Covert Channels in SIP for VoIP Signalling

  • Wojciech Mazurczyk
  • Krzysztof Szczypiorski
Part of the Communications in Computer and Information Science book series (CCIS, volume 12)


In this paper, we evaluate available steganographic techniques for SIP (Session Initiation Protocol) that can be used for creating covert channels during signaling phase of VoIP (Voice over IP) call. Apart from characterizing existing steganographic methods we provide new insights by introducing new techniques. We also estimate amount of data that can be transferred in signalling messages for typical IP telephony call.


VoIP SIP information hiding steganography 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Ahsan, K., Kundur, D.: Practical Data Hiding in TCP/IP. In: Proc. of Workshop on Multimedia Security at ACM Multimedia 2002, Juan-les-Pins, France (2002)Google Scholar
  2. 2.
    Bidou, R., Raynal, F.: Covert channels,
  3. 3.
    Cuervo, F., Greene, N., Rayhan, A., Huitema, C., Rosen, B., Segers, J.: Megaco Protocol Version 1.0. IETF, RFC 3015 (2000)Google Scholar
  4. 4.
    Galvin, J., Murphy, S., Crocker, S., Freed, N.: Security Multiparts for MIME: Multipart/Signed and Multipart/Encrypted. IETF, RFC 1847 (1995)Google Scholar
  5. 5.
    Handley, M., Jacobson, V., Perkins, C.: SDP: Session Description Protocol. IETF, RFC 4566 (2006)Google Scholar
  6. 6.
    ITU-T Recommendation H.323: Packet-based Multimedia Communications Systems Ver. 6. ITU (2006) Google Scholar
  7. 7.
    Johnston, A., Donovan, S., Sparks, R., Cunningham, C., Summers, K.: Session Initiation Protocol (SIP) Basic Call Flow Examples. IETF, RFC 3665 (2003)Google Scholar
  8. 8.
    Kwecka, Z.: Application Layer Covert Channel Analysis and Detection. Napier University Edinburgh, Technical Report (2006),
  9. 9.
    Lampson, B.: A Note on the Confinement Problem. Comm. ACM 16(10), 613–615 (1973)CrossRefGoogle Scholar
  10. 10.
    Mazurczyk, W., Kotulski, Z.: New Security and Control Protocol for VoIP Based on Steganography and Digital Watermarking. Annales UMCS, Informatica, AI 5, 417–426 (2006) ISNN 1732-1360Google Scholar
  11. 11.
    Mazurczyk, W., Kotulski, Z.: New VoIP Traffic Security Scheme with Digital Watermarking. In: Górski, J. (ed.) SAFECOMP 2006. LNCS, vol. 4166, pp. 170–181. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  12. 12.
    Murdoch, S.J., Lewis, S.: Embedding Covert Channels into TCP/IP. In: Barni, M., Herrera-Joancomartí, J., Katzenbeisser, S., Pérez-González, F. (eds.) IH 2005. LNCS, vol. 3727, pp. 247–261. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  13. 13.
    Petitcolas, F., Anderson, R., Kuhn, M.: Information Hiding – A Survey. IEEE Special Issue on Protection of Multimedia Content (1999)Google Scholar
  14. 14.
    Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A.: SIP: Session Initiation Protocol. IETF, RFC 3261 (2002)Google Scholar
  15. 15.
    Schulzrinne, H., Casner, S., Frederick, R., Jacobson, V.: RTP: A Transport Protocol for Real-Time Applications. IETF, RFC 3550 (2003)Google Scholar
  16. 16.
    US Department of Defense – Trusted Computer System Evaluation Criteria. DOD 5200.28-STD. The Orange Book (1985) Google Scholar
  17. 17.
  18. 18.
    Zander, S., Armitage, G., Branch, P.: A Survey of Covert Channels and Countermeasures in Computer Network Protocols. IEEE Communications Surveys & Tutorials, 3rd Quarter 2007 9(3), 44–57 (2007)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  • Wojciech Mazurczyk
    • 1
  • Krzysztof Szczypiorski
    • 1
  1. 1.Faculty of Electronics and Information Technology, Institute of TelecommunicationsWarsaw University of TechnologyWarsawPoland

Personalised recommendations