Skip to main content

Advertisement

SpringerLink
Go to cart
  1. Home
  2. Telecommunication Systems
  3. Article
PadSteg: introducing inter-protocol steganography
Download PDF
Your article has downloaded

Similar articles being viewed by others

Slider with three articles shown per slide. Use the Previous and Next buttons to navigate the slides or the slide controller buttons at the end to navigate through each slide.

Research on information steganography based on network data stream

04 August 2020

Jiazhong Lu, Weisha Zhang, … Xiaolei Liu

PHYAlert: identity spoofing attack detection and prevention for a wireless edge network

28 January 2020

Zhiping Jiang, Kun Zhao, … Junzhao Du

Securing Wireless Communication via Hardware-Based Packet Obfuscation

16 May 2019

James Chacko, Kyle Juretus, … Kapil R. Dandekar

A roadmap of steganography tools: conventional to modern

16 March 2021

Urmila Pilania, Rohit Tanwar, … Tanupriya Choudhury

Secure Communication Channel Establishment: TLS 1.3 (over TCP Fast Open) versus QUIC

24 May 2021

Shan Chen, Samuel Jero, … Cristina Nita-Rotaru

Efficient signal and protocol level security for network communication

26 February 2020

Ensherah A. Naeem, Ayman E. A. Abdelaal, … Fathi E. Abd El-Samie

Geolocation of covert communication entity on the Internet for post-steganalysis

06 April 2020

Fan Zhang, Fenlin Liu & Xiangyang Luo

Covert channel limitation via special dummy traffic generating

16 May 2022

Anna Epishkina, Nikolay Karapetyants, … Philip Lebedev

A reliable and efficient micro-protocol for data transmission over an RTP-based covert channel

06 November 2019

Maryam Azadmanesh, Mojtaba Mahdavi & Behrouz Shahgholi Ghahfarokhi

Download PDF
  • Open Access
  • Published: 01 September 2011

PadSteg: introducing inter-protocol steganography

  • Bartosz Jankowski1,
  • Wojciech Mazurczyk1 &
  • Krzysztof Szczypiorski1 

Telecommunication Systems volume 52, pages 1101–1111 (2013)Cite this article

  • 1309 Accesses

  • 23 Citations

  • 3 Altmetric

  • Metrics details

Abstract

Hiding information in network traffic may lead to leakage of confidential information. In this paper we introduce a new steganographic system: the PadSteg (Padding Steganography). To authors’ best knowledge it is the first information hiding solution which represents inter-protocol steganography i.e. usage of relation between two or more protocols from the TCP/IP stack to enable secret communication. PadSteg utilizes ARP and TCP protocols together with an Etherleak vulnerability (improper Ethernet frame padding) to facilitate secret communication for hidden groups in LANs (Local Area Networks). Basing on real network traces we confirm that PadSteg is feasible in today’s networks and we estimate what steganographic bandwidth is achievable while limiting the chance of disclosure. We also point at possible countermeasures against PadSteg.

Download to read the full article text

Working on a manuscript?

Avoid the common mistakes

References

  1. Rowland, C. (1997). Covert channels in the TCP/IP protocol suite. First Monday. Peer Reviewed Journal on the Internet, July 1997.

  2. Zander, S., Armitage, G., & Branch, P. (2007). A survey of covert channels and countermeasures in computer network protocols. IEEE Communications Surveys and Tutorials, 9(3), 44–57.

    Article  Google Scholar 

  3. Petitcolas, F., Anderson, R., & Kuhn, M. (1999). Information hiding—a survey. IEEE Special Issue on Protection of Multimedia Content, July 1999.

  4. Murdoch, S. J., & Lewis, S. (2005). Embedding covert channels into TCP/IP. In Information hiding (pp. 247–261).

    Chapter  Google Scholar 

  5. Ahsan, K., & Kundur, D. (2002). Practical data hiding in TCP/IP. In Proc. ACM wksp. multimedia security, December 2002.

    Google Scholar 

  6. Kundur, D., & Ahsan, K. (2003). Practical Internet steganography: data hiding in IP. In Proc. Texas wksp. security of information systems, April 2003.

    Google Scholar 

  7. Fisk, G., Fisk, M., Papadopoulos, C., & Neil, J. (2002). Eliminating steganography in Internet traffic with active wardens. In Lecture notes in computer science: Vol. 2578. Proc. 5th international workshop on information hiding (pp. 18–35).

    Chapter  Google Scholar 

  8. Lucena, N. B., Lewandowski, G., & Chapin, S. J. (2005). Covert channels in IPv6. In Proc. privacy enhancing technologies (PET) (pp. 147–166), May 2005

    Google Scholar 

  9. Arkin, O., & Anderson, J. (2003). Ethernet frame padding information leakage (Atstake report). http://packetstorm.codar.com.br/advisories/atstake/atstake_etherleak_report.pdf.

  10. Plummer, D. C. (1982). An ethernet address resolution protocol. RFC 826, November 1982.

  11. Girling, C. G. (1987). Covert channels in LAN’s. IEEE Transactions on Software Engineering, SE-13(2), 292–296.

    Article  Google Scholar 

  12. Handel, T., & Sandford, M. (1996). Hiding data in the OSI network model. In Proceedings of the first international workshop on information hiding (pp. 23–38).

    Chapter  Google Scholar 

  13. Wolf, M. (1989). Covert channels in LAN protocols. In Proc. wksp. local area network security (LANSEC) (pp. 91–101).

    Google Scholar 

  14. Mazurczyk, W., & Szczypiorski, K. (2008). Steganography of VoIP streams. In R. Meersman & Z. Tari (Eds.), Lecture notes in computer science: Vol. 5332. OTM 2008, Part II (pp. 1001–1018). Proc. of the 3rd international symposium on information security (IS’08), Monterrey, Mexico, November 2008. Berlin: Springer.

    Google Scholar 

  15. Mazurczyk, W., Smolarczyk, M., & Szczypiorski, K. Retransmission steganography and its detection. Soft Computing, 15(3), 505–515.

  16. Jankowski, B., Mazurczyk, W., & Szczypiorski, K. Information hiding using improper frame padding. Submitted to 14th international telecommunications network strategy and planning symposium (Networks 2010), 27–30.09.2010, Warsaw, Poland.

Download references

Author information

Authors and Affiliations

  1. Institute of Telecommunications, Warsaw University of Technology, 15/19 Nowowiejska Str., Warsaw, Poland

    Bartosz Jankowski, Wojciech Mazurczyk & Krzysztof Szczypiorski

Authors
  1. Bartosz Jankowski
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Wojciech Mazurczyk
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Krzysztof Szczypiorski
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Wojciech Mazurczyk.

Rights and permissions

Open Access This is an open access article distributed under the terms of the Creative Commons Attribution Noncommercial License (https://creativecommons.org/licenses/by-nc/2.0), which permits any noncommercial use, distribution, and reproduction in any medium, provided the original author(s) and source are credited.

Reprints and Permissions

About this article

Cite this article

Jankowski, B., Mazurczyk, W. & Szczypiorski, K. PadSteg: introducing inter-protocol steganography. Telecommun Syst 52, 1101–1111 (2013). https://doi.org/10.1007/s11235-011-9616-z

Download citation

  • Published: 01 September 2011

  • Issue Date: February 2013

  • DOI: https://doi.org/10.1007/s11235-011-9616-z

Share this article

Anyone you share the following link with will be able to read this content:

Sorry, a shareable link is not currently available for this article.

Provided by the Springer Nature SharedIt content-sharing initiative

Keywords

  • Steganography
  • ARP
  • Frame padding
  • Etherleak
Download PDF

Working on a manuscript?

Avoid the common mistakes

Advertisement

Over 10 million scientific documents at your fingertips

Switch Edition
  • Academic Edition
  • Corporate Edition
  • Home
  • Impressum
  • Legal information
  • Privacy statement
  • Your US state privacy rights
  • How we use cookies
  • Your privacy choices/Manage cookies
  • Accessibility
  • FAQ
  • Contact us
  • Affiliate program

Not affiliated

Springer Nature

© 2023 Springer Nature Switzerland AG. Part of Springer Nature.