Towards Deriving Insights into Data Hiding Methods Using Pattern-based Approach

Mazurczyk, Wojciech; Wendzel, Steffen; Cabaj, Krzysztof

doi:10.1145/3230833.3233261

Cited by 20 publications

(35 citation statements)

References 16 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Recently, covert channels were employed by cyber-attacks, i.e., to permit a covert transmission of malware data. Nevertheless, they could also be applied for legitimate goals, such as transmitting illicit information under Internet censorship [ 14 , 98 , 107 ].…”

Section: Literature Reviewmentioning

confidence: 99%

Modern Text Hiding, Text Steganalysis, and Applications: A Comparative Analysis

Ahvanooey

Hou

et al. 2019

Entropy

View full text Add to dashboard Cite

Modern text hiding is an intelligent programming technique which embeds a secret message/watermark into a cover text message/file in a hidden way to protect confidential information. Recently, text hiding in the form of watermarking and steganography has found broad applications in, for instance, covert communication, copyright protection, content authentication, etc. In contrast to text hiding, text steganalysis is the process and science of identifying whether a given carrier text file/message has hidden information in it, and, if possible, extracting/detecting the embedded hidden information. This paper presents an overview of state of the art of the text hiding area, and provides a comparative analysis of recent techniques, especially those focused on marking structural characteristics of digital text message/file to hide secret bits. Also, we discuss different types of attacks and their effects to highlight the pros and cons of the recently introduced approaches. Finally, we recommend some directions and guidelines for future works.

show abstract

Section: Literature Reviewmentioning

confidence: 99%

Modern Text Hiding, Text Steganalysis, and Applications: A Comparative Analysis

Ahvanooey

Hou

et al. 2019

Entropy

View full text Add to dashboard Cite

show abstract

“…However, in the past, stenographic techniques have failed in TCP because of a different probability distribution to that of the unmodified TCP/IP implementations. According to [11], the TCP/IP header is highly susceptible to steganography. This comprises header fields such as Type of service, IP flags, Fragments offset, IP options, TCP timestamp, Packet order, Packet timing and TCP initial sequence number.…”

Section: Background and Related Workmentioning

confidence: 99%

Efficient Non-Linear Covert Channel Detection in TCP Data Streams

et al. 2020

View full text Add to dashboard Cite

Cyber-attacks are causing losses amounted to billions of dollars every year due to data breaches and vulnerabilities. The existing tools for data leakage prevention and detection are often bypassed by using various different types of sophisticated techniques such as network steganography for stealing the data. This is due to several weaknesses which can be exploited by a threat actor in existing detection systems. The weaknesses are high time and memory training complexities as well as large training datasets. These challenges become worse when the amount of generated data increases in every second in many realms. In addition, the number of false positives is high which makes them inaccurate. Finally, there is a lack of a framework catering for the needs such as raising alerts as well as data monitoring and updating/adapting of a threshold value used for checking the data packets for covert data. In order to overcome these weaknesses, this paper proposes a novel framework that includes elements such as continuous data monitoring, threshold maintenance, and alert notification. This paper also proposes a model based on statistical measures to detect covert data leakages, especially for non-linear chaotic data. The main advantage of the proposed model is its capability to provide results with tolerance/threshold values much more efficiently. Our experiments indicate that the proposed framework has low false positives and outperforms various existing techniques in terms of accuracy and efficiency. INDEX TERMS Data leakage, network steganography, covert channel, TCP/IP protocol.

show abstract

“…1). The originally proposed taxonomy has been extended a couple of times, with the latest extension being the one of Mazurczyk et al [22]. As can be seen in Fig.…”

Section: Network Information Hiding Patternsmentioning

confidence: 99%

“…Storage channels can either modify protocol fields (such as header bits or padding fields) or payload. If protocol fields are modified then this can be done in two ways, either in a structure modifying manner, i.e., by extending the protocol header with additional fields, or, in a structure preserving way by simply overwriting already existing values in a protocol [22]).…”

Section: Network Information Hiding Patternsmentioning

confidence: 99%

See 1 more Smart Citation

Covert Channels in the MQTT-Based Internet of Things

et al. 2019

Self Cite

View full text Add to dashboard Cite

Network covert channels are a part of the information hiding research area that deals with the secret transfer of information over communication networks. Covert channels can be utilized, for instance, for data leakage and stealthy malware communications. While data hiding in communication networks has been studied within the last years for several major communication protocols, currently no work is available that investigates covert channels for the publish-subscriber model. To fill this gap, we present the first comprehensive study of covert channels in a protocol utilizing the publish-subscriber model, i.e., the Message Queuing Telemetry Transport (MQTT) protocol which is widely deployed in Internet of Things (IoT) environments. In particular, we describe seven direct and six indirect covert channels and we evaluate and categorize them using the network information hiding patterns approach. Finally, in order to prove that MQTT-based covert channels are practically feasible and effective, we implement the chosen data hiding scheme and perform its experimental evaluation. INDEX TERMS MQTT, network steganography, network covert channels, data hiding, information hiding, IoT.

show abstract

Towards Deriving Insights into Data Hiding Methods Using Pattern-based Approach

Cited by 20 publications

References 16 publications

Modern Text Hiding, Text Steganalysis, and Applications: A Comparative Analysis

Modern Text Hiding, Text Steganalysis, and Applications: A Comparative Analysis

Efficient Non-Linear Covert Channel Detection in TCP Data Streams

Covert Channels in the MQTT-Based Internet of Things

Contact Info

Product

Resources

About