Jump to content
Main menu
Main menu
move to sidebar
hide
Navigation
Main page
Recent changes
Random page
Help about MediaWiki
Special pages
Niidae Wiki
Search
Search
Appearance
Create account
Log in
Personal tools
Create account
Log in
Pages for logged out editors
learn more
Contributions
Talk
Editing
Steganography
(section)
Page
Discussion
English
Read
Edit
View history
Tools
Tools
move to sidebar
hide
Actions
Read
Edit
View history
General
What links here
Related changes
Page information
Appearance
move to sidebar
hide
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
=== Network === In 2015, a taxonomy of 109 network hiding methods was presented by Steffen Wendzel, Sebastian Zander et al. that summarized core concepts used in network steganography research.<ref>{{cite journal |last1=Wendzel |first1=Steffen |last2=Zander |first2=Sebastian |last3=Fechner |first3=Bernhard |last4=Herdin |first4=Christian |title=Pattern-Based Survey and Categorization of Network Covert Channel Techniques |journal=ACM Computing Surveys |date=16 April 2015 |volume=47 |issue=3 |pages=1–26 |doi=10.1145/2684195 |arxiv=1406.2901 |s2cid=14654993 |url=https://www.researchgate.net/publication/263048788}}</ref> The taxonomy was developed further in recent years by several publications and authors and adjusted to new domains, such as CPS steganography.<ref>{{cite book |last1=Mazurczyk |first1=Wojciech |last2=Wendzel |first2=Steffen |last3=Cabaj |first3=Krzysztof |title=Proceedings of the 13th International Conference on Availability, Reliability and Security |chapter=Towards Deriving Insights into Data Hiding Methods Using Pattern-based Approach |date=27 August 2018 |pages=1–10 |doi=10.1145/3230833.3233261|isbn=9781450364485 |s2cid=51976841 }}</ref><ref>{{cite journal |last1=Hildebrandt |first1=Mario |last2=Altschaffel |first2=Robert |last3=Lamshöft |first3=Kevin |last4=Lange |first4=Matthias |last5=Szemkus |first5=Martin |last6=Neubert |first6=Tom |last7=Vielhauer |first7=Claus |last8=Ding |first8=Yongjian |last9=Dittmann |first9=Jana |title=Threat Analysis of Steganographic and Covert Communication in Nuclear I&C Systems |journal=International Conference on Nuclear Security: Sustaining and Strengthening Efforts |date=2020}}</ref><ref>{{cite journal |last1=Mileva |first1=Aleksandra |last2=Velinov |first2=Aleksandar |last3=Hartmann |first3=Laura |last4=Wendzel |first4=Steffen |last5=Mazurczyk |first5=Wojciech |title=Comprehensive analysis of MQTT 5.0 susceptibility to network covert channels |journal=Computers & Security |date=May 2021 |volume=104 |pages=102207 |doi=10.1016/j.cose.2021.102207|s2cid=232342523 |doi-access=free }}</ref> In 1977, Kent concisely described the potential for covert channel signaling in general network communication protocols, even if the traffic is encrypted (in a footnote) in "Encryption-Based Protection for Interactive User/Computer Communication," Proceedings of the Fifth Data Communications Symposium, September 1977. In 1987, Girling first studied covert channels on a local area network (LAN), identified and realised three obvious covert channels (two storage channels and one timing channel), and his research paper entitled “Covert channels in LAN’s” published in ''IEEE Transactions on Software Engineering'', vol. SE-13 of 2, in February 1987.<ref>{{Cite journal|last=Girling|first=C.G.|date=February 1987|title=Covert Channels in LAN's|journal=IEEE Transactions on Software Engineering|volume=SE-13|issue=2|pages=292–296|doi=10.1109/tse.1987.233153|s2cid=3042941|issn=0098-5589}}</ref> In 1989, Wolf implemented covert channels in LAN protocols, e.g. using the reserved fields, pad fields, and undefined fields in the TCP/IP protocol.<ref>M. Wolf, “Covert channels in LAN protocols,” in Proceedings of the Workshop on Local Area Network Security (LANSEC’89) (T.A. Berson and T. Beth, eds.), pp. 91–102, 1989.</ref> In 1997, Rowland used the IP identification field, the TCP initial sequence number and acknowledge sequence number fields in TCP/IP headers to build covert channels.<ref>{{Cite journal|last=Rowland|first=Craig H.|date=5 May 1997|title=Covert channels in the TCP/IP protocol suite|journal=First Monday|volume=2|issue=5|doi=10.5210/fm.v2i5.528|issn=1396-0466 |doi-access=free }}</ref> In 2002, Kamran Ahsan made an excellent summary of research on network steganography.<ref>Kamran Ahsan, “Covert Channel Analysis and Data Hiding in TCP/IP,” MSc Thesis, University of Toronto, 2002.</ref> In 2005, Steven J. Murdoch and Stephen Lewis contributed a chapter entitled "Embedding Covert Channels into TCP/IP" in the "''Information Hiding''" book published by Springer.<ref>{{Citation|last1=Murdoch|first1=Steven J.|title=Embedding Covert Channels into TCP/IP|date=2005|work=Information Hiding|pages=247–261|publisher=Springer Berlin Heidelberg|isbn=9783540290391|last2=Lewis|first2=Stephen|doi=10.1007/11558859_19}}</ref> All information hiding techniques that may be used to exchange steganograms in telecommunication networks can be classified under the general term of network steganography. This nomenclature was originally introduced by Krzysztof Szczypiorski in 2003.<ref>{{cite web |url=http://www.tele.pw.edu.pl/~krzysiek/pdf/steg-seminar-2003.pdf |title=Steganography in TCP/IP Networks. State of the Art and a Proposal of a New System – HICCUPS |author=Krzysztof Szczypiorski |access-date=17 June 2010 |work=Institute of Telecommunications Seminar |date=4 November 2003}}</ref> Contrary to typical steganographic methods that use digital media (images, audio and video files) to hide data, network steganography uses communication protocols' control elements and their intrinsic functionality. As a result, such methods can be harder to detect and eliminate.<ref>{{cite web |url=http://irevolution.wordpress.com/2009/06/05/steganography-2-0-digital-resistance-against-repressive-regimes/ |title=Steganography 2.0: Digital Resistance against Repressive Regimes |author=Patrick Philippe Meier |access-date=17 June 2010 |work=irevolution.wordpress.com |date=5 June 2009}}</ref> Typical network steganography methods involve modification of the properties of a single network protocol. Such modification can be applied to the [[protocol data unit]] (PDU),<ref>{{cite web |url=http://firstmonday.org/htbin/cgiwrap/bin/ojs/index.php/fm/issue/view/80 |title=Covert Channels in the TCP/IP Suite |author=Craig Rowland |access-date=16 June 2010 |work=First Monday Journal |date=May 1997 |archive-date=26 January 2013 |archive-url=https://web.archive.org/web/20130126135920/http://firstmonday.org/htbin/cgiwrap/bin/ojs/index.php/fm/issue/view/80 |url-status=dead }}</ref><ref>{{cite web |url=http://www.cl.cam.ac.uk/~sjm217/papers/ih05coverttcp.pdf |title=Embedding Covert Channels into TCP/IP |author1=Steven J. Murdoch |author2=Stephen Lewis |name-list-style=amp |access-date=16 June 2010 |work=Information Hiding Workshop |year=2005}}</ref><ref>{{cite web |url=http://wwwiti.cs.uni-magdeburg.de/iti_amsl/acm/acm02/ahsan_kundur.pdf |title=Practical Data Hiding in TCP/IP |author1=Kamran Ahsan |author2=Deepa Kundur |name-list-style=amp |access-date=16 June 2010 |work=ACM Wksp. Multimedia Security |date=December 2002 |archive-date=29 October 2012 |archive-url=https://web.archive.org/web/20121029155725/http://wwwiti.cs.uni-magdeburg.de/iti_amsl/acm/acm02/ahsan_kundur.pdf |url-status=dead }}</ref> to the time relations between the exchanged PDUs,<ref>{{cite web |url=http://www.ece.tamu.edu/~deepa/pub/KunAhsTXSecWrkshp03.pdf |title=Practical Internet Steganography: Data Hiding in IP |author1=Kundur D. |author2=Ahsan K. |name-list-style=amp |access-date=16 June 2010 |work=Texas Wksp. Security of Information Systems |date=April 2003 |archive-date=29 October 2012 |archive-url=https://web.archive.org/web/20121029155725/http://www.ece.tamu.edu/~deepa/pub/KunAhsTXSecWrkshp03.pdf |url-status=dead }}</ref> or both (hybrid methods).<ref>{{cite book |chapter=Steganography of VoIP Streams |author1=Wojciech Mazurczyk |author2=Krzysztof Szczypiorski |title=On the Move to Meaningful Internet Systems: OTM 2008 |name-list-style=amp |doi=10.1007/978-3-540-88873-4_6 |series=Lecture Notes in Computer Science |date=November 2008|volume=5332 |pages=1001–1018 |arxiv=0805.2938 |isbn=978-3-540-88872-7 |s2cid=14336157 }}</ref> Moreover, it is feasible to utilize the relation between two or more different network protocols to enable secret communication. These applications fall under the term inter-protocol steganography.<ref>{{cite arXiv |eprint=1005.1925 |title=Information Hiding Using Improper Frame Padding |author1=Bartosz Jankowski |author2=Wojciech Mazurczyk |author3=Krzysztof Szczypiorski |name-list-style=amp |date=11 May 2010 |class=cs.CR}}</ref> Alternatively, multiple network protocols can be used simultaneously to transfer hidden information and so-called control protocols can be embedded into steganographic communications to extend their capabilities, e.g. to allow dynamic overlay routing or the switching of utilized hiding methods and network protocols.<ref>{{cite book|last1=Wendzel|first1=Steffen|last2=Keller|first2=Joerg|title=Communications and Multimedia Security |chapter=Low-Attention Forwarding for Mobile Network Covert Channels |volume=7025|date=20 October 2011|pages=122–133|doi=10.1007/978-3-642-24712-5_10|url=https://www.researchgate.net/publication/215661202|access-date=4 September 2016|series=Lecture Notes in Computer Science|isbn=978-3-642-24711-8}}</ref><ref name="Wiley-IEEE">{{cite book|url=http://eu.wiley.com/WileyCDA/WileyTitle/productCd-1118861698.html|title=Information Hiding in Communication Networks: Fundamentals, Mechanisms, and Applications|last1=Mazurczyk|first1=Wojciech|last2=Wendzel|first2=Steffen|last3=Zander|first3=Sebastian|last4=Houmansadr|first4=Amir|last5=Szczypiorski|first5=Krzysztof|date=2016|publisher=Wiley-IEEE|isbn=978-1-118-86169-1|edition=1}}</ref> Network steganography covers a broad spectrum of techniques, which include, among others: * Steganophony – the concealment of messages in [[Voice-over-IP]] conversations, e.g. the employment of delayed or corrupted packets that would normally be ignored by the receiver (this method is called LACK – Lost Audio Packets Steganography), or, alternatively, hiding information in unused header fields.<ref>{{cite web |url=https://spectrum.ieee.org/vice-over-ip-the-voip-steganography-threat |title=Vice Over IP: The VoIP Steganography Threat |author1=Józef Lubacz |author2=Wojciech Mazurczyk |author3=Krzysztof Szczypiorski |access-date=11 February 2010 |work=IEEE Spectrum |date=February 2010}}</ref> * WLAN Steganography – transmission of steganograms in Wireless Local Area Networks. A practical example of WLAN Steganography is the HICCUPS system (Hidden Communication System for Corrupted Networks)<ref>{{cite web |url=http://krzysiek.tele.pw.edu.pl/pdf/acs2003-hiccups.pdf |title=HICCUPS: Hidden Communication System for Corrupted Networks |author= Krzysztof Szczypiorski |access-date=11 February 2010 |work=In Proc. of: The Tenth International Multi-Conference on Advanced Computer Systems ACS'2003, pp. 31–40 |date=October 2003}}</ref>
Summary:
Please note that all contributions to Niidae Wiki may be edited, altered, or removed by other contributors. If you do not want your writing to be edited mercilessly, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource (see
Encyclopedia:Copyrights
for details).
Do not submit copyrighted work without permission!
Cancel
Editing help
(opens in new window)
Search
Search
Editing
Steganography
(section)
Add topic
