Covert Channel for Improving VoIP Security

  • Wojciech Mazurczyk
  • Zbigniew Kotulski


In this paper a new way of exchanging data for Voice over Internet Protocol (VoIP) service is presented. With use of audio watermarking and network steganography techniques we achieve a covert channel which can be used for different purposes e.g. to improve IP Telephony signaling protocol’s security or to alternate existing protocols like RTCP (Real-Time Control Protocol). In this paper we focus on improving VoIP security. The main advantage of this solution is that it is lightweight (it does not consume any transmission bandwidth) and the data sent is inseparably bound to the voice content.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [1]
    J. Dittmann, A. Mukherjee, M. Steinebach: Media-independent Watermarking Classification and the need for combining digital video and audio watermarking for media authentication”, Proceedings of the International Conference on Information Technology: Coding and Computing, IEEE Computer Science Society, Las Vegas, Nevada, USA (2000) 62-67Google Scholar
  2. [2]
    M. Steinebach, F. Siebenhaar, C. Neubauer, R. Ackermann, U. Roedig, J. Dittmann: Intrusion Detection Systems for IP Telephony Networks, Real time intrusion detection symposium, Estoril, Portugal (2002) (17)1-9Google Scholar
  3. [3]
    D. Richard Kuhn, Thomas J. Walsh, Steffen Fries: Security Considerations for Voice Over IP Systems, Computer Security Division, Information Technology Laboratory, National Institute of Standards and Technology (2004)Google Scholar
  4. [4]
    S. Yuan, S. Huss: Audio Watermarking Algorithm for Real-time Speech Integrity and Authentication, International Multimedia Conference Proceedings of the 2004 Multimedia and security workshop on Multimedia and security, Magdeburg, Germany (2004) 220 - 226Google Scholar
  5. [5]
    H. Schulzrinne, S. Casner, R. Frederick, V. Jacobson: RTP: A Transport Protocol for Real-Time Applications, IETF, RFC 3550, July 2003.Google Scholar
  6. [6]
    S. Miner and J. Staddon. Graph-based authentication of digital streams. In Proceedings of the IEEE Symposium on Research in Security and Privacy (2001) 232-246Google Scholar
  7. [7]
    S. J. Murdoch, S. Lewis: Embedding Covert Channels into TCP/IP. Information Hiding (2005) 247-26Google Scholar
  8. [8]
    K. Ahsan, D. Kundur: Practical Data Hiding in TCP/IP. In: Proceedings of Workshop on Multimedia Security at ACM Multimedia ‘02, Juan-les-Pins (on the French Riviera), December 2002Google Scholar
  9. [9]
    Petitcolas, F., Anderson, R., Kuhn, M.: Information Hiding – A Survey: IEEE Special Issue on Protection of Multimedia Content, July 1999Google Scholar
  10. [10]
    K. Szczypiorski: HICCUPS: Hidden Communication System for Corrupted Networks. In Proc. of: The Tenth International Multi-Conference on Advanced Computer Systems ACS’2003, October 22-24, 2003 Miedzyzdroje, Poland, pp.31-40, ISBN 83-87362-61-1Google Scholar
  11. [11]
    T. Friedman, R. Caceres, A. Clark: RTP Control Protocol Extended Reports (RTCP XR), IETF, RFC 3611, November 2003Google Scholar
  12. [12]
    V. Korjik, G. Morales-Luna: Information Hiding through Noisy Channels, Proceedings of 4th International Information Hiding Workshop, Pittsburgh, PA, USA, (2001) 42-50Google Scholar
  13. [13]
    M. K. Mihcak, R. Venkatesan: A Perceptual Audio Hashing Algorithm: A Tool For Robust Audio Identification and Information Hiding, Proceedings of 4th International Information Hiding Workshop, Pittsburgh, PA, April 2001.Google Scholar
  14. [14]
    Information Sciences Institute University of Southern California: IP (Internet Protocol), IETF, RFC 791, September 1981.Google Scholar
  15. [15]
    W. Mazurczyk, Z. Kotulski: New security and control protocol for VoIP based on steganography and digital watermarking - Informatyka - Badania i Zastosowania (IBIZA 2006), Kazimierz Dolny 9-11 February 2006Google Scholar
  16. [16]
    W. Mazurczyk, Z. Kotulski - New VoIP traffic security scheme with digital watermarking - In Proceedings of SafeComp 2006, Lecture Notes in Computer Science 4166, pp. 170 - 181, Springer-Verlag, Heidelberg 2006Google Scholar

Copyright information

© Springer Science+Business Media, LLC 2007

Authors and Affiliations

  • Wojciech Mazurczyk
    • 1
  • Zbigniew Kotulski
    • 1
    • 2
  1. 1.Warsaw University of Technology, Faculty of Electronics and Information Technology, Institute of Telecommunications00-665 Warszawa
  2. 2.Polish Academy of Sciences, Institute of Fundamental Technological Research

Personalised recommendations