Computer Science

Computer Science ›› 2019, Vol. 46 ›› Issue (9): 150-155.doi: 10.11896/j.issn.1002-137X.2019.09.021

• Information Security • Previous Articles     Next Articles

Covert Communication Method Based on Closed Source Streaming Media

GUO Qi, CUI Jing-song   

  1. (Key Laboratory of Aerospace Information Security and Trusted Computing Ministry of Education,Wuhan University,Wuhan 430072,China);
    (School of Cyber Science and Engineering,Wuhan University,Wuhan 430072,China)
  • Received:2018-08-28 Online:2019-09-15 Published:2019-09-02

PDF (PC)

781

Abstract: A covert channel represents an unforeseen method of communication that utilizes authorized public communication as a carrier medium for covert messages.A covert channel can be a safe and efficient way to transmit confidential information hidden in explicit traffic.Existing streaming-based covert channels are often easily detected due to the establishment of new communication links.For this reason,this paper conducted targeted tests and research on data pa-ckets passing through the streaming media server.It is found that the existing closed source streaming media does not strictly check the data packets passing through the server,and the data packets can still reach the termina lafter modi-fying some data.Based on the above facts,this paper established a hidden channel based on closed source streaming media by exploring the data bit distribution rules of the modified data packets through the server.In order to improve the entropy value of the data packet,this paper used an efficient and compact speck algorithm to encrypt the packet content.In order to monitor existing links and real-time traffic in real time,the firewalls were connected in series in the network structure,and the network connection and communication quality were monitored by a firewall.Experimental data show that this method does not increase the number of network connections and does not affect the communication qua-lity,and it is compatible with a variety of streaming media devices,showing that this method is practical and not easily detected.Moreover,since the hidden channel is mounted on the closed source streaming medium,the transmission efficiency of the covert information is high.The above results show that the method of establishing a covert channel based on the communication flow of the existing closed source streaming media software is feasible,and has strong concealment after encrypting the content of the data packet.

Key words: Covert channels, Instant messaging, Multimedia stream, Traffic analysis, VoIP

CLC Number: 

  • TP393
[1]MAZURCZYK W.VoIP Steganography and Its Detection-ASurvey[J].ACM Computing Surveys,2012,46(2):1-21.
[2]DANG T D,SONKOLY B,MOLNÁR S.Fractal analysis andmodeling of VoIP traffic[C]//11th International Telecommunications Network Strategy and Planning Symposium.Vienna:IEEE,2004:123-130.
[3]AZFAR A,CHOO K K R,LIU L.A study of ten popular Android mobile VoIP applications:Are the communications encrypted?[C]//2014 47th Hawaii International Conference on System Sciences.Waikoloa:IEEE,2014:4858-4867.
[4]LI B,MA M,JIN Z.A VoIP traffic identification scheme based on host and flow behavior analysis[J].Journal of Network and Systems Management,2011,19(1):111-129.
[5]LV S C.Content filtering and analysis of instant messaging systems [D].Chengdu:University of Electronic Science and Technology of China,2012.(in Chinese)吕世超.即时通信系统内容过滤和分析研究[D].成都:电子科技大学,2012.
[6]WANG H T,FU Y.Instant Communication—Principles,Technologies and Applications[J].Information and CommunicationTechnology,2010,4(3):34-40.(in Chinese)王海涛,付鹰.即时通信——原理、技术和应用[J].信息通信技术,2010,4(3):34-40.
[7]ZHENG L F,XIN Y.Analysis and Implementation of Instant Messaging Software Protocol Based on DPI[J].Information Network Security,2016(1):51-58.(in Chinese)郑丽芬,辛阳.基于DPI的即时通信软件协议分析与实现[J].信息网络安全,2016(1):51-58.
[8]JIA Z X.Design and implementation of real-time chat tool based on IOS system [D].Beijing:University of Chinese Academy of Sciences,2015.(in Chinese)贾侦修.基于IOS系统的即时聊天工具的设计与实现[D].北京:中国科学院大学,2015.
[9]LI L P,WANG J H.Secret Communication Using Covert Channels in Network Transmission[J].Computer Science,2009,36(5):115-117.(in Chinese)李丽萍,王建华.网络传输中采用隐蔽通道实现秘密通信[J].计算机科学,2009,36(5):115-117.
[10]YAN Y X.Research on an instant messaging system based on UDP protocol [D].Dalian:Dalian Maritime University,2008.(in Chinese)燕永新.一种基于UDP协议的即时通信系统的研究[D].大连:大连海事大学,2008.
[11]WANG Y G,WU J Z,ZENG H T,et al.Research on Covert Channel [J].Journal of Software,2010,21(9):2262-2288.(in Chinese)王永吉,吴敬征,曾海涛,等.隐蔽信道研究[J].软件学报,2010,21(9):2262-2288.
[12]DONG L P,CHEN X Y,YANG Y J,et al.Implementation and Dection of Network Covert Channel [J].Computer Science,2015,42(7):216-221.(in Chinese)董丽鹏,陈性元,杨英杰,等.网络隐蔽信道实现机制及检测技术研究[J].计算机科学,2015,42(7):216-221.
[13]CABUK S,BRODLEY C E,SHIELDS C.IP covert timing channels:design and detection[C]//Proceedings of the 11th ACM conference on Computer and communications security.New York:ACM,2004:178-187.
[14]MAZURCZYK W,LUBACZ J.LACK-a VoIP steganographic method[J].Telecommunication Systems,2010,45(2/3):153-163.
[15]ZHAO H,SHI Y Q,ANSARI N.Hiding Data in MultimediaStreaming over Networks[C]//2010 8th Annual Communication Networks and Services Research Conference.Canada:IEEE,2010:50-55.
[16]SWANSON M D,KOBAYASHI M,TEWFIK A H.Multimedia data-embedding and watermarking technologies[J].Proceedings of the IEEE,1998,86(6):1064-1087.
[17]ZHANG X,LIANG C,ZHANG Q,et al.Building covert timing channels by packet rearrangement over mobile networks[J].Information Sciences,2018,445-446:66-78.
[18]MAZURCZYK W,SZCZYPIORSKI K.Steganography of VoIP streams[C]//OTM Confederated International Conferences On the Move to Meaningful Internet Systems.Berlin:Springer Heidelberg,2008:1001-1018.
[19]MAZURCZYK W.Lost audio packets steganography:the firstpractical evaluation[J].Security and Communication Networks,2012,5(12):1394-1403.
[20]ZHANG X,TAN Y A,LIANG C,et al.A Covert Channel Over VoLTE via Adjusting Silence Periods[J].IEEE Access,2018,6:9292-9302.
[21]LATHAM D C.Department of defense trusted computer system evaluation criteria:DoD 5200.28-STD [S].Department of Defense,1985.
[22]REZAEI F,HEMPEL M,SHARIF H.Towards a reliable detection of covert timing channels over real-time network traffic[J].IEEE Transactions on Dependable and Secure Computing,2017,14(3):249-264.
[1] PANG Xing-long, ZHU Guo-sheng. Survey of Network Traffic Analysis Based on Semi Supervised Learning [J]. Computer Science, 2022, 49(6A): 544-554.
[2] YAO Li and LIU Qiang. VoIP Acoustic Echo Cancellation Algorithm Based on WebRTC [J]. Computer Science, 2017, 44(Z6): 309-311.
[3] LIN Wang and TIAN Hong-xian. Implementation and Protocol Analysis of Embedded VoIP Voice Terminal Based on SIP [J]. Computer Science, 2016, 43(6): 86-90.
[4] JIANG Bo, LI Tao-shen and GE Zhi-hui. Research of Smartphone Energy Saving Based on Buffer Threshold Adaptive Adjustment [J]. Computer Science, 2016, 43(1): 137-140.
[5] SHI Jie,ZHONG Wei-bo and GE Xiu-mei. Dynamic Chaotic Encryption and its Application in VoIP [J]. Computer Science, 2014, 41(Z11): 268-271.
[6] YANG Qiu-ling,JIN Zhi-gang and HUANG Xiang-dang. Research on QoE-based Bandwidth Allocation Mechanism for VoIP [J]. Computer Science, 2014, 41(5): 102-106.
[7] YAN Ruo-yu. DDoS Attacks Detection Method Based on Traffic Matrix and Kalman Filter [J]. Computer Science, 2014, 41(3): 176-180.
[8] CHEN Yi-ou,HU Jian-hao and LING Xiang. Self-similarity Analysis and Modeling for On-chip Traffic [J]. Computer Science, 2014, 41(12): 13-18.
[9] WANG Fu-lin,GAO Qiang,LIU Yan-heng,WANG Jian. Modeling and Analysing Network Topology of Friend Relationships in Instant Messaging System [J]. Computer Science, 2011, 38(8): 69-73.
[10] LI Qin-de,ZHOU Wen-an,MA Fei,SONG Jun-de. Research on the Implementation of Intelligent Handoff Technique of VoIP Based on RTP/RTCP [J]. Computer Science, 2011, 38(2): 68-71.
[11] FU He-Gang,ZHOU Zhen-Dong (College of Computer Science, Chongqing University, Chongqing 400044). [J]. Computer Science, 2006, 33(10): 51-54.
[12] YANG Ji-Yun, DENG Shao-Jing (School of Computer, Chongqing University, Chongqing 400044). [J]. Computer Science, 2005, 32(11): 53-54.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
Add:18# Honghu West Rd., Yubei ,Chongqing,China    Post Code: 401121
Tel: 023-63500828/023-67039612/023-67039623
E-mail: jsjkx12@163.com
Powered by Beijing Magtech Co., Ltd.