Steganography of VoIP Streams

The paper concerns available steganographic techniques that can be used for creating covert channels for VoIP (Voice over Internet Protocol) streams. Apart from characterizing existing steganographic methods we provide new insights by presenting two new techniques. The first one is network steganography solution which exploits free/unused protocols' fields and is known for IP, UDP or TCP protocols but has never been applied to RTP (Real-Time Transport Protocol) and RTCP (Real-Time Control Protocol) which are characteristic for VoIP. The second method, called LACK (Lost Audio Packets Steganography), provides hybrid storage-timing covert channel by utilizing delayed audio packets. The results of the experiment, that was performed to estimate a total amount of data that can be covertly transferred during typical VoIP conversation phase, regardless of steganalysis, are also included in this paper.

[1]  Wojciech Mazurczyk,et al.  New security and control protocol for VoIP based on steganography and digital watermarking , 2006, Ann. UMCS Informatica.

[2]  Seungwha Yoo,et al.  Allowable Propagation Delay for VoIP Calls of Acceptable Quality , 2002, AISA.

[3]  Rachel Greenstadt,et al.  Covert Messaging through TCP Timestamps , 2002, Privacy Enhancing Technologies.

[4]  Wojciech Mazurczyk,et al.  Covert Channels in SIP for VoIP signalling , 2008, ArXiv.

[5]  Ravi Jain,et al.  An Experimental Study of the Skype Peer-to-Peer VoIP System , 2005, IPTPS.

[6]  Takehiro Takahashi,et al.  An assessment of VoIP covert channel threats , 2007, 2007 Third International Conference on Security and Privacy in Communications Networks and the Workshops - SecureComm 2007.

[7]  Mike Fisk,et al.  Eliminating Steganography in Internet Traffic with Active Wardens , 2002, Information Hiding.

[8]  Zbigniew Kwecka Application layer covert channel analysis and detection. , 2006 .

[9]  Henning Schulzrinne,et al.  RTP: A Transport Protocol for Real-Time Applications , 1996, RFC.

[10]  Deepa Kundur,et al.  Practical Data Hiding in TCP/IP , 2002 .

[11]  KRZYSZTOF SZCZYPIORSKI HICCUPS : Hidden Communication System for Corrupted Networks , 2003 .

[12]  Grzegorz Lewandowski,et al.  Covert Channels in IPv6 , 2005, Privacy Enhancing Technologies.

[13]  Markus G. Kuhn,et al.  Information hiding-a survey , 1999, Proc. IEEE.

[14]  Martin Vetterli,et al.  Communication using phantoms: covert channels in the Internet , 2001, Proceedings. 2001 IEEE International Symposium on Information Theory (IEEE Cat. No.01CH37252).

[15]  Butler W. Lampson,et al.  A note on the confinement problem , 1973, CACM.

[16]  Mats Näslund,et al.  The Secure Real-time Transport Protocol (SRTP) , 2004, RFC.

[17]  Walter Bender,et al.  Techniques for Data Hiding , 1996, IBM Syst. J..

[18]  Steven J. Murdoch,et al.  Embedding Covert Channels into TCP/IP , 2005, Information Hiding.

[19]  Mark Handley,et al.  SIP: Session Initiation Protocol , 1999, RFC.

[20]  Robert Sparks,et al.  Session Initiation Protocol (SIP) Basic Call Flow Examples , 2003, RFC.

[21]  Wojciech Mazurczyk,et al.  New VoIP Traffic Security Scheme with Digital Watermarking , 2006, SAFECOMP.

[22]  Guillermo Morales-Luna,et al.  Information Hiding through Noisy Channels , 2001, Information Hiding.

[23]  Sebastian Zander,et al.  A survey of covert channels and countermeasures in computer network protocols , 2007, IEEE Communications Surveys & Tutorials.