Publication detail

Covert Channel in RTP Payload Using a Pointer in SIP Header

VOZŇÁK, M. ZBRANEK, I. MEHIC, M. KOMOSNÝ, D. TORAL-CRUZ, H. CHUN-WEI LIN, J.

Original Title

Covert Channel in RTP Payload Using a Pointer in SIP Header

English Title

Covert Channel in RTP Payload Using a Pointer in SIP Header

Type

journal article

Language

en

Original Abstract

The paper addresses the issue of hiding data in the network flow. The authors discuss a new proposal of the steganographic approach in IP telephony: transmitting texts using the pointer in the SIP header by means of a data stream within the RTP protocol. This method is based on tagging the binary sequences in payload of the RTP packets, with the individual binary sequences representing individual steganogram characters. Subsequently, the position of the binary sequences is recorded in the SIP header in the Via field and the branch parameter. The proposed way of hidden data transmission cannot be detected by existing anomaly detectors; and does not represent an approach to statistical detection of covert channels. In fact, it is a new contribution to covert communication in ordinary VoIP traffic.

English abstract

The paper addresses the issue of hiding data in the network flow. The authors discuss a new proposal of the steganographic approach in IP telephony: transmitting texts using the pointer in the SIP header by means of a data stream within the RTP protocol. This method is based on tagging the binary sequences in payload of the RTP packets, with the individual binary sequences representing individual steganogram characters. Subsequently, the position of the binary sequences is recorded in the SIP header in the Via field and the branch parameter. The proposed way of hidden data transmission cannot be detected by existing anomaly detectors; and does not represent an approach to statistical detection of covert channels. In fact, it is a new contribution to covert communication in ordinary VoIP traffic.

Keywords

Steganography; VoIP; RTP; payload; SIP; pointer

Released

01.03.2016

Pages from

40

Pages to

47

Pages count

8

BibTex


@article{BUT141080,
  author="Miroslav {Vozňák} and Ivo {Zbranek} and Miralem {Mehic} and Dan {Komosný} and Homero {Toral-Cruz} and Jerry {Chun-Wei Lin}",
  title="Covert Channel in RTP Payload Using a Pointer in SIP Header",
  annote="The paper addresses the issue of hiding data in the network flow. The authors discuss a new proposal of the steganographic approach in IP telephony: transmitting texts using the pointer in the SIP header by means of a data stream within the RTP protocol. This method is based on tagging the binary sequences in payload of the RTP packets, with the individual binary sequences representing individual steganogram characters. Subsequently, the position of the binary sequences is recorded in the SIP header in the Via field and the branch parameter. The proposed way of hidden data transmission cannot be detected by existing anomaly detectors; and does not represent an approach to statistical detection of covert channels. In fact, it is a new contribution to covert communication in ordinary VoIP traffic.",
  chapter="141080",
  howpublished="online",
  number="1",
  volume="18",
  year="2016",
  month="march",
  pages="40--47",
  type="journal article"
}