The New Threats of Information Hiding: The Road Ahead
@article{Cabaj2018TheNT, title={The New Threats of Information Hiding: The Road Ahead}, author={Krzysztof Cabaj and L. Caviglione and Wojciech Mazurczyk and Steffen Wendzel and Alan Woodward and Sebastian Zander}, journal={IT Professional}, year={2018}, volume={20}, pages={31-39} }
A recent trend involves exploiting various information-hiding techniques to empower malware-for example, to bypass mobile device security frameworks or to exfiltrate sensitive data. The authors provide an overview of information-hiding techniques that can be utilized by malware. They showcase existing and emerging threats that use different types of data-hiding mechanisms (not just those adopting classical covert channels), with the goal of monitoring these threats and proposing efficient…
58 Citations
Exploiting minification for data hiding purposes
- Computer ScienceARES
- 2020
This paper investigates whether minification of JavaScript files can be exploited for data hiding purposes and results prove that this is feasible and thus countermeasures must be adjusted to take into account such threats.
IPv6 Covert Channels in the Wild
- Computer ScienceCECC
- 2019
This paper investigates IPv6 covert channels deployed in the wild and presents a performance evaluation of six different data hiding techniques for IPv6 including their ability to bypass some intrusion detection systems.
Data hiding: New opportunities for security and privacy?
- Computer ScienceEICC
- 2020
This contribution provides an overview of the traditional data hiding applications and the current trends in this field, pointing out prospective uses of data hiding in the context of information security and privacy, but also introducing potential threats for users and the society as a whole when they are applied for evil.
Programmable Data Gathering for Detecting Stegomalware
- Computer Science2020 6th IEEE Conference on Network Softwarization (NetSoft)
- 2020
The paper proposes to take advantage of the extended Berkeley Packet Filter to gather data for detecting stegomalware and reports some preliminary experimental results obtained as the joint outcome of two H2020 Projects, namely ASTRID and SIMARGL.
Data Hiding Using Code Obfuscation
- Computer ScienceARES
- 2021
Results confirm that the core idea of the proposed information hiding method is to replace some randomly generated strings being a part of the introduced dead code with the encoded secret message, which can be easily adopted for data hiding, thus countermeasures need to be adjusted accordingly.
Detecting Covert Channels Through Code Augmentation
- Computer ScienceITASEC
- 2021
This paper investigates the adoption of code augmentation features offered by the Linux kernel to gather data useful to reveal the presence of covert communications and indicates that technologies like the extended Berkeley Packet Filter can offer a foundation to frameworks for spotting and mitigating covert communications.
A survey of zero-day malware attacks and its detection methodology
- Computer Science, MathematicsTENCON 2019 - 2019 IEEE Region 10 Conference (TENCON)
- 2019
Multiple methods available for the detection of malware are summarized, including code obfuscation along with one or more zero-days, which are used by malware developers for evading the security systems.
Tight Arms Race: Overview of Current Malware Threats and Trends in Their Detection
- Computer ScienceIEEE Access
- 2021
A detailed meta-review of the existing surveys related to malware and its detection techniques, showing an arms race between these two sides of a barricade and the evolution of modern threats in the communication networks.
Covert Channels in Transport Layer Security: Performance and Security Assessment
- Computer ScienceJ. Wirel. Mob. Networks Ubiquitous Comput. Dependable Appl.
- 2021
This paper investigates mechanisms that can be used to create covert channels within TLS conversations and demonstrates the inability of de-facto standard network security tools to spot TLS-based covert channels out of the box.
Information Hiding Using Minification
- Computer ScienceIEEE Access
- 2021
This paper systematically evaluates if the minification process can be effectively used for secret data transfer, and results indicate that the threat is real, thus countermeasures need to be adjusted accordingly.
References
SHOWING 1-10 OF 23 REFERENCES
Information Hiding as a Challenge for Malware Detection
- Computer ScienceIEEE Security & Privacy
- 2015
This research highlights the need to have a better understanding of how malware uses information-hiding techniques to hide its existence and communication attempts.
Information Hiding in Communication Networks: Fundamentals, Mechanisms, Applications, and Countermeasures
- Computer Science
- 2016
A new classification and taxonomy for modern data hiding techniques is introduced and several example applications of information hiding in communication networks are introduced including some recent covert communication techniques in popular Internet services.
Improving the Stealthiness of DNS-Based Covert Communication
- Computer Science
- 2017
The results obtained show that current DNS-based C2 and data exfiltration approaches employed by malware have considerable room for improvement which suggests that DNS- based covert communication will remain a realistic threat into the future.
Stealthy malware traffic - Not as innocent as it looks
- Computer Science2015 10th International Conference on Malicious and Unwanted Software (MALWARE)
- 2015
This study presents a counter-countermeasure that avoids network-based detection approaches by camouflaging malicious traffic as an innocuous protocol and shows that the transformed protocol fools current side-channel attacks.
Distributed and Collaborative Malware Analysis with MASS
- Computer Science2017 IEEE 42nd Conference on Local Computer Networks (LCN)
- 2017
This paper presents the Malware Analysis and Storage System (MASS), a novel framework for malware analysis designed as a distributed and scalable system and aims to empower cooperation between malware researchers.
Hide and Seek: An Introduction to Steganography
- Computer ScienceIEEE Secur. Priv.
- 2003
This article discusses existing steganographic systems and presents recent research in detecting them via statistical steganalysis and discusses the practical application of detection algorithms and the mechanisms for getting around them.
Botnet protocol inference in the presence of encrypted traffic
- Computer ScienceIEEE INFOCOM 2017 - IEEE Conference on Computer Communications
- 2017
This work presents an end-to-end system for automatically discovering the encryption algorithm and keys, generating a protocol specification for the C&C traffic, and crafting effective network signatures.
VoIP steganography and its Detection—A survey
- Computer ScienceACM Comput. Surv.
- 2013
This article is a first survey of the existing Voice over IP (VoIP) steganography methods and their countermeasures.
20 years of covert channel modeling and analysis
- Computer ScienceProceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344)
- 1999
The article traces the history of covert channel modeling from 1980 to the present, by tracing the low-order two bits of each pixel in a picture for your secret message, since no one would notice if they were changed.
Hiding information in a Stream Control Transmission Protocol
- Computer ScienceComput. Commun.
- 2012