu,et al.  A Novel Covert Channel Based on Length of Messages , 2009, 2009 International Symposium on Information Engineering and Electronic Commerce.

[28]  Zhihua Xia,et al.  Steganalysis of least significant bit matching using multi-order differences , 2014, Secur. Commun. Networks.

[29]  Maxim Anikeev,et al.  Network Based Detection of Passive Covert Channels in TCP/IP , 2005, The IEEE Conference on Local Computer Networks 30th Anniversary (LCN'05)l.

[30]  Manfred Wolf Covert Channels in LAN Protocols , 1989, LANSEC.