Analysis of privacy and stability to interference in the communication channel of network steganography methods
DOI:
https://doi.org/10.30837/pt.2018.2.07Keywords:
Network steganography, Remote authentication, HTTP, TCP, ICMP, Detection difficultyAbstract
In this paper, for the first time, the effectiveness of network steganography methods has been investigated using channel coding of data when they are transmitted over communication channels with interferences, and the method of mathematical modeling evaluates the stability of network steganography methods to the detection. The network steganography methods concealing data in such protocols as HTTP, TCP and ICMP were considered. Using the ICMP «Secure» mode of the developed method, the greatest throughput was achieved. To study the noise resistance of the methods before transmission by the communication channel, the packets were encoded using the 2 Binary 1 Quandary linear coding algorithm, after which additive white Gaussian noise was added to the stego object. The paper substantiates the possibility of using network steganography methods to protect biometric data from unauthorized access in the case of using remote biometric authentication. Based on the research results, it was determined that the network steganography method based on hiding data in TCP is more efficient when working via communication channels with noise. It makes possible to recover a message with small distortions at a dispersion value of 0.4. But according to a set of criteria for resistance to noise and detection probability, the best is the «Fast» mode of the network steganography method based on hiding data in ICMP.References
Pacut, A., Czajka, A., Strzelczyk, P. (2005), “IRIS Biometrics for Secure Remote Access”, in: Kowalik, J. S., Gorski, J., Sachenko, A. (Eds.), Cyberspace Security and Defense: Research Issues, Vol. 196, P. 259-278. DOI: https://doi.org/10.1007/1-4020-3381-8_14.
Frączek, W., Szczypiorski, K. (2015), “StegBlocks: Ensuring perfect undetectability of network steganography”, Proceedings of the 10th International Conference on Availability, Reliability and Security, Toulouse, France, 24-25 August 2015, P. 436-441. DOI: https://doi.org/10.1109/ARES.2015.22.
Bąk, P., Bieniasz, J., Krzemiński, M., Szczypiorski, K. (2018), “Application of Perfectly Undetectable Network Steganography Method for Malware Hidden Communication”, Proceeding of the 4th International Conference on Frontiers of Signal Processing, Poitiers, France, 24-27 September 2018, P. 34-38. DOI: https://doi.org/10.1109/ICFSP.2018.8552057.
Ruban, I. V., Smirnov, A. A. (2014), “Possibilities to use network layer packet headers of interconnection basic reference model OSI/ISO as steganography container” [“Vozmozhnosti po ispolzovaniiu zagolovkov paketov setevogo urovnia bazovoi modeli setevogo vzaimodeistviia OSI/ISO v kachestve stegokonteinera”], Systemy ozbroiennia i viiskova tekhnika, No. 3 (39), P. 138-141.
Mazurczyk, W., Wendzel, S., Villares, I. A., Szczypiorski, K. (2016), “On Importance of Steganographic Cost For Network Steganography”, Security and Communication Networks, Vol. 9, No. 6, P. 781-790. DOI: https://doi.org/10.1002/sec.1085.
Konahovich, G. F., Puzyirenko, A. Yu. (2006), Computer steganography. Theory and practice [Kompyuternaya steganografiya. Teoriya i praktika], MK-Press, Kyiv, 288 p.
Giffin, J., Greenstadt, R., Litwack, P., Tibbetts, R. (2002), “Covert Messaging through TCP Timestamps”, Proceedings of the 2nd international conference on Privacy enhancing technologies, San Francisco, USA, 14-15 April 2002, P. 194-208. DOI: https://doi.org/10.1007/3-540-36467-6_15.
Blasco, J., Hernandez-Castro, J. C., de Fuentes, J. M., Ramos, B. (2012), “A Framework for Avoiding Steganography Usage over HTTP”, Networks and Computer Applications, Vol. 35 (1), P. 491-501. DOI: https://doi.org/10.1016/j.jnca.2011.10.003.
Mazurczyk, W., Wendzel, S., Zander, S., Houmansadr, A., Szczypiorski, K. (2016), Information Hiding in Communication Networks: Fundamentals, Mechanisms, and Applications, 1st ed., Wiley-IEEE Press, 256 p. DOI: https://doi.org/10.1002/9781119081715.
Zhdanov, O. N., Zolotarev, V. V. (2007), Methods and means of cryptographic protection of information: training manual [Metodyi i sredstva kriptograficheskoy zaschityi informatsii: Uchebnoe posobie], SibGAU, Krasnoyarsk, 217 p.
Panasenko, S. P. (2009), Encryption algorithms. Special handbook [Algoritmyi shifrovaniya. Spetsialnyiy spravochnik], BHV-Peterburg, St. Petersburg, 576 p.
Bortnyk, H. H., Kychak, V. M., Stalchenko, O. V. (2010), Access systems: textbook [Systemy dostupu: pidruchnyk], VNTU, Vinnytsia, 298 p.
Downloads
Published
Issue
Section
License
Copyright (c) 2018 Shcherbak Ann Olegіvna, Astrakhantsev Andrii Anatolievich, Shcherbak Oleg Volodymyrovych, Liashenko Galyna Yevgeniyivna
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
Authors who publish with this journal agree to the following terms:- Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgment of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgment of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).