Secure covert communications over streaming media using dynamic steganography

Streaming technologies such as VoIP are widely embedded into commercial and industrial applications, so it is imperative to address data security issues before the problems get really serious. This thesis describes a theoretical and experimental investigation of secure covert communications over streaming media using dynamic steganography. A covert VoIP communications system was developed in C++ to enable the implementation of the work being carried out. A new information theoretical model of secure covert communications over streaming media was constructed to depict the security scenarios in streaming media-based steganographic systems with passive attacks. The model involves a stochastic process that models an information source for covert VoIP communications and the theory of hypothesis testing that analyses the adversary‘s detection performance. The potential of hardware-based true random key generation and chaotic interval selection for innovative applications in covert VoIP communications was explored. Using the read time stamp counter of CPU as an entropy source was designed to generate true random numbers as secret keys for streaming media steganography. A novel interval selection algorithm was devised to choose randomly data embedding locations in VoIP streams using random sequences generated from achaotic process. A dynamic key updating and transmission based steganographic algorithm that includes a one-way cryptographical accumulator integrated into dynamic key exchange for covert VoIP communications, was devised to provide secure key exchange for covert communications over streaming media. The discrete logarithm problem in mathematics and steganalysis using t-test revealed the algorithm has the advantage of being the most solid method of key distribution over a public channel. The effectiveness of the new steganographic algorithm for covert communications over streaming media was examined by means of security analysis, steganalysis using non parameter Mann-Whitney-Wilcoxon statistical testing, and performance and robustness measurements. The algorithm achieved the average data embedding rate of 800 bps, comparable to other related algorithms. The results indicated that the algorithm has no or little impact on real-time VoIP communications in terms of speech quality (< 5% change in PESQ with hidden data), signal distortion (6% change in SNR after steganography) and imperceptibility, and it is more secure and effective in addressing the security problems than other related algorithms

Covert communication over VoIP streaming media with dynamic key distribution and authentication

Voice over Internet Protocol (VoIP) is widely embedded into commercial and industrial applications. VoIP streams can be used as innocuous cover objects to hide the secret data in steganographic systems. The security offered by VoIP signaling protocols is likely to be compromised due to a sharp increase in computing power. This article describes a theoretical and experimental investigation of covert steganographic communications over VoIP streaming media. A new information-theoretical model of secure covert VoIP communications was constructed to depict the security scenarios in steganographic systems against the passive attacks. A one-way accumulation-based steganographic algorithm was devised to integrate dynamic key updating and exchange with data embedding and extraction, so as to protect steganographic systems from adversary attacks. The theoretical analysis of steganographic security using information theory proves that the proposed model for covert VoIP communications is secure against a passive adversary. The effectiveness of the steganographic algorithm for covert VoIP communications was examined by means of performance and robustness measurements. The results reveal that the algorithm has no or little impact on real-time VoIP communications in terms of imperceptibility, speech quality, and signal distortion, and is more secure and effective at improving the security of covert VoIP communications than the other related algorithms with the comparable data embedding rates

Introductory Computer Forensics

INTERPOL (International Police) built cybercrime programs to keep up with emerging cyber threats, and aims to coordinate and assist international operations for ?ghting crimes involving computers. Although signi?cant international efforts are being made in dealing with cybercrime and cyber-terrorism, ?nding effective, cooperative, and collaborative ways to deal with complicated cases that span multiple jurisdictions has proven dif?cult in practic

Secure VoIP Performance Measurement

This project presents a mechanism for instrumentation of secure VoIP calls. The experiments were run under different network conditions and security systems. VoIP services such as Google Talk, Express Talk and Skype were under test. The project allowed analysis of the voice quality of the VoIP services based on the Mean Opinion Score (MOS) values generated by Perceptual valuation of Speech Quality (PESQ). The quality of the audio streams produced were subjected to end-to-end delay, jitter, packet loss and extra processing in the networking hardware and end devices due to Internetworking Layer security or Transport Layer security implementations. The MOS values were mapped to Perceptual Evaluation of Speech Quality for wideband (PESQ-WB) scores. From these PESQ-WB scores, the graphs of the mean of 10 runs and box and whisker plots for each parameter were drawn. Analysis on the graphs was performed in order to deduce the quality of each VoIP service. The E-model was used to predict the network readiness and Common vulnerability Scoring System (CVSS) was used to predict the network vulnerabilities. The project also provided the mechanism to measure the throughput for each test case. The overall performance of each VoIP service was determined by PESQ-WB scores, CVSS scores and the throughput. The experiment demonstrated the relationship among VoIP performance, VoIP security and VoIP service type. The experiment also suggested that, when compared to an unsecure IPIP tunnel, Internetworking Layer security like IPSec ESP or Transport Layer security like OpenVPN TLS would improve a VoIP security by reducing the vulnerabilities of the media part of the VoIP signal. Morever, adding a security layer has little impact on the VoIP voice quality

Recent Trends in Communication Networks

In recent years there has been many developments in communication technology. This has greatly enhanced the computing power of small handheld resource-constrained mobile devices. Different generations of communication technology have evolved. This had led to new research for communication of large volumes of data in different transmission media and the design of different communication protocols. Another direction of research concerns the secure and error-free communication between the sender and receiver despite the risk of the presence of an eavesdropper. For the communication requirement of a huge amount of multimedia streaming data, a lot of research has been carried out in the design of proper overlay networks. The book addresses new research techniques that have evolved to handle these challenges

An adaptive approach to detecting behavioural covert channels in IPv6

One of the most important techniques in data hiding is (Metaferography) covert channel, which recently has shown potential impacts on network and data security. Encryption can only protect communication from being decoded, meanwhile, covert channel is the art of hiding information in an overt communication as a carrier of information. Covert channels are normally used for transferring information stealthily. They are used to leak information across the network and to ex/infiltrate classified information from legitimate targets. These hidden channels violate network security and privacy polices, it is easy to embed but unlikely and almost impossible to be detected. Despite of the obvious improvements in IPv6 components and functionality enhancements, there exist intrinsic security vulnerabilities. These vulnerabilities have ongoing implications on network security and traffic performance. Hence, they will create insecure environments in business and banking network, information security management and IT security. ICMPv6 is vital integral part in IPv6, as well as IPsec protocol, to mitigate and eliminate covert channels, the RFC standards and controls should be investigated intensively. Furthermore, incomplete implementation of IPv6 nowadays on all Operating Systems has not exposed the realm of this security protocol performance explicitly. In this thesis, we present a novel Hybrid Heuristic Intelligent Algorithm coupled with enhanced Polynomial Naïve Bayes machine Learning algorithm. The framework is implemented in a supervised learning model to detect and classify covert channels in IPv6. The proposed multi-threaded framework acts as an active security warden processing intelligent information gain and optimized decision trees technique to improve the security vulnerabilities in this new network generation protocol. This new approach develops intelligent heuristic techniques for in depth packet inspection to analyse and examine the header fields of IPv6 protocol. Some of these fields are designated by the designer for quality of service (QoS), future performance diagnostic analysis, unfortunately, they are misused by "bad guys and black hats" to perform various network security attacks against vulnerable targets. These attacks cause immediate and ongoing damage to classified data. In order to prevent and mitigate these types of breaches and threat risks, a multi-security prevention model was created. Furthermore, advanced machine learning technique was implemented to detect, classify and document all current and future unknown anomaly attacks. The suggested HeuBNet6 classiffier obtained highly significant results of 98% detection rate and showed better performance and accuracy with good True Positive Rate (TPR) and low False Positive Rate (FPR)

DST approach to enhance audio quality on lost audio packet steganography

Lost audio packet steganography (LACK) is a steganography technique established on the VoIP network. LACK provides a high-capacity covert channel over VoIP network by artificially delaying and dropping a number of packets in use to convey stegnogram. However, the increasing loss of packets will hurt the quality of the VoIP service. The quality deterioration will not only affect the legitimate VoIP service but also constrain the capacity of the covert channel. Discrete spring transform (DST) is proven to be a way to eliminate the perceptual redundancy in the multimedia signal. In this paper, the DST is applied on the LACK so that the perceptual redundancy of the voice frames is suppressed. In this way, the less redundant VoIP frames with perceptual equivalent quality can be transmitted in a channel whose capacity is squeezed by the established covert channel. As a result, the VoIP perceptual quality can be maintained with the existence of the covert channel. Meanwhile, the proposed DST based method demonstrates the possibilities in exploiting the perceptual space of the multimedia signal. The simulation results show that the DST on LACK achieves up to 24 % more capacity over the LACK scheme

Intensional Cyberforensics

This work focuses on the application of intensional logic to cyberforensic analysis and its benefits and difficulties are compared with the finite-state-automata approach. This work extends the use of the intensional programming paradigm to the modeling and implementation of a cyberforensics investigation process with backtracing of event reconstruction, in which evidence is modeled by multidimensional hierarchical contexts, and proofs or disproofs of claims are undertaken in an eductive manner of evaluation. This approach is a practical, context-aware improvement over the finite state automata (FSA) approach we have seen in previous work. As a base implementation language model, we use in this approach a new dialect of the Lucid programming language, called Forensic Lucid, and we focus on defining hierarchical contexts based on intensional logic for the distributed evaluation of cyberforensic expressions. We also augment the work with credibility factors surrounding digital evidence and witness accounts, which have not been previously modeled. The Forensic Lucid programming language, used for this intensional cyberforensic analysis, formally presented through its syntax and operational semantics. In large part, the language is based on its predecessor and codecessor Lucid dialects, such as GIPL, Indexical Lucid, Lucx, Objective Lucid, and JOOIP bound by the underlying intensional programming paradigm.Comment: 412 pages, 94 figures, 18 tables, 19 algorithms and listings; PhD thesis; v2 corrects some typos and refs; also available on Spectrum at http://spectrum.library.concordia.ca/977460

Intelligent Circuits and Systems

ICICS-2020 is the third conference initiated by the School of Electronics and Electrical Engineering at Lovely Professional University that explored recent innovations of researchers working for the development of smart and green technologies in the fields of Energy, Electronics, Communications, Computers, and Control. ICICS provides innovators to identify new opportunities for the social and economic benefits of society.　 This conference bridges the gap between academics and R&D institutions, social visionaries, and experts from all strata of society to present their ongoing research activities and foster research relations between them. It provides opportunities for the exchange of new ideas, applications, and experiences in the field of smart technologies and finding global partners for future collaboration. The ICICS-2020 was conducted in two broad categories, Intelligent Circuits & Intelligent Systems and Emerging Technologies in Electrical Engineering