Skip to main content

Stealthy Protocols: Metrics and Open Problems

  • Chapter
  • First Online:
Concurrency, Security, and Puzzles

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 10160))

Abstract

This paper is a survey of both methods that could be used to support stealthy communication over both wired and wireless networks and techniques for evaluating them. By stealthy communication we mean communication using channels that guarantee that the nature of the communication, or even the fact that communication is taking place at all, is hidden. Although stealthy communication and information hiding have been studied from a number of different points of view, e.g. image steganography, network covert channels, and covert wireless communication, not much has been done to tie these different threads together and attempt to see how the different branches of stealthy communication research can inform each other. In this paper we take the first steps to remedying this deficiency. We identify open problems, point out gaps, and indicate directions for further research.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Dixon, R.C.: Spread Spectrum Systems with Commercial Applications, 3rd edn. Wiley, Hoboken (1994)

    Google Scholar 

  2. Ahmadzadeh, S.A., Agnew, G.B.: Turbo covert channel: an iterative framework for covert communication over data networks. In: Proceedings of the IEEE INFOCOM 2013, Turin, Italy, 14–19 April 2013, pp. 2031–2039 (2013)

    Google Scholar 

  3. Bash, B.A.: Fundamental Limits of Covert Communication. Ph.D. thesis, University of Massachusetts Amherst, Februrary 2015

    Google Scholar 

  4. Boulat, A.B., Goeckel, D., Towsley, D.: Limits of reliable communication with low probability of detection on awgn channels. IEEE J. Sel. Areas Commun. 31(9), 1921–1930 (2013). Selected Areas in Communications

    Article  Google Scholar 

  5. Matthieu, R.: Bloch: covert communication over noisy channels: a resolvability perspective. IEEE Trans. Inf. Theory 62(5), 2334–2354 (2016)

    Article  Google Scholar 

  6. Boltz, S., Debreuve, E., Barlaud, M.: High-dimensional statistical distance for region-of-interest tracking: application to combining a soft geometric constraint with radiometry. In: IEEE Conference on Computer Vision and Pattern Recognition, CVPR 2007, pp. 1–8. IEEE (2007)

    Google Scholar 

  7. Brumley, D., Boneh, D.: Remote timing attacks are practical. Comput. Netw. 48(5), 701–716 (2005)

    Article  Google Scholar 

  8. Cabuk, S.: Network Covert Channels: Design, Analysis, Detection, and Elimination. Ph.D. thesis, Purdue University, December 2006

    Google Scholar 

  9. Cabuk, S., Brodley, C.E., Shields, C.: IP covert timing channels: design and detection. In: Proceedings of the 11th ACM Conference on Computer and Communications Security, pp. 178–187. ACM (2004)

    Google Scholar 

  10. Cachin, C.: An information-theoretic model for steganography. Inf. Comput. 192(1), 41–56 (2004)

    Article  MathSciNet  MATH  Google Scholar 

  11. Crespi, V., Cybenko, G., Giani, A.: Engineering statistical behaviors for attacking and defending covert channels. IEEE J. Sel. Top. Sig. Proces. 7(1), 124–136 (2013)

    Article  Google Scholar 

  12. Davidoff, S., Ham, J.: Network Forensics: Tracking Hackers through Cyber Space. Prentice-Hall, Upper Saddle River (2012)

    Google Scholar 

  13. Filler, T., Ker, A.D., Fridrich, J.: The square root law of steganographic capacity for Markov covers. In: Proceedings of SPIE, Media Forensics and Security, SPIE 2009, vol. 7254 (2009)

    Google Scholar 

  14. Fisk, G., Fisk, M., Papadopoulos, C., Neil, J.: Eliminating steganography in internet traffic with active wardens. In: Petitcolas, F.A.P. (ed.) IH 2002. LNCS, vol. 2578, pp. 18–35. Springer, Heidelberg (2003). doi:10.1007/3-540-36415-3_2

    Chapter  Google Scholar 

  15. Frikha, L., Trabelsi, Z., El-Hajj, W.: Implementation of a covert channel in the 802.11 header (2008)

    Google Scholar 

  16. Gianvecchio, S., Wang, H.: Detecting covert timing channels: an entropy-based approach. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, pp. 307–316. ACM (2007)

    Google Scholar 

  17. Girling, C.G.: Covert channels in LAN’s. IEEE Trans. Soft. Eng. 13(2), 292–296 (1987)

    Article  Google Scholar 

  18. Hijaz, Z., Frost, V.: Exploiting OFDM systems for covert communication. In: IEEE Military Communications Conference (2010)

    Google Scholar 

  19. Van Horenbeck, M.: Deception on the network: thinking differently about covert channels. In: Proceedings of the 7th Australian Information Warfare and Security Conference. Edith Cowan University (2006)

    Google Scholar 

  20. Houmansadr, A., Brubaker, C., Shmatikov, V.: The parrot is dead: Observing unobservable network communications. In: 2013 IEEE Symposium on Security and Privacy (SP), pp. 65–79. IEEE (2013)

    Google Scholar 

  21. Kang, M.H., Moskowitz, I.S.: A pump for rapid, reliable, secure communication. In: Proceedings of the 1st ACM Conference on Computer and Communications Security, pp. 119–129. ACM (1993)

    Google Scholar 

  22. Ker, A.D.: Estimating steganographic fisher information in real images. In: Katzenbeisser, S., Sadeghi, A.-R. (eds.) IH 2009. LNCS, vol. 5806, pp. 73–88. Springer, Heidelberg (2009). doi:10.1007/978-3-642-04431-1_6

    Chapter  Google Scholar 

  23. Ker, A.D., Bas, P., Böhme, R., Cogranne, R., Craver, S., Filler, T., Fridrich, J., Pevnỳ, T.: Moving steganography and steganalysis from the laboratory into the real world. In: Proceedings of the First ACM Workshop on Information Hiding and Multimedia Security, pp. 45–58. ACM (2013)

    Google Scholar 

  24. Ker, A.D., Pevnỳ, T., Kodovskỳ, J., Fridrich, J.: The square root law of steganographic capacity. In: Proceedings of the 10th ACM Workshop on Multimedia and Security, pp. 107–116. ACM (2008)

    Google Scholar 

  25. Kleider, J.E., Gifford, S., Churpun, S., Fette, B.: Radio frequency watermarking for OFDM wireless networks, vol. 5, pp. 397–400 (2004)

    Google Scholar 

  26. Lee, K.S., Wang, H., Weatherspoon, H.: Phy covert channels: can you see the idles? In: 11th USENIX Symposium on Networked Systems Design and Implementation, NSDI14. USENIX (2014)

    Google Scholar 

  27. Liu, A., Chen, J.X., Wechsler, H.: Real-time timing channel detection in an software-defined networking virtual environment. Intell. Inf. Manage. 7(06), 283 (2015)

    Google Scholar 

  28. Lucena, N.B., Lewandowski, G., Chapin, S.J.: Covert channels in IPv6. In: Danezis, G., Martin, D. (eds.) PET 2005. LNCS, vol. 3856, pp. 147–166. Springer, Heidelberg (2006). doi:10.1007/11767831_10

    Chapter  Google Scholar 

  29. Millen, J.K.: Covert channel capacity. In: 1987 IEEE Symposium on Security and Privacy. IEEE Computer Society (1987)

    Google Scholar 

  30. Moskowitz, I.S., Greenwald, S.J., Kang, M.H.: An analysis of the timed Z-channel. In: Proceedings of the 1996 IEEE Symposium on Security and Privacy, pp. 2–11. IEEE (1996)

    Google Scholar 

  31. Moskowitz, I.S., Miller, A.R.: The channel capacity of a certain noisy timing channel. IEEE Trans. Inf. Theory 38(4), 1339–1344 (1992)

    Article  MATH  Google Scholar 

  32. Moskowitz, I.S., Miller, A.R.: Simple timing channels. In: Proceedings of the IEEE Computer Society Symposium on Research in Security and Privacy, pp. 56–64. IEEE (1994)

    Google Scholar 

  33. Peng, P., Ning, P., Reeves, D.S.: On the secrecy of timing-based active watermarking trace-back techniques. In: 2006 IEEE Symposium on Security and Privacy, p. 15. IEEE (2006)

    Google Scholar 

  34. Pevný, T., Fridrich, J.: Benchmarking for steganography. In: Solanki, K., Sullivan, K., Madhow, U. (eds.) IH 2008. LNCS, vol. 5284, pp. 251–267. Springer, Heidelberg (2008). doi:10.1007/978-3-540-88961-8_18

    Chapter  Google Scholar 

  35. Pfitzmann, B.: Information hiding terminology. In: Anderson, R. (ed.) IH 1996. LNCS, vol. 1174, pp. 347–350. Springer, Heidelberg (1996). doi:10.1007/3-540-61996-8_52

    Chapter  Google Scholar 

  36. Rezaei, F., Hempel, M., Peng, D., Qian, Y., Sharif, H.: Analysis and evaluation of covert channels over LTE advanced. In: IEEE Wireless Communications and Networking Conference (WCNC) (2013)

    Google Scholar 

  37. Sellke, S.H., Wang, C.-C., Bagchi, S., Shroff, N.B.: TCP/IP timing channels: theory to implementation. In: 28th IEEE International Conference on Computer Communications, Joint Conference of the IEEE Computer and Communications Societies, INFOCOM 2009, Rio de Janeiro, Brazil, 19–25 April 2009, pp. 2204–2212 (2009)

    Google Scholar 

  38. Shah, G., Molina, A., Blaze, M., et al.: Keyboards and covert channels. In: USENIX Security (2006)

    Google Scholar 

  39. Sheikholeslami, A., Bash, B.A., Towsley, D., Goeckel, D., Guha, S.: Covert communication over classical-quantum channels. In: IEEE International Symposium on Information Theory, ISIT 2016, Barcelona, Spain, 10–15 July 2016, pp. 2064–2068 (2016)

    Google Scholar 

  40. Simon, M., Omura, J., Scholtz, R., Levitt, B.: Spread Spectrum Communications Handbook. McGraw-Hill Inc., New York (1994). Revised edition

    Google Scholar 

  41. Singh, H., Misra, N., Hnizdo, V., Fedorowicz, A., Demchuk, E.: Nearest neighbor estimates of entropy. Am. J. Math. Manag. Sci. 23(3–4), 301–321 (2003)

    MathSciNet  Google Scholar 

  42. Wang, L., Wornell, G.W., Zheng, L.: Limits of low-probability-of-detection communication over a discrete memoryless channel. In: IEEE International Symposium on Information Theory, ISIT 2015, Hong Kong, China, 14–19 June 2015, pp. 2525–2529 (2015)

    Google Scholar 

  43. Wang, X., Chen, S., Jajodia, S.: Network flow watermarking attack on low-latency anonymous communication systems. In: IEEE Symposium on Security and Privacy, SP 2007, pp. 116–130. IEEE (2007)

    Google Scholar 

  44. Wang, X., Reeves, D.S., Felix Wu, S., Yuill, J.: Sleepy watermark tracing: an active network-based intrusion response framework. In: Proceedings of the 16th International Conference on Information Security: Trusted Information: the New Decade Challenge, Sec 2001, pp. 369–384. Kluwer (2001)

    Google Scholar 

  45. Yu, P.L., Baras, J.S., Sadler, B.M.: Physical-layer authentication. IEEE Trans. Inf. Forensics Secur. 3(1), 38–51 (2008)

    Article  Google Scholar 

  46. Zander, S., Armitage, G., Branch, P.: A survey of covert channels and countermeasures in computer network protocols. IEEE Commun. Surv. Tutorials 9(3), 44–57 (2007)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Catherine Meadows .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this chapter

Cite this chapter

Chen, O., Meadows, C., Trivedi, G. (2017). Stealthy Protocols: Metrics and Open Problems. In: Gibson-Robinson, T., Hopcroft, P., Lazić, R. (eds) Concurrency, Security, and Puzzles. Lecture Notes in Computer Science(), vol 10160. Springer, Cham. https://doi.org/10.1007/978-3-319-51046-0_1

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-51046-0_1

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-51045-3

  • Online ISBN: 978-3-319-51046-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics