Implementation of an Optimized Steganography Technique over TCP/IP and Tests Against Well-Known Security Equipment
Abstract
Nowadays we are witnessing a total convergence towards a digital world where information is digitized, conveyed and processed using highly developed techniques and tools. The development of broadband networks, including the internet, has made easy the manipulation, transmission and sharing of information. However, new security issues arise and they are particularly related to integrity, confidentiality and traceability of data. Facing this situation, network security has become very important and challenges related to the protection of exchanged data over the internet against unauthorized access and use have increased. In the current work, we propose to implement an optimized steganography technique over TCP/IP protocol [1]. We have also tested it against well-known security equipment using latest versions. We will see that they are inefficient to stop this kind of cover channels. Our work is like an alarm to every IT administrator to change their thinking about data lost prevention (DLP) and exfiltration of sensitive information.
Keywords:
steganography, TCP/IP, cover channel, firewall, hidden channelDownloads
References
C. H. Rowland, “Covert Channels in the TCP/IP Protocol Suite”, First Monday, Vol. 2, No. 5, 1997 DOI: https://doi.org/10.5210/fm.v2i5.528
M. Kouremetis, C. West, “Private information retrieval”, 16th Annual Information Security Symposium, West Lafayette, IN, USA, March 24-25, 2015
Fortinet, “Customer Reviews on Gartner Peer Insights”, available at: https://www.fortinet.com/demand/gated/gartner-enterprise-firewall.html, 2018
Gartner Peer Insights, “Forcepoint-Fortinet Comparison”, available at: https://www.gartner.com/reviews/market/enterprise-network-firewalls/compare/forcepoint-vs-fortinet, 2018
V. Satrom, “Forcepoint positionné “Visionnaire” par Gartner dans la Magic Quadrant des firewalls réseau”, available at: https://www.forcepoint.com/fr/newsroom/2017/forcepoint-recognized-visionary-gartner-magic-quadrant-enterprise-network-firewalls, 2017 (in French)
S. J. Murdoch, S. Lewis, “Embedding Covert Channels into TCP/IP”, in: Information Hiding. IH 2005, Lecture Notes in Computer Science, Vol. 3727, pp. 247-261, Springer, Berlin, Heidelberg, 2005 DOI: https://doi.org/10.1007/11558859_19
Downloads
How to Cite
License
Authors who publish with this journal agree to the following terms:
- Authors retain the copyright and grant the journal the right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) after its publication in ETASR with an acknowledgement of its initial publication in this journal.
