Download Steganography of VoIP Streams

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Document related concepts

Computer network wikipedia, lookup

AppleTalk wikipedia, lookup

Point-to-Point Protocol over Ethernet wikipedia, lookup

Zero-configuration networking wikipedia, lookup

Distributed firewall wikipedia, lookup

Multiprotocol Label Switching wikipedia, lookup

Recursive InterNetwork Architecture (RINA) wikipedia, lookup

Asynchronous Transfer Mode wikipedia, lookup

Net bias wikipedia, lookup

TCP congestion control wikipedia, lookup

Serial digital interface wikipedia, lookup

Internet protocol suite wikipedia, lookup

SIP extensions for the IP Multimedia Subsystem wikipedia, lookup

Cracking of wireless networks wikipedia, lookup

Wake-on-LAN wikipedia, lookup

IEEE 1355 wikipedia, lookup

RapidIO wikipedia, lookup

UniPro protocol stack wikipedia, lookup

Quality of service wikipedia, lookup

Deep packet inspection wikipedia, lookup

Real-Time Messaging Protocol wikipedia, lookup

Transcript
Steganography
of VoIP Streams
From:
Proceedings of the OTM 2008 Confederated
International Conferences, CoopIS, DOA, GADA,
IS, and ODBASE 2008. Part II on On the Move to
Meaningful Internet Systems.
Authors:
Wojciech Mazurczyk, Krzysztof Szczypiorski
(Warsaw University of Technology, Faculty of
Electronics and Information Technology)
1
VoIP(Voice over IP)
Communication Flow
• Signalling protocols: SIP(Session Initiation Protocol)、
H.323
• Transport protocols: RTP (Real-time Transport
Protocol)
• Speech codecs: G711、G729、G723.1
• Other supplementary protocols: RCTP (Real-time
Control Transport Protocol)
o Specify quality of service (QoS) feedback and synchronization between
the media streams.
2
VoIP(Voice over IP) Communication Flow
SIP server
VoIP call setup based on SIP/RTP/RCTP protocols.
Picture from http://www.voipforo.com/en/SIP/SIP_example.php
3
Communication
steganography
• Exist
o IP/TCP/UDP protocols steganography
o Audio watermarking
o Medium dependent steganography
• New mechanisms
o LACK(Lost Audio Packets Steganography)
o RTP(Real Time Protocol) protocol steganography
4
IP/TCP/UDP protocols
steganography
•
The unused fields can hide something.
TCP and IP header
Picture from http://technet.microsoft.com/en-us/library/cc750854.aspx
5
IP/TCP/UDP protocols
steganography
•Measure the bandwidth.
o PRBRNS (Packet Raw Bit Rate) [bits/packet]: How much information may
be covertly sent in one packet.
o SB0: Total amount of bits that can be covert send in the fields of the first
packet.
o SBj: Total amount of bits that can be covertly sent in the fields of the
following packets
o l is number of packets send besides first packet.
6
Audio Watermarking
• Using audio watermarking algorithm to hide some
information into audio.
• If covert data rate is too high it may cause voice
quality deterioration and increased risk of
detection.
7
RTP steganography
• RTP header
8
RTP steganography
• Unused/ Free fields steganography
o Padding field (P) is set, the packet contains one or more additional
padding octets at the end of header which are not a part of the payload.
o Extension header (when X bit is set) , similar situation as with the padding
mechanism, a variable-length header extension may be used
• SRTP steganography
o RBRSRTP (Raw Bit Rate): bandwidth of the covert channel created by RTP
security mechanism steganography (in bits/s),
o SBAT is total amount of bits in authentication tag for SRTP protocol
(typically 80 or 32 bits),
o Ip describes voice packet generation interval, in miliseconds (typically
from 10 to 60 ms).
9
LACK(Lost Audio Packets
Steganography)
• Characteristic
o At the transmitter, some selected audio packets are intentionally delayed
before transmitting.
o If the delay of such packets at the receiver is considered excessive, the
packets are discarded by a receiver not aware of the steganographic
procedure.
o The payload of the intentionally delayed packets is used to transmit secret
information to receivers aware of the procedure.
• How to know which packet is intentionally delayed?
o
o
o
o
o
d1: speech codec processing delay,
d2: codec algorithm delay,
d3: packetization delay.
d4: de-jitter buffer delay
10
LACK(Lost Audio Packets
Steganography)
• What probability of intentional delay is acceptable?
o
pT : total packet loss probability in the IP network that offers VoIP service
with the utilizing of delayed audio packets.
o pN: network packet loss probability.
o pi: maximum probability of the packet loss for delayed audio packets.
o
o
• Bandwidth(Row Bit Rate)
o
o r: speech codec rate.
11
Summary
• Introduce two new steganographic method:
o RTP and RTCP protocols steganography.
o LACK
• Comparison:
12
Reference
•
•
•
•
Fisk, G., Fisk, M., Papadopoulos, C., Neil, J.: Eliminating Steganography in
Internet Traffic with Active Wardens. In Proc. of: 5th International Workshop on
Information Hiding, Lecture Notes in Computer Science, 2578, 18–35 (2002)
Johnston, A., Donovan, S., Sparks, R., Cunningham, C., Summers, K.: Session
Initiation Protocol (SIP) Basic Call Flow Examples. IETF, RFC 3665 (2003)
http://omen.cs.unimagdeburg.de/cms/upload/lehre/sommer05/audio_watermarking_techniqu
es.pdf
http://en.wikipedia.org/wiki/Steganography
13
Q&A
14
Def.
• Steganography: The art and science of writing
hidden messages in such a way that no one, apart
from the sender and intended recipient, suspects
the existence of the message, a form of security
through obscurity.
• Jitter: The variability over time of the packet latency
across a network.
15