High-Throughput Covert Channels in Adaptive Rate Wireless Communication Systems

In this paper, we outline a novel, forward error correction-based information hiding technique for adaptive rate wireless communication systems. Specifically, we propose lever- aging the functionality of wireless local area network modulation and coding schemes (MCS) and link adaptation mechanisms to significantly increase covert channel throughput. After describing our generalized information hiding model, we detail implementa- tion of this technique within the IEEE 802.11ad, directional multi- Gigabit standard. Simulation results demonstrate the potential of the proposed techniques to develop reliable, high-throughput covert channels under multiple MCS rates and embedding techniques. Covert channel performance is evaluated in terms of the observed packet error ratio of the underlying communication system as well as the bit error ratio of the hidden data

SecMon: End-to-End Quality and Security Monitoring System

The Voice over Internet Protocol (VoIP) is becoming a more available and popular way of communicating for Internet users. This also applies to Peer-to-Peer (P2P) systems and merging these two have already proven to be successful (e.g. Skype). Even the existing standards of VoIP provide an assurance of security and Quality of Service (QoS), however, these features are usually optional and supported by limited number of implementations. As a result, the lack of mandatory and widely applicable QoS and security guaranties makes the contemporary VoIP systems vulnerable to attacks and network disturbances. In this paper we are facing these issues and propose the SecMon system, which simultaneously provides a lightweight security mechanism and improves quality parameters of the call. SecMon is intended specially for VoIP service over P2P networks and its main advantage is that it provides authentication, data integrity services, adaptive QoS and (D)DoS attack detection. Moreover, the SecMon approach represents a low-bandwidth consumption solution that is transparent to the users and possesses a self-organizing capability. The above-mentioned features are accomplished mainly by utilizing two information hiding techniques: digital audio watermarking and network steganography. These techniques are used to create covert channels that serve as transport channels for lightweight QoS measurement's results. Furthermore, these metrics are aggregated in a reputation system that enables best route path selection in the P2P network. The reputation system helps also to mitigate (D)DoS attacks, maximize performance and increase transmission efficiency in the network.Comment: Paper was presented at 7th international conference IBIZA 2008: On Computer Science - Research And Applications, Poland, Kazimierz Dolny 31.01-2.02 2008; 14 pages, 5 figure

ERROR CORRECTION CODE-BASED EMBEDDING IN ADAPTIVE RATE WIRELESS COMMUNICATION SYSTEMS

In this dissertation, we investigated the methods for development of embedded channels within error correction mechanisms utilized to support adaptive rate communication systems. We developed an error correction code-based embedding scheme suitable for application in modern wireless data communication standards. We specifically implemented the scheme for both low-density parity check block codes and binary convolutional codes. While error correction code-based information hiding has been previously presented in literature, we sought to take advantage of the fact that these wireless systems have the ability to change their modulation and coding rates in response to changing channel conditions. We utilized this functionality to incorporate knowledge of the channel state into the scheme, which led to an increase in embedding capacity. We conducted extensive simulations to establish the performance of our embedding methodologies. Results from these simulations enabled the development of models to characterize the behavior of the embedded channels and identify sources of distortion in the underlying communication system. Finally, we developed expressions to define limitations on the capacity of these channels subject to a variety of constraints, including the selected modulation type and coding rate of the communication system, the current channel state, and the specific embedding implementation.Commander, United States NavyApproved for public release; distribution is unlimited

A Proximity based Retransmission Scheme for Power Line Ad-hoc LAN

Power line as an alternative for data transmission is being explored, and also being used to a certain extent. But from the data transfer point of view, power line, as a channel is highly dynamic and hence not quite suitable. To convert the office or home wiring system to a Local Area Network (LAN), adaptive changes are to be made to the existing protocols. In this paper, a slotted transmission scheme is suggested, in which usable timeslots are found out by physically sensing the media. Common usable timeslots for the sender-receiver pair are used for communication. But these will not ensure safe packet delivery since packets may be corrupted on the way during propagation from sender to receiver. Therefore, we also suggest a proximity based retransmission scheme where each machine in the LAN, buffers good packet and machines close to the receiver retransmit on receiving a NACK.Comment: Already published in IJDP

Capacity Estimation for Error Correction Code-based Embedding in Adaptive Rate Wireless Communication Systems

In this paper, we explore the performance of error correction code-based embedding in adaptive rate wireless communication systems. We first develop a model to illustrate the relationship between the selected modulation and coding scheme index, the current channel state, and the embedding capacity. Extensive simulations facilitate the development of expressions to describe the estimated embedding capacity for the proposed scheme when implemented within the single carrier physical layer of the IEEE 802.11ad, directional multi-Gigabit standard. We further identify and characterize various types of distortion and describe additional constraints that may serve to reduce the available embedding margin and overall embedding capacity

SecMon: end-to-end quality and security monitoring system

The Voice over Internet Protocol (VoIP) is becoming a more available and popular way of communication for the Internet users. This also applies to the Peer-to-Peer (P2P) systems and merging these two have already proven to be successful (e.g. Skype). Even the existing standards of VoIP provide an assurance of security and Quality of Service (QoS), however, these features are usually optional and supported by a limited number of implementations. As a result, the lack of mandatory and widely applicable QoS and security guarantee makes the contemporary VoIP systems vulnerable to attacks and network disturbances. In this paper we are facing these issues and propose the SecMon system, which simultaneously provides a lightweight security mechanism and improves quality parameters of the call. SecMon is intended specially for VoIP service over P2P networks and its main advantage is that it provides authentication, data integrity services, adaptive QoS and (D)DoS attack detection. Moreover, the SecMon approach represents a lowbandwidth consumption solution that is transparent to the users and possesses a self-organizing capability. The above-mentioned features are accomplished mainly by utilizing two information hiding techniques: digital audio watermarking and network steganography. These techniques are used to create covert channels that serve as transport channels for lightweight QoS measurement results. Furthermore, these metrics are aggregated in a reputation system that enables best route path selection in the P2P network. The reputation system helps also to mitigate (D)DoS attacks, maximize performance and increase transmission efficiency in the network

Exploração de Covert Channels de Rede sobre comunicações IEEE 802.15.4

The advancements in information and communication technology in the past decades have been converging into a new communication paradigm in which everything is expected to be interconnected with the heightened pervasiveness and ubiquity of the Internet of Things (IoT) paradigm. As these technologies mature, they are increasingly finding its way into more sensitive domains, such as Medical and Industrial IoT, in which safety and cyber-security are paramount. While the number of deployed IoT devices continues to increase annually, up to tens of billions of connected devices, IoT devices continue to present severe cyber-security vulnerabilities, which are worsened by challenges such as scalability, heterogeneity, and their often scarce computing capacity. Network covert channels are increasingly being used to support malware with stealthy behaviours, aiming at exfiltrating data or to orchestrate nodes of a botnet in a cloaked fashion. Nevertheless, the attention to this problem regarding underlying and pervasive IoT protocols such as the IEEE 802.15.4 has been scarce. Therefore, in this Thesis, we aim at analysing the performance and feasibility of such covertchannel implementations upon the IEEE 802.15.4 protocol to support the development of new mechanisms and add-ons that can effectively contribute to improve the current state of-art of IoT systems which rely on such, or similar underlying communication technologies.Os avanços nas tecnologias de informação e comunicação nas últimas décadas têm convergido num novo paradigma de comunicação, onde se espera que todos os intervenientes estejam interconectados pela ubiquidade do paradigma da Internet of Things (Internet das Coisas). Com a maturação destas tecnologias, elas têm-se vindo a infiltrar em domínios cada vez mais sensíveis, como nas aplicações médicas e industriais, onde a confiabilidade da informação e cyber-segurança são um fator crítico. Num contexto onde o número de dispositivos IoT continua a aumentar anualmente, já na ordem das dezenas de biliões de dispositivos interconectados, estes continuam, contudo, a apresentar severas vulnerabilidades no campo da cyber-segurança, sendo que os desafios como a escalabilidade, heterogeneidade e, na maioria das vezes, a sua baixa capacidade de processamento, tornam ainda mais complexa a sua resolução de forma permanente. Os covert channels de rede são cada vez mais um meio de suporte a malwares que apresentam comportamentos furtivos, almejando a extração de informação sensível ou a orquestração de nós de uma botnet de uma forma camuflada. Contudo, a atenção dada a este problema em protocolos de rede IoT abrangentes como o IEEE 802.15.4, tem sido escassa. Portanto, nesta tese, pretende-se elaborar uma análise da performance e da viabilidade da implementação de covert channels em modelos de rede onde figura o protocolo IEEE 802.15.4 de forma a suportar o desenvolvimento de novos mecanismos e complementos que podem efetivamente contribuir para melhorar a ciber-segurança de sistemas IoT que dependem do suporte destas tecnologias de comunicação

Principles of Physical Layer Security in Multiuser Wireless Networks: A Survey

This paper provides a comprehensive review of the domain of physical layer security in multiuser wireless networks. The essential premise of physical-layer security is to enable the exchange of confidential messages over a wireless medium in the presence of unauthorized eavesdroppers without relying on higher-layer encryption. This can be achieved primarily in two ways: without the need for a secret key by intelligently designing transmit coding strategies, or by exploiting the wireless communication medium to develop secret keys over public channels. The survey begins with an overview of the foundations dating back to the pioneering work of Shannon and Wyner on information-theoretic security. We then describe the evolution of secure transmission strategies from point-to-point channels to multiple-antenna systems, followed by generalizations to multiuser broadcast, multiple-access, interference, and relay networks. Secret-key generation and establishment protocols based on physical layer mechanisms are subsequently covered. Approaches for secrecy based on channel coding design are then examined, along with a description of inter-disciplinary approaches based on game theory and stochastic geometry. The associated problem of physical-layer message authentication is also introduced briefly. The survey concludes with observations on potential research directions in this area.Comment: 23 pages, 10 figures, 303 refs. arXiv admin note: text overlap with arXiv:1303.1609 by other authors. IEEE Communications Surveys and Tutorials, 201