17 research outputs found
Multi-Level Steganography: Improving Hidden Communication in Networks
The paper presents Multi-Level Steganography (MLS), which defines a new
concept for hidden communication in telecommunication networks. In MLS, at
least two steganographic methods are utilised simultaneously, in such a way
that one method (called the upper-level) serves as a carrier for the second one
(called the lower-level). Such a relationship between two (or more) information
hiding solutions has several potential benefits. The most important is that the
lower-level method steganographic bandwidth can be utilised to make the
steganogram unreadable even after the detection of the upper-level method:
e.g., it can carry a cryptographic key that deciphers the steganogram carried
by the upper-level one. It can also be used to provide the steganogram with
integrity. Another important benefit is that the lower-layer method may be used
as a signalling channel in which to exchange information that affects the way
that the upper-level method functions, thus possibly making the steganographic
communication harder to detect. The prototype of MLS for IP networks was also
developed, and the experimental results are included in this paper.Comment: 18 pages, 13 figure
Recipes for Resistance: A Censorship Circumvention Cookbook
The increasing centralization of Internet infrastructure and web services, along with advancements in the application of machine learning techniques to analyze and classify network traffic, have enabled the growth and proliferation of Internet censorship. While the Internet filtering infrastructure of censoring authorities improves, cracks and weaknesses in the censorship systems deployed by the state allow Internet users to appropriate existing network protocols in order to circumvent censorship attempts. The relationship between censors and censorship resistors is often likened to a cat-and-mouse game in which resistors struggle to find new gaps in nation-state firewalls through which they can access content freely, while censors are devoted to discovering and closing these gaps as quickly as possible.
The life cycle of censorship resistance tools typically begins with their creation, but often ends very quickly as the tools are discovered and blocked by censors whose ability to identify anomalous network traffic continues to grow. In this thesis, we provide several recipes to create censorship resistance systems that disguise user traffic, despite a censor’s complete knowledge of how the system works. We describe how to properly appropriate protocols, maximize censorship-resistant bandwidth, and deploy censorship resistance systems that can stand the test of time
Evaluation of steganographic cost for covert communication in IP networks
Network steganography encompasses the information hiding techniques that can be
applied in communication network environments and that utilize hidden data carriers
for this purpose. When describing a network steganography method despite the
features like steganographic bandwidth, undetectability and robustness also
steganographic cost should be considered. It is used as an indicator for the
degradation or distortion of the carrier caused by the application of the
steganographic method. In this master thesis we are going to evaluate how
steganographic cost is affected in two different scenarios when using different
steganographic methods, either separated or combined. We want to check the
existence of two phenomena that can take place when combining two or more
steganographic methods: superposition steganography and zero cost steganography.Ingeniería de TelecomunicaciónTelekomunikazio Ingeniaritz
An examination of the Asus WL-HDD 2.5 as a nepenthes malware collector
The Linksys WRT54g has been used as a host for network forensics tools for instance Snort for a long period of time. Whilst large corporations are already utilising network forensic tools, this paper demonstrates that it is quite feasible for a non-security specialist to track and capture malicious network traffic. This paper introduces the Asus Wireless Hard disk as a replacement for the popular Linksys WRT54g. Firstly, the Linksys router will be introduced detailing some of the research that was undertaken on the device over the years amongst the security community. It then briefly discusses malicious software and the impact this may have for a home user. The paper then outlines the trivial steps in setting up Nepenthes 0.1.7 (a malware collector) for the Asus WL-HDD 2.5 according to the Nepenthes and tests the feasibility of running the malware collector on the selected device. The paper then concludes on discussing the limitations of the device when attempting to execute Nepenthes