1,070 research outputs found
Blindspot: Indistinguishable Anonymous Communications
Communication anonymity is a key requirement for individuals under targeted
surveillance. Practical anonymous communications also require
indistinguishability - an adversary should be unable to distinguish between
anonymised and non-anonymised traffic for a given user. We propose Blindspot, a
design for high-latency anonymous communications that offers
indistinguishability and unobservability under a (qualified) global active
adversary. Blindspot creates anonymous routes between sender-receiver pairs by
subliminally encoding messages within the pre-existing communication behaviour
of users within a social network. Specifically, the organic image sharing
behaviour of users. Thus channel bandwidth depends on the intensity of image
sharing behaviour of users along a route. A major challenge we successfully
overcome is that routing must be accomplished in the face of significant
restrictions - channel bandwidth is stochastic. We show that conventional
social network routing strategies do not work. To solve this problem, we
propose a novel routing algorithm. We evaluate Blindspot using a real-world
dataset. We find that it delivers reasonable results for applications requiring
low-volume unobservable communication.Comment: 13 Page
"The Good, The Bad And The Ugly": Evaluation of Wi-Fi Steganography
In this paper we propose a new method for the evaluation of network
steganography algorithms based on the new concept of "the moving observer". We
considered three levels of undetectability named: "good", "bad", and "ugly". To
illustrate this method we chose Wi-Fi steganography as a solid family of
information hiding protocols. We present the state of the art in this area
covering well-known hiding techniques for 802.11 networks. "The moving
observer" approach could help not only in the evaluation of steganographic
algorithms, but also might be a starting point for a new detection system of
network steganography. The concept of a new detection system, called MoveSteg,
is explained in detail.Comment: 6 pages, 6 figures, to appear in Proc. of: ICNIT 2015 - 6th
International Conference on Networking and Information Technology, Tokyo,
Japan, November 5-6, 201
Code wars: steganography, signals intelligence, and terrorism
This paper describes and discusses the process of secret communication known as steganography. The argument advanced here is that terrorists are unlikely to be employing digital steganography to facilitate secret intra-group communication as has been claimed. This is because terrorist use of digital steganography is both technically and operationally implausible. The position adopted in this paper is that terrorists are likely to employ low-tech steganography such as semagrams and null ciphers instead
Command & Control: Understanding, Denying and Detecting - A review of malware C2 techniques, detection and defences
In this survey, we first briefly review the current state of cyber attacks,
highlighting significant recent changes in how and why such attacks are
performed. We then investigate the mechanics of malware command and control
(C2) establishment: we provide a comprehensive review of the techniques used by
attackers to set up such a channel and to hide its presence from the attacked
parties and the security tools they use. We then switch to the defensive side
of the problem, and review approaches that have been proposed for the detection
and disruption of C2 channels. We also map such techniques to widely-adopted
security controls, emphasizing gaps or limitations (and success stories) in
current best practices.Comment: Work commissioned by CPNI, available at c2report.org. 38 pages.
Listing abstract compressed from version appearing in repor
Steganographer Identification
Conventional steganalysis detects the presence of steganography within single
objects. In the real-world, we may face a complex scenario that one or some of
multiple users called actors are guilty of using steganography, which is
typically defined as the Steganographer Identification Problem (SIP). One might
use the conventional steganalysis algorithms to separate stego objects from
cover objects and then identify the guilty actors. However, the guilty actors
may be lost due to a number of false alarms. To deal with the SIP, most of the
state-of-the-arts use unsupervised learning based approaches. In their
solutions, each actor holds multiple digital objects, from which a set of
feature vectors can be extracted. The well-defined distances between these
feature sets are determined to measure the similarity between the corresponding
actors. By applying clustering or outlier detection, the most suspicious
actor(s) will be judged as the steganographer(s). Though the SIP needs further
study, the existing works have good ability to identify the steganographer(s)
when non-adaptive steganographic embedding was applied. In this chapter, we
will present foundational concepts and review advanced methodologies in SIP.
This chapter is self-contained and intended as a tutorial introducing the SIP
in the context of media steganography.Comment: A tutorial with 30 page
Models and Algorithms for Graph Watermarking
We introduce models and algorithmic foundations for graph watermarking. Our
frameworks include security definitions and proofs, as well as
characterizations when graph watermarking is algorithmically feasible, in spite
of the fact that the general problem is NP-complete by simple reductions from
the subgraph isomorphism or graph edit distance problems. In the digital
watermarking of many types of files, an implicit step in the recovery of a
watermark is the mapping of individual pieces of data, such as image pixels or
movie frames, from one object to another. In graphs, this step corresponds to
approximately matching vertices of one graph to another based on graph
invariants such as vertex degree. Our approach is based on characterizing the
feasibility of graph watermarking in terms of keygen, marking, and
identification functions defined over graph families with known distributions.
We demonstrate the strength of this approach with exemplary watermarking
schemes for two random graph models, the classic Erd\H{o}s-R\'{e}nyi model and
a random power-law graph model, both of which are used to model real-world
networks
- âŚ