Steganography in Handling Oversized IP Packets

@article{Mazurczyk2009SteganographyIH,
  title={Steganography in Handling Oversized IP Packets},
  author={Wojciech Mazurczyk and Krzysztof Szczypiorski},
  journal={2009 International Conference on Multimedia Information Networking and Security},
  year={2009},
  volume={1},
  pages={559-564}
}
  • W. Mazurczyk, K. Szczypiorski
  • Published 2 July 2009
  • Computer Science
  • 2009 International Conference on Multimedia Information Networking and Security
This paper identifies new class of network steganography methods that utilize mechanisms for handling oversized IP packets: IP fragmentation, PMTUD (Path MTU Discovery) and PLPMTUD (Packetization Layer Path MTU Discovery). In particular, for these mechanisms we propose two new steganographic methods and three extensions of existing ones. We present how mentioned mechanisms can be used to enable hidden communication for both versions of IP protocol: 4 and 6. Also the detection of the proposed… 

Figures and Tables from this paper

Evaluation of steganographic methods for oversized IP packets
TLDR
New network steganography methods that utilize mechanisms for handling oversized IP packets: IP fragmentation, PMTUD (Path MTU Discovery) and PLPMTud (Packetization Layer Path MTU discovery) are described.
InCC: Hiding information by Mimicking traffic in network flows
TLDR
A light-weight covert channel called InCC is proposed, which is designed to produce a undetectable communication channel between systems, and is able to send messages on the same production network without compromising its existence.
Covert Channels in TCP/IP Protocol Stack
TLDR
A survey of techniques for hiding data inseveral protocols from the TCP/IP protocol stack, according to a ected layer and protocol.
Network Management in Non-classified Data Hiding System Using Master Resident over Hidden Layer
TLDR
A practical implementation of the NDHS understood as a military platform for information warfare that takes advantage of the hidden data transmission for voice connections in order to gain informational lead over a potential enemy is presented.
InCC: Evading Interception and Inspection by Mimicking Traffic in Network Flows
This article proposes and implements a network covert channel called InCC capable of hiding information on the Internet, which is designed to produce a undetectable communication channel between
Covert channels in TCP/IP protocol stack - extended version-
TLDR
A survey of different techniques for hiding data in several protocols from the TCP/IP protocol stack, organized according to affected layer and protocol.
A Secure and Robust Covert Channel Based on Secret Sharing Scheme
TLDR
This paper proposes a novel packet length based covert channel exploiting the secret sharing scheme in order to overcome the drawbacks of existing schemes and shows that the proposed covert channel is provably secure and with great robustness than that of the existing algorithms.
A fragmentation control approach in jumbo frame network
Nowadays, an amazing growth of the Internet has impacted tremendously on the network’s capability; from hundreds to thousands of Gigabits/s in the center of the network as well as at the access, and

References

SHOWING 1-10 OF 29 REFERENCES
Practical Data Hiding in TCP/IP
TLDR
By passing supplementary information through IPv4 headers it is demonstrated how security mechanisms can be enhanced in routers, firewalls, and for services such as authentication, audit and logging without considerable additions to software or hardware.
Practical Internet Steganography : Data Hiding in IP
TLDR
This paper investigates practical techniques and uses of Internet steganography and facilitates the interaction of fundamental steganographic principles with the existing network security environment to more generally bridge the areas of data hiding, network protocols and security.
Hiding Information in Retransmissions
TLDR
The paper presents a new steganographic method called RSTEG (Retransmission Steganography), which is intended for a broad class of protocols that utilises retransmission mechanisms, to not acknowledge a successfully received packet in order to intentionally invoke retransmissions.
Data Hiding in Identification and Offset IP Fields
TLDR
A way to use unused fields in the IP header of TCP/IP packets in order to send information between to nodes over Internet.
Eliminating Steganography in Internet Traffic with Active Wardens
TLDR
This paper examines the techniques and challenges of a high-bandwidth, unattended, real-time, active warden in the context of a network firewall, and introduces the concept of Minimal Requisite Fidelity (MRF) as a measure of the degree of signal fidelity that is both acceptable to end users and destructive to covert communications.
Covert Channels in IPv6
TLDR
This paper introduces and analyze 22 different covert channels in the Internet Protocol version 6 (IPv6), and defines three types of active wardens, stateless, stateful, and network-aware, who differ in complexity and ability to block the analyzed covert channels.
Embedding Covert Channels into TCP/IP
TLDR
By examining TCP/IP specifications and open source implementations, tests to detect the use of naive embedding are developed and reversible transforms that map block cipher output onto TCP ISNs are described, indistinguishable from those generated by Linux and OpenBSD.
Communication using phantoms: covert channels in the Internet
  • S. Servetto, M. Vetterli
  • Computer Science
    Proceedings. 2001 IEEE International Symposium on Information Theory (IEEE Cat. No.01CH37252)
  • 2001
TLDR
The main finding is that the use of inefficient codes to represent data that is intended to be used solely for network control operations (such as routing, sequencing, etc.), gives rise to the unintended creation of a covert channel.
A survey of covert channels and countermeasures in computer network protocols
TLDR
A survey of the existing techniques for creating covert channels in widely deployed network and application protocols and an overview of common methods for their detection, elimination, and capacity limitation, required to improve security in future computer networks are given.
Covert Channels in the TCP/IP Protocol Suite
TLDR
This paper attempts to illustrate the weaknesses in the TCP/IP protocol suite in both theoretical and practical examples.
...
...