ARPNetSteg : Network Steganography Using Address Resolution Protocol

• Autorzy: Bedi Punam , Dua Arti

Identyfikatory

DOI

10.24425/ijet.2020.134026

• Języki publikacji: EN

Abstrakty

EN

Steganography is a technique that allows hidden transfer of data using some media such as Image, Audio, Video, Network Protocol or a Document, without its existence getting noticed. Over the past few years, a lot of research has been done in the field of Image, Video and Audio Steganography but very little work has been done in Network Steganography. A Network Steganography technique hides data in a Network Data Unit, i.e., a Network Protocol Packet. In this paper we present an algorithm ARPNetSteg that implements Network Steganography using the Address resolution protocol. Our technique is a robust technique that can transfer 44 bits of covert data per ARP reply packet.

Słowa kluczowe

EN

network steganography; ARP steganography; covert channel; Address Resolution Protocol; protocol steganography

• Wydawca: Polish Academy of Sciences, Committee of Electronics and Telecommunication
• Czasopismo: International Journal of Electronics and Telecommunications
• Rocznik: 2020
• Tom: Vol. 66, No. 4
• Strony: 671--677
• Opis fizyczny: Bibliogr. 21 poz., rys., wykr.

Twórcy

autor

Bedi Punam

• University of Delhi, Delhi, India.

autor

Dua Arti

• University of Delhi, Delhi, India.

Bibliografia

• [1] W. Richard Stevens. TCP/IP illustrated (vol. 1): the protocols. Addison-Wesley Longman Publishing Co., Inc., USA. 1993.
• [2] Trithemius, Johannes, and Wolfgang Ernst Heidel. Steganographia. 1721.
• [3] I. Cox, Miller, M., Bloom, J. Fridrich and T. Kalker. “Digital Watermarking and Steganography”, 2nd ed. Elsevier, Morgan Kaufmann Publishers, 2008.
• [4] K. Szczypiorski, “Steganography in TCP/IP networks”, in State of the Art and a Proposal of a New System–HICCUPS, Institute of Telecommunications' seminar, Warsaw University of Technology, Poland, 2003.
• [5] G. Fisk, M. Fisk, C. Papadopoulos and J. Neil, “Eliminating Steganography in Internet Traffic with Active Wardens,” in Proc. 5th International Workshop on Information Hiding, Oct. 2002.
• [6] D. Plummer, "An Ethernet Address Resolution Protocol: Or Converting Network Protocol Addresses to 48.bit Ethernet Address for Transmission on Ethernet Hardware", STD 37, RFC 826, Nov. 1982, DOI 10.17487/RFC0826.
• [7] ARP, Address Resolution Protocol, “Network Socery Website,” 2015 http://www.networksorcery.com/enp/protocol/arp.htm.
• [8] TCP/IP Guide Website, 2020 http://www.tcpipguide.com/free/t_ARPMessageFormat.htm.
• [9] T. G. Handel and M. T. Sandford, “Hiding data in the OSI network model.” in Proc. International Workshop on Information Hiding, Berlin, Heidelberg, 1996, pp. 23-38.
• [10] A. Mileva, and P. Boris, "Covert channels in TCP/IP protocol stack-extended version." Open Computer Science vol. 4, pp 45-66, 2014.
• [11] C. Rowland, "Covert channels in the TCP/IP protocol suite, first Monday." Peer Reviewed Journal on the Internet vol. 2, no. 5, 1997.
• [12] K. Ahsan, and D Kundur, “Practical data hiding in TCP/IP” in Proc. Workshop on Multimedia Security at ACM Multimedia, 2002.
• [13] Bellovin, M. Steven, "Security problems in the TCP/IP protocol suite." ACM SIGCOMM Computer Communication Review, vol. 19, no. 2, pp 32-48, 1989.
• [14] K. Szczypiorski, M. Drzymała, and M. Ł. Urbański. "Network Steganography in the DNS Protocol." International Journal of Electronics and Telecommunications, vol. 62, no. 4, pp. 343-346, 2016.
• [15] Z. Trabelsi and I. Jawhar, "Covert file transfer protocol based on the IP record route option." Journal of Information Assurance and Security vol. 5 no. 1, pp. 64-73, 2010.
• [16] P. Bedi, A. Dua, “Network Steganography using the Overflow Field of Timestamp Option in an IPv4 Packet”. Presented at Third International Conference on Computing and Network Communications (CoCoNet’19), Trivendrum, Dec. 18-21, 2019.
• [17] L. Ji, Y. Fan, C. Ma, “Covert channel for local area network,” in Proc. IEEE International Conference on Wireless Communications, Networking and Information Security, WCNIS 2010, Beijing, China, 2010, pp. 316–319.
• [18] B. Jankowski, W. Mazurczyk, K. Szczypiorski, “PadSteg: Introducing Inter-Protocol Steganography,” Telecommunication Systems, Vol. 52, 2013, pp. 1101–1111.
• [19] S. Tobias, S. Wendzel, A. Mileva, and W. Mazurczyk, "Introducing dead drops to network steganography using ARP-caches and SNMP-walks," in Proc. 14th International Conference on Availability, Reliability and Security, 2019, pp. 1-10.
• [20] Scapy Website, 2020. https://scapy.readthedocs.io/en/latest/introduction.html
• [21] Wireshark website, 2020, https://www.wireshark.org