A Secure and Robust Covert Channel Based on Secret Sharing Scheme
Network covert channel (referred to as network steganography) is a covert communication technique that uses the redundancies of network protocols to transfer secret information. While encryption only protects communication from being decoded by unauthorised parties, a covert channel aims to hide the very existence of the secret communication. More recently focus has shifted towards network protocols based covert channels because the huge amount of data and vast number of different protocols in the Internet seems ideal as a high-bandwidth vehicle for covert communication. However, few approaches which can embed secret information with both great security and robustness ensured have been worked out by so far. In this paper, we propose a novel packet length based covert channel exploiting the secret sharing scheme in order to overcome the drawbacks of existing schemes. A comprehensive set of corresponding experiment results and security analysis show that the proposed covert channel is provably secure and with great robustness than that of the existing algorithms.
KeywordsCovert channel Network steganography Packet length Network security Information hiding Network protocols
This work was supported by the National Natural Science Foundation of China (No. 61572456, No. 61379131) and the Natural Science Foundation of Jiangsu Province of China (No. BK20151241, No. BK20151239).
- 2.Blakley, GR.: Safeguarding cryptographic keys. In: AFIPS 1979 National Computer Conference, vol. 48 (1979)Google Scholar
- 4.Simmons, G.J.: An introduction to shared secret and/or shared control schemes and their application. Contemp. Cryptol.: Sci. Inf. Integrity, pp. 441–497 (1992)Google Scholar
- 8.Wolf, M.: Covert channels in LAN protocols. In: Local Area Network Security, Springer, Heidelberg, pp. 89–101 (1989)Google Scholar
- 9.Tsai, C.R., Gligor, V.D., Chandersekaran, C.S.: A formal method for the identification of covert storage channels in source code. In: IEEE Symposium on Security and Privacy, p. 74 (1987)Google Scholar
- 10.Cabuk, S., Brodley, C.E., Shields, C.: IP covert timing channels: design and detection. In: Proceedings of the 11th ACM Conference on Computer and Communications Security, pp. 178–187. ACM (2004)Google Scholar
- 11.Mazurczyk, W., Szczypiorski, K.: Steganography in handling oversized IP packets. In: Proceedings of First International Workshop on Network Steganography (IWNS 2009), Wuhan, Hubei, China, 18–20 November 2009 - Co-located with 2009 International Conference on Multimedia Information Networking and Security (MINES 2009), vol. I, pp. 569–572Google Scholar
- 12.Padlipsky, M.A., Snow, D.W., Karger, P.A.: Limitations of end-to-end encryption in secure computer networks. MITRE CORP BEDFORD MA (1978)Google Scholar
- 14.Nair A S, Kumar A, Sur A, et al.: Length based network steganography using UDP protocol. In: 2011 IEEE 3rd International Conference on Communication Software and Networks (ICCSN), pp. 726–730. IEEE (2011)Google Scholar
- 15.Ji L, Jiang W, Dai B, et al.: A novel covert channel based on length of messages. In: International Symposium on Information Engineering and Electronic Commerce, IEEC 2009, pp. 551–554. IEEE (2009)Google Scholar
- 16.Ji, L., Liang, H., Song, Y., et al.: A normal-traffic network covert channel. In: 2009 International Conference on Computational Intelligence and Security CIS 2009, vol. 1, pp. 499–503. IEEE (2009)Google Scholar
- 17.Nair A S, Sur A, Nandi S. Detection of packet length based network steganography. In: 2010 International Conference on Multimedia Information Networking and Security (MINES), pp. 574–578. IEEE (2010)Google Scholar
- 18.Quan-zhu, Y., Peng, Z.: Coverting channel based on packet length. Comput. Eng. 34(3), 183–185 (2008)Google Scholar