Covert Channel for Improving VoIP Security

Abstract. In this paper a new way of exchanging data for Voice over Internet Protocol (VoIP) service is presented. With use of audio watermarking and network steganography techniques we achieve a covert channel which can be used for different purposes e.g. to improve IP Telephony signaling protocol's security or to alternate existing protocols like RTCP (Real-Time Control Protocol). In this paper we focus on improving VoIP security. The main advantage of this solution is that it is lightweight (it does not consume any transmission bandwidth) and the data sent is inseparably bound to the voice content

Micro protocol engineering for unstructured carriers: On the embedding of steganographic control protocols into audio transmissions

Network steganography conceals the transfer of sensitive information within unobtrusive data in computer networks. So-called micro protocols are communication protocols placed within the payload of a network steganographic transfer. They enrich this transfer with features such as reliability, dynamic overlay routing, or performance optimization --- just to mention a few. We present different design approaches for the embedding of hidden channels with micro protocols in digitized audio signals under consideration of different requirements. On the basis of experimental results, our design approaches are compared, and introduced into a protocol engineering approach for micro protocols.Comment: 20 pages, 7 figures, 4 table

Systemization of Pluggable Transports for Censorship Resistance

An increasing number of countries implement Internet censorship at different scales and for a variety of reasons. In particular, the link between the censored client and entry point to the uncensored network is a frequent target of censorship due to the ease with which a nation-state censor can control it. A number of censorship resistance systems have been developed thus far to help circumvent blocking on this link, which we refer to as link circumvention systems (LCs). The variety and profusion of attack vectors available to a censor has led to an arms race, leading to a dramatic speed of evolution of LCs. Despite their inherent complexity and the breadth of work in this area, there is no systematic way to evaluate link circumvention systems and compare them against each other. In this paper, we (i) sketch an attack model to comprehensively explore a censor's capabilities, (ii) present an abstract model of a LC, a system that helps a censored client communicate with a server over the Internet while resisting censorship, (iii) describe an evaluation stack that underscores a layered approach to evaluate LCs, and (iv) systemize and evaluate existing censorship resistance systems that provide link circumvention. We highlight open challenges in the evaluation and development of LCs and discuss possible mitigations.Comment: Content from this paper was published in Proceedings on Privacy Enhancing Technologies (PoPETS), Volume 2016, Issue 4 (July 2016) as "SoK: Making Sense of Censorship Resistance Systems" by Sheharbano Khattak, Tariq Elahi, Laurent Simon, Colleen M. Swanson, Steven J. Murdoch and Ian Goldberg (DOI 10.1515/popets-2016-0028

Multi-Level Steganography: Improving Hidden Communication in Networks

The paper presents Multi-Level Steganography (MLS), which defines a new concept for hidden communication in telecommunication networks. In MLS, at least two steganographic methods are utilised simultaneously, in such a way that one method (called the upper-level) serves as a carrier for the second one (called the lower-level). Such a relationship between two (or more) information hiding solutions has several potential benefits. The most important is that the lower-level method steganographic bandwidth can be utilised to make the steganogram unreadable even after the detection of the upper-level method: e.g., it can carry a cryptographic key that deciphers the steganogram carried by the upper-level one. It can also be used to provide the steganogram with integrity. Another important benefit is that the lower-layer method may be used as a signalling channel in which to exchange information that affects the way that the upper-level method functions, thus possibly making the steganographic communication harder to detect. The prototype of MLS for IP networks was also developed, and the experimental results are included in this paper.Comment: 18 pages, 13 figure

Covert Voice over Internet Protocol communications based on spatial model

This paper presents a new spatial steganography model for covert communications over Voice over Internet Protocol (VoIP), providing a solution to the issue of increasing the capacity of covert VoIP channels without compromising the imperceptibility of the channels. Drawing from Orthogonal Modulation Theory in communications, the model introduced two concepts, orthogonal data hiding features and data hiding vectors, to covert VoIP communications. By taking into account the variation characteristics of VoIP audio streams in the time domain, a hiding vector negotiation mechanism was suggested to achieve dynamic self-adaptive ste-ganography in media streams. Experimental results on VoIP steganography show that the pro-posed steganographic method effectively depicted the spatial and temporal characteristics of VoIP audio streams, and enhanced robustness against detection of steganalysis tools, thereby improving the security of covert VoIP communications

Universal steganography model for low bit-rate speech codec

Low bit-rate speech codec offers so many advantages over other codecs that it has become increasingly popular in audio communications such as mobile and VoIP (Voice over Internet Protocol) communications, and thus researching steganography in low bit-rate speech codec is of important significance. In this study, we proposed a universal VoIP steganography model for low bit-rate speech codec that uses the PESQ deterioration rate and the decoding error to automatically choose a data embedding algorithm for each VoIP bitstream, which enables ones to achieve covert communications using a low bit-rate speech codec efficiently and securely. Since no or little attention has been paid to steganography in iSAC (Internet Speech Audio Codec), it was chosen as the test codec to verify the effectiveness, security, and practicability of the proposed steganography model. The experimental results show that, with the proposed steganography model, it achieved the average PESQ deterioration rate of 4.04% (less than 5%, indicating strong imperceptibility) and a high data hiding capacity up to 12 bits/frame (400 bits/second, three times larger than other methods), and the proposed steganography model could effectively resist the latest steganalysis

A Covert Channel in RTP Protocol

A new covert channel over the RTP protocol is designed and implemented by modifying the timestamp value in the RTP header. Due to the high frequency of RTP packets, the covert channel has a high bit-rate, theoretically up to 350 bps. The broad use of RTP for multimedia applications such as VoIP, provides abundant opportunities to such a covert channel to exist. By using the RTP header, many of the challenges present for covert channels using the RTP payload are avoided. A reference implementation of this covert channel is presented. Bit-rates of up to 325 bps were observed. The channel is very difficult to detect due to expected variations in the timestamp field and the flexible nature of RTP