Abstract
The paper proposes a novel IP channel for sending hidden short messages, based mainly on the use of the “traceroute” command and the IP header Record route options. Instead of encrypting a hidden message or embedding it into a multimedia object, as in traditional multimedia steganography, we process the entire message and generate several IP packets with different types to carry the secret message. Thereby we foil an eavesdropper who is primarily applying statistical tests to detect encrypted communication channels. We show that our approach provides more protection against Steganalysis and sniffing attacks. A friendly graphical tool has been implemented to demonstrate the proposed secret IP channel.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Singh, A., Nordström, O., Lu, C., dos Santos, A.L.M.: Malicious ICMP Tunnelling: Defence against the Vulnerability. In: Safavi-Naini, R., Seberry, J. (eds.) ACISP 2003. LNCS, vol. 2727, pp. 226–236. Springer, Heidelberg (2003)
Kamran, A.: Covert Channel Analysis and Data Hiding in TCP/IP, Master Thesis, University of Toronto (2002)
Ahsan, K., Kundur, D.: Practical data hiding in TCP/IP. In: Proceedings of the Workshop on Multimedia Security at ACM Multimedia (December 2002)
Lampson, B.W.: A note on the confinement problem. In: Proceedings of the Communications of the ACM, vol. 16(10), pp. 613–615 (October 1973)
Girling, C.: Covert channels in LAN’s. IEEE Transactions on Software Engineering, vol. SE-13(2) (February 1987)
Rowland, C.H.: Covert channels in the TCP/IP protocol suite. Tech. Rep. 5, First Monday, Peer Reviewed Journal on the Internet (July 1997)
Cachin, C.: An information-theoretic model for steganography. In: Aucsmith, D. (ed.) IH 1998. LNCS, vol. 1525, pp. 306–318. Springer, Heidelberg (1998)
Abad, C.: IP checksum covert channels and selected hash collision, Technical report (2001)
Wu, D., Wong, F.: Remote Sniffer Detection. Computer Science Division. University of California, Berkeley, December 14 (1998)
Fisk, G., Fisk, M., Papadopoulos, C., Neil, J.: Eliminating Steganography in Internet Traffic with Active Wardens. In: The Proceedings of the 5th International Workshop on Information Hiding, October 07-09, pp. 18–35 (2002)
Postel, J.: Internet Control Message Protocol, Protocol Specifications, DARPA Internet Program (September 1984)
McHugh, J.: Covert Channel Analysis, Portland State University (December 1995)
Giffin, J., Greenstadt, R., Litwack, P., Tibbetts, R.: Covert messaging through TCP timestamps. In: Dingledine, R., Syverson, P.F. (eds.) PET 2002. LNCS, vol. 2482, pp. 194–208. Springer, Heidelberg (2003)
Wolf, M.: Covert channels in LAN protocols. In: Berson, T.A., Beth, T. (eds.) LANSEC 1989. LNCS, vol. 396, pp. 91–102. Springer, Heidelberg (1989)
Kuhn, M.G., Petitcolas, F.A.P., Anderson, R.J.: Information hiding – a survey. In: Proceedings of the IEEE, special issue on protection of multimedia content, vol. 87(7), pp. 1062–1078 (July 1999)
Stevens, R.: – TCP/IP Illustrated: vol. 1 (2001)
Anderson, R., Petitcolas, F.A.P.: On the limits of steganography. IEEE Journal on Selected Areas in Communications 16, 474–481 (1998)
RFC 950 - Internet Standard Subnetting Procedure
RFC 1466 - Guidelines for Management of IP Address Space
RFC 1393 - Traceroute message
Katzenbeisser, S., Petitcolas, F.: Information Hiding Techniques for Steganography and Digital Watermarking. Computer Security Series, 685 Canton Street, 02062. Artech House, Inc., Norwood (2000)
Handel, T., Sandford, M.: Hiding data in the OSI network model. In: First International Workshop on Information Hiding, Cambridge, U.K (May-June 1996)
U.S.D.O.D., Trusted computer system evaluation criteria (1985)
Uc davis denial of service (dos) project, meeting notes, January 27 (1999), http://seclab.cs.ucdavis.edu/projects/denial-service/meetings/01-27-99m.html
Radhakrishnan, R., Shanmugasundaram, K., Memon, N.D.: Data masking: a secure-covert channel paradigm. In: IEEE Workshop on Multimedia Signal Processings, pp. 339–342 (2002)
Murdoch, S.J., Lewis, S.: Embedding Covert Channels into TCP/IP. In: The 7th Information Hiding Workshop, Barcelona, Catalonia, June 6–8 (Spain) (2005)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Trabelsi, Z., El-Sayed, H., Frikha, L., Rabie, T. (2006). Traceroute Based IP Channel for Sending Hidden Short Messages. In: Yoshiura, H., Sakurai, K., Rannenberg, K., Murayama, Y., Kawamura, S. (eds) Advances in Information and Computer Security. IWSEC 2006. Lecture Notes in Computer Science, vol 4266. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11908739_30
Download citation
DOI: https://doi.org/10.1007/11908739_30
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-47699-3
Online ISBN: 978-3-540-47700-6
eBook Packages: Computer ScienceComputer Science (R0)