57 research outputs found
Unified Description for Network Information Hiding Methods
Until now hiding methods in network steganography have been described in
arbitrary ways, making them difficult to compare. For instance, some
publications describe classical channel characteristics, such as robustness and
bandwidth, while others describe the embedding of hidden information. We
introduce the first unified description of hiding methods in network
steganography. Our description method is based on a comprehensive analysis of
the existing publications in the domain. When our description method is applied
by the research community, future publications will be easier to categorize,
compare and extend. Our method can also serve as a basis to evaluate the
novelty of hiding methods proposed in the future.Comment: 24 pages, 7 figures, 1 table; currently under revie
"The Good, The Bad And The Ugly": Evaluation of Wi-Fi Steganography
In this paper we propose a new method for the evaluation of network
steganography algorithms based on the new concept of "the moving observer". We
considered three levels of undetectability named: "good", "bad", and "ugly". To
illustrate this method we chose Wi-Fi steganography as a solid family of
information hiding protocols. We present the state of the art in this area
covering well-known hiding techniques for 802.11 networks. "The moving
observer" approach could help not only in the evaluation of steganographic
algorithms, but also might be a starting point for a new detection system of
network steganography. The concept of a new detection system, called MoveSteg,
is explained in detail.Comment: 6 pages, 6 figures, to appear in Proc. of: ICNIT 2015 - 6th
International Conference on Networking and Information Technology, Tokyo,
Japan, November 5-6, 201
Hidden and Uncontrolled - On the Emergence of Network Steganographic Threats
Network steganography is the art of hiding secret information within innocent
network transmissions. Recent findings indicate that novel malware is
increasingly using network steganography. Similarly, other malicious activities
can profit from network steganography, such as data leakage or the exchange of
pedophile data. This paper provides an introduction to network steganography
and highlights its potential application for harmful purposes. We discuss the
issues related to countering network steganography in practice and provide an
outlook on further research directions and problems.Comment: 11 page
Micro protocol engineering for unstructured carriers: On the embedding of steganographic control protocols into audio transmissions
Network steganography conceals the transfer of sensitive information within
unobtrusive data in computer networks. So-called micro protocols are
communication protocols placed within the payload of a network steganographic
transfer. They enrich this transfer with features such as reliability, dynamic
overlay routing, or performance optimization --- just to mention a few. We
present different design approaches for the embedding of hidden channels with
micro protocols in digitized audio signals under consideration of different
requirements. On the basis of experimental results, our design approaches are
compared, and introduced into a protocol engineering approach for micro
protocols.Comment: 20 pages, 7 figures, 4 table
DYST (Did You See That?): An Amplified Covert Channel That Points To Previously Seen Data
Covert channels are unforeseen and stealthy communication channels that
enable manifold adversary scenarios. However, they can also allow the exchange
of confidential information by journalists. All covert channels described until
now therefore need to craft seemingly legitimate information flows for their
information exchange, mimicking unsuspicious behavior.
In this paper, we present DYST, which represents a new class of covert
channels we call history covert channels jointly with the new paradigm of
covert channel amplification.
History covert channels can communicate almost exclusively by pointing to
unaltered legitimate traffic created by regular network nodes. Only a
negligible fraction of the covert communication process requires the transfer
of actual covert channel information by the covert channel's sender. This
allows, for the first time, an amplification of the covert channel's message
size, i.e., minimizing the fraction of actually transferred secret data by a
covert channel's sender in relation to the overall secret data being exchanged.
We extend the current taxonomy for covert channels to show how history channels
can be categorized.
We describe multiple scenarios in which history covert channels can be
realized, theoretically analyze the characteristics of these channels and show
how their configuration can be optimized for different implementations. We
further evaluate the robustness and detectability of history covert channels.Comment: 18 pages, rev
Network Information Hiding and Science 2.0: Can it be a Match?
Science 2.0 aims at using the information sharingand collaborative features of the Internet to offer new featuresto the research community. Science 2.0 has been already appliedto computer sciences, especially bioinformatics. For networkinformation hiding, a field studying the possibility of concealing acommunication in networks, the application of Science 2.0 is stilla rather uncovered territory. To foster the discussion of potentialbenefits for network information hiding, we provide a disquisitionfor six different Science 2.0 aspects when applied to this domain
- …