Download A Security Model for VoIP Steganography

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
Document related concepts

AppleTalk wikipedia , lookup

Net bias wikipedia , lookup

Computer security wikipedia , lookup

Airborne Networking wikipedia , lookup

Asynchronous Transfer Mode wikipedia , lookup

Computer network wikipedia , lookup

Zero-configuration networking wikipedia , lookup

Multiprotocol Label Switching wikipedia , lookup

RapidIO wikipedia , lookup

Recursive InterNetwork Architecture (RINA) wikipedia , lookup

Internet protocol suite wikipedia , lookup

Cracking of wireless networks wikipedia , lookup

Wake-on-LAN wikipedia , lookup

IEEE 1355 wikipedia , lookup

Real-Time Messaging Protocol wikipedia , lookup

Deep packet inspection wikipedia , lookup

Transcript 
Voice over IP: A growing cadre of
criminals is hiding secret messages
in voice data.
From: "Voice Over IP: The VoIP Steganography Threat" . IEEE
Spectrum. Retrieved 11 February 2010.
Author: Józef Lubacz, Wojciech Mazurczyk, Krzysztof
Szczypiorski .
1
Outline
• Steganography
• Steganography threat
• Network steganography technology.
– HICCUPS (Hidden Communication System for
Corrupted Networks)
– LACK(Lost Audio Packet Steganography)
– Protocol Steganography for VoIP application
• Conclusion
• Reference
2
Steganography
• Def: The communication of secret messages
inside a perfectly innocent carrier.
• History
– 494 B.C Histiaeus use Head TATTOO to send resistance
message.
• Limitation
– The rule of thumb is that we can use 10 percent of
a carrier file’s size to smuggle data.
3
Steganography (cont.)
– Network steganography
• The modern version steganography which hide
information using the protocol itself inside of using
digital files.
• Advantage:
– Detecting their existence is nearly impossible.
– The longer the communication is, the longer the
secret message we can send.
4
Steganography threat
• Contradiction between threat and security?
In October 2001, the New York Times published an article claiming that al-Qaeda
had used steganography to encode messages into images, and then transported
these via e-mail and possibly via USENET to prepare and execute the September
11, 2001 terrorist attack.
Steal
Steganographic message
VoIP
Spy
Bad guy
5
Network steganography technology
• LACK(Lost Audio Packet Steganography)
– Hide information in packet delay.
• HICCUPS (Hidden Communication System for
Corrupted Networks)
– Disguise information as natural “distortion” or
noise.
• Protocol Steganography for VoIP application
– Hide information in unused data fields.
6
Lost Audio Packet Steganography
• TCP/IP application layer steganography
technique.
– Substitute RTP (Real-time Transport Protocol )
packet voice payload with bits of the steganogram.
– Delay transmit the RTP packet which hide
steganogram.
• Detect way:
– If the user tried to hide too many secret packets. It
cause suspicious packet delay.
7
Lost Audio Packet Steganography
Picture form [3]
8
Hidden Communication System for
Corrupted Networks
• Work on wireless local area networks.
• Use checksum to verify which frame has
steganogram.
• Must have special hardware which do not discard
the frame with wrong checksum.
• Very fast(200 Kbs/sec)
• Detect:
– There are too many corrupted frame.
– Detect the differences between the dropped and retransmitted
frames.
9
Protocol Steganography for VoIP
application
• Protocol Steganography
– A common name for a group of methods that use
another aspect of IP: packet header fields.
• Protocol Steganography for VoIP application
– RTP Free/Unused Fields Steganograph.
10
Protocol Steganography for VoIP
application
• RTP Free/Unused Fields Steganograph
11
Conclusion
• Comparison of three mechanisms.
T y p e
Advantage
Hardest to detect
Very fast
Hardest to detect
Hardest to detect
Shortage
Difficult to use
Lowest information
density
Easiest to use
Performance
200 kilobits per second
160 bits per second
1–300 bits per second
12
Conclusion
• The anonymity of steganography might be
good for privacy, but it also multiplies the
threats to individuals, societies, and states.
13
Reference
•
•
•
•
•
•
[1]Józef Lubacz, Wojciech Mazurczyk, Krzysztof Szczypiorski (February 2010). "Vice Over
IP: The VoIP Steganography Threat" . IEEE Spectrum. Retrieved 11 February 2010.
[2]Wojciech Mazurczyk and Krzysztof Szczypiorski (November 2008). "Steganography of
VoIP Streams". Lecture Notes in Computer Science (LNCS) 5332, Springer-Verlag Berlin
Heidelberg, Proc. of The 3rd International Symposium on Information Security (IS'08),
Monterrey, Mexico. Retrieved 16 June 2010.
[3]Wojciech Mazurczyk, Jozef Lubacz, Krzysztof Szczypiorski. “On Steganography in Lost
Audio Packets.”
[4] Szczypiorski, K.: HICCUPS: Hidden Communication System for Coruppted Networks.
In Proc: The Tenth International MultiConference on Advanced Computer Systems
ACS'2003. Mi dzyzdroje. 22-24 October 2004. pp. 31-40
[5] http://en.wikipedia.org/wiki/Real-time_Transport_Protocol
[6] Steganography of VoIP Streams. In: R. Meersman and Z. Tari (Eds.): OTM 2008, Part
II – Lecture Notes in Computer Science (LNCS) 5332, Springer-Verlag Berlin Heidelberg,
Proc. of OnTheMove Federated Conferences and Workshops: The 3rd International
Symposium on Information Security (IS'08), Monterrey, Mexico, November 9-14, 2008,
pp. 1001-1018
14
Related documents
Steganography - University of Wisconsin–La Crosse
Steganography - University of Wisconsin–La Crosse
A Security Model for VoIP Steganography
A Security Model for VoIP Steganography
Document
Document
Steganography of VoIP Streams
Steganography of VoIP Streams
Audio Techniques
Audio Techniques
VoIP Steganography and Its Detection – A Survey
VoIP Steganography and Its Detection – A Survey
Enhanced Least Significant Bit algorithm For Image Steganography
Enhanced Least Significant Bit algorithm For Image Steganography
Methods for hiding the data in computer forensics
Methods for hiding the data in computer forensics
IOSR Journal of Electronics and Communication Engineering (IOSR-JECE)
IOSR Journal of Electronics and Communication Engineering (IOSR-JECE)
Steganography is a type of secret communication where
Steganography is a type of secret communication where
An Information-theoretic investigation of cheating in traditional
An Information-theoretic investigation of cheating in traditional
Alexander-Ereweles-CV
Alexander-Ereweles-CV