Biblio

In this paper, internet is among the basic necessities of life. Internet has changed each and everybody's lives. So confidentiality of messages is very important over the internet. Steganography is the science of sending secret messages between the sender and intended receiver. It is such a technique that makes the exchange of covert messages possible. Each time a carrier is to be used for achieving steganography. The carrier plays a major role in establishing covert communication channel. This survey paper introduces steganography and its carriers. This paper concentrates on network protocols to be used as a carrier of steganograms. There are a number of protocols available to do so in the networks. Network steganography describes various methods used for transmitting data over a network without it being detected. Most of the methods proposed for hiding data in a network do not offer an additional protection to the covert data as it is sent as plain text. This paper presents a framework that offers the protection to the covert data by encrypting it and compresses it for gain in efficiency.

In this study, delays between data packets were read by using different window sizes to detect data transmitted from covert timing channel in computer networks, and feature vectors were extracted from them and detection of hidden data by some classification algorithms was achieved with high performance rate.

Network steganography is a branch of steganography that hides information through packet header manipulation and uses protocols as carriers to hide secret information. Many techniques were already developed using the Transmission Control Protocol (TCP) headers. Among the schemes in hiding information in the TCP header, the Initial Sequence Number (ISN) field is the most difficult to be detected since this field can have arbitrary values within the requirements of the standard. In this paper, a more undetectable scheme is proposed by increasing the complexity of hiding data in the TCP ISN using dynamic identifiers. The experimental results have shown that using Bayes Net, the proposed scheme outperforms the existing scheme with a low detection accuracy of 0.52%.

The increasing diffusion of malware endowed with steganographic techniques requires to carefully identify and evaluate a new set of threats. The creation of a covert channel to hide a communication within network traffic is one of the most relevant, as it can be used to exfiltrate information or orchestrate attacks. Even if network steganography is becoming a well-studied topic, only few works focus on IPv6 and consider real network scenarios. Therefore, this paper investigates IPv6 covert channels deployed in the wild. Also, it presents a performance evaluation of six different data hiding techniques for IPv6 including their ability to bypass some intrusion detection systems. Lastly, ideas to detect IPv6 covert channels are presented.

Due to improvements in defensive systems, network threats are becoming increasingly sophisticated and complex as cybercriminals are using various methods to cloak their actions. This, among others, includes the application of network steganography e.g. to hide the communication between an infected host and a malicious control server by embedding commands into innocent-looking traffic. Currently, a new subtype of such methods called inter-protocol steganography emerged. It utilizes relationships between two or more overt protocols to hide data. In this paper, we present new inter-protocol hiding techniques which are suitable for real-time services. Afterwards, we introduce and present preliminary results of a novel steganography detection approach which relies on network traffic coloring.