The New Threats of Information Hiding: The Road Ahead

@article{Cabaj2018TheNT,
  title={The New Threats of Information Hiding: The Road Ahead},
  author={Krzysztof Cabaj and Luca Caviglione and Wojciech Mazurczyk and Steffen Wendzel and Alan Woodward and Sebastian Zander},
  journal={IT Professional},
  year={2018},
  volume={20},
  pages={31-39}
}
A recent trend involves exploiting various information-hiding techniques to empower malware-for example, to bypass mobile device security frameworks or to exfiltrate sensitive data. The authors provide an overview of information-hiding techniques that can be utilized by malware. They showcase existing and emerging threats that use different types of data-hiding mechanisms (not just those adopting classical covert channels), with the goal of monitoring these threats and proposing efficient… Expand

Figures, Tables, and Topics from this paper

Exploiting minification for data hiding purposes
TLDR
This paper investigates whether minification of JavaScript files can be exploited for data hiding purposes and results prove that this is feasible and thus countermeasures must be adjusted to take into account such threats. Expand
IPv6 Covert Channels in the Wild
TLDR
This paper investigates IPv6 covert channels deployed in the wild and presents a performance evaluation of six different data hiding techniques for IPv6 including their ability to bypass some intrusion detection systems. Expand
Data hiding: New opportunities for security and privacy?
TLDR
This contribution provides an overview of the traditional data hiding applications and the current trends in this field, pointing out prospective uses of data hiding in the context of information security and privacy, but also introducing potential threats for users and the society as a whole when they are applied for evil. Expand
Programmable Data Gathering for Detecting Stegomalware
TLDR
The paper proposes to take advantage of the extended Berkeley Packet Filter to gather data for detecting stegomalware and reports some preliminary experimental results obtained as the joint outcome of two H2020 Projects, namely ASTRID and SIMARGL. Expand
Data Hiding Using Code Obfuscation
TLDR
Results confirm that the core idea of the proposed information hiding method is to replace some randomly generated strings being a part of the introduced dead code with the encoded secret message, which can be easily adopted for data hiding, thus countermeasures need to be adjusted accordingly. Expand
A survey of zero-day malware attacks and its detection methodology
TLDR
Multiple methods available for the detection of malware are summarized, including code obfuscation along with one or more zero-days, which are used by malware developers for evading the security systems. Expand
Tight Arms Race: Overview of Current Malware Threats and Trends in Their Detection
TLDR
A detailed meta-review of the existing surveys related to malware and its detection techniques, showing an arms race between these two sides of a barricade and the evolution of modern threats in the communication networks. Expand
Information Hiding Using Minification
TLDR
This paper systematically evaluates if the minification process can be effectively used for secret data transfer, and results indicate that the threat is real, thus countermeasures need to be adjusted accordingly. Expand
Stegomalware detection through structural analysis of media files
TLDR
This paper addresses the case of pictures compressed with the Graphics Interchange Format and presents an approach to reveal malware and other unwanted content appended to digital images, allowing for a scalable implementation for handling huge volumes of data. Expand
Towards Distributed Network Covert Channels Detection Using Data Mining-based Approach
TLDR
An initial step in this direction is made by presenting a data mining-based detection of such advanced threats which relies on pattern discovery technique, and initial experimental results indicate that such solution has potential and should be further investigated. Expand
...
1
2
3
4
5
...

References

SHOWING 1-10 OF 24 REFERENCES
Information Hiding as a Challenge for Malware Detection
TLDR
This research highlights the need to have a better understanding of how malware uses information-hiding techniques to hide its existence and communication attempts. Expand
Information Hiding in Communication Networks: Fundamentals, Mechanisms, Applications, and Countermeasures
TLDR
A new classification and taxonomy for modern data hiding techniques is introduced and several example applications of information hiding in communication networks are introduced including some recent covert communication techniques in popular Internet services. Expand
Improving the Stealthiness of DNS-Based Covert Communication
TLDR
The results obtained show that current DNS-based C2 and data exfiltration approaches employed by malware have considerable room for improvement which suggests that DNS- based covert communication will remain a realistic threat into the future. Expand
Stealthy malware traffic - Not as innocent as it looks
TLDR
This study presents a counter-countermeasure that avoids network-based detection approaches by camouflaging malicious traffic as an innocuous protocol and shows that the transformed protocol fools current side-channel attacks. Expand
Distributed and Collaborative Malware Analysis with MASS
TLDR
This paper presents the Malware Analysis and Storage System (MASS), a novel framework for malware analysis designed as a distributed and scalable system and aims to empower cooperation between malware researchers. Expand
Hide and Seek: An Introduction to Steganography
TLDR
This article discusses existing steganographic systems and presents recent research in detecting them via statistical steganalysis and discusses the practical application of detection algorithms and the mechanisms for getting around them. Expand
Botnet protocol inference in the presence of encrypted traffic
TLDR
This work presents an end-to-end system for automatically discovering the encryption algorithm and keys, generating a protocol specification for the C&C traffic, and crafting effective network signatures. Expand
VoIP steganography and its Detection—A survey
TLDR
This article is a first survey of the existing Voice over IP (VoIP) steganography methods and their countermeasures. Expand
20 years of covert channel modeling and analysis
  • J. Millen
  • Computer Science
  • Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344)
  • 1999
TLDR
The article traces the history of covert channel modeling from 1980 to the present, by tracing the low-order two bits of each pixel in a picture for your secret message, since no one would notice if they were changed. Expand
Hiding information in a Stream Control Transmission Protocol
TLDR
This paper identifies and presents the most likely ''places'' where hidden information can be exchanged using an SCTP, and this analysis can be treated as a ''guide'' when developing steganalysis (detection) tools. Expand
...
1
2
3
...