voice over ip: a growing cadre of criminals is hiding secret messages in voice data. from:...
Post on 16-Dec-2015
218 Views
Preview:
TRANSCRIPT
Voice over IP: A growing cadre of criminals is hiding secret messages
in voice data.From: "Voice Over IP: The VoIP Steganography Threat" . IEEE Spectrum. Retrieved 11 February 2010.Author: Józef Lubacz, Wojciech Mazurczyk, Krzysztof Szczypiorski .
1
Outline
• Steganography• Steganography threat• Network steganography technology.– HICCUPS (Hidden Communication System for
Corrupted Networks)– LACK(Lost Audio Packet Steganography)– Protocol Steganography for VoIP application
• Conclusion• Reference
2
Steganography
• Def: The communication of secret messages inside a perfectly innocent carrier.
• History– 494 B.C Histiaeus use Head TATTOO to send resistance
message.
• Limitation– The rule of thumb is that we can use 10 percent of
a carrier file’s size to smuggle data.
3
Steganography (cont.)
– Network steganography• The modern version steganography which hide
information using the protocol itself inside of using digital files.• Advantage:– Detecting their existence is nearly impossible. – The longer the communication is, the longer the
secret message we can send.
4
Steganography threat• Contradiction between threat and security?
In October 2001, the New York Times published an article claiming that al-Qaeda had used steganography to encode messages into images, and then transported these via e-mail and possibly via USENET to prepare and execute the September 11, 2001 terrorist attack.
5
Spy
Steal
Bad guy
VoIP
Steganographic message
Network steganography technology• LACK(Lost Audio Packet Steganography)– Hide information in packet delay.
• HICCUPS (Hidden Communication System for Corrupted Networks)– Disguise information as natural “distortion” or
noise.• Protocol Steganography for VoIP application– Hide information in unused data fields.
6
Lost Audio Packet Steganography• TCP/IP application layer steganography
technique.– Substitute RTP (Real-time Transport Protocol )
packet voice payload with bits of the steganogram.– Delay transmit the RTP packet which hide
steganogram.
• Detect way:– If the user tried to hide too many secret packets. It
cause suspicious packet delay.
7
Hidden Communication System for Corrupted Networks
• Work on wireless local area networks.• Use checksum to verify which frame has
steganogram.• Must have special hardware which do not discard
the frame with wrong checksum.• Very fast(200 Kbs/sec)• Detect:
– There are too many corrupted frame.– Detect the differences between the dropped and retransmitted
frames.
9
Protocol Steganography for VoIP application
• Protocol Steganography– A common name for a group of methods that use
another aspect of IP: packet header fields.
• Protocol Steganography for VoIP application– RTP Free/Unused Fields Steganograph.
10
Conclusion• Comparison of three mechanisms.
12
Type
Advantage Hardest to detectVery fast
Hardest to detect Hardest to detect
Shortage Difficult to use Lowest information density
Easiest to use
Performance 200 kilobits per second 160 bits per second 1–300 bits per second
Conclusion
• The anonymity of steganography might be good for privacy, but it also multiplies the threats to individuals, societies, and states.
13
Reference• [1]Józef Lubacz, Wojciech Mazurczyk, Krzysztof Szczypiorski (February 2010). "Vice
Over IP: The VoIP Steganography Threat" . IEEE Spectrum. Retrieved 11 February 2010.• [2]Wojciech Mazurczyk and Krzysztof Szczypiorski (November 2008). "Steganography
of VoIP Streams". Lecture Notes in Computer Science (LNCS) 5332, Springer-Verlag Berlin Heidelberg, Proc. of The 3rd International Symposium on Information Security (IS'08), Monterrey, Mexico. Retrieved 16 June 2010.
• [3]Wojciech Mazurczyk, Jozef Lubacz, Krzysztof Szczypiorski. “On Steganography in Lost Audio Packets.”
• [4] Szczypiorski, K.: HICCUPS: Hidden Communication System for Coruppted Networks. In Proc: The Tenth International MultiConference on Advanced Computer Systems ACS'2003. Midzyzdroje. 22-24 October 2004. pp. 31-40
• [5] http://en.wikipedia.org/wiki/Real-time_Transport_Protocol• [6] Steganography of VoIP Streams. In: R. Meersman and Z. Tari (Eds.): OTM 2008, Part
II – Lecture Notes in Computer Science (LNCS) 5332, Springer-Verlag Berlin Heidelberg, Proc. of OnTheMove Federated Conferences and Workshops: The 3rd International Symposium on Information Security (IS'08), Monterrey, Mexico, November 9-14, 2008, pp. 1001-1018
14
top related