Network steganography – an investigation of covert channels in network protocols

Network Steganography describes all the methods used for transmitting data over a network without it being detected. This Final Year Project gives an overview of Network Steganography, introducing the concept of covert channels and network protocols that can be exploited to transmit hidden informati...

Full description

Saved in:
Bibliographic Details
Main Author: Tan, Soon Siang.
Other Authors: School of Computer Engineering
Format: Final Year Project
Language:English
Published: 2011
Subjects:
Online Access:http://hdl.handle.net/10356/46432
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Nanyang Technological University
Language: English
id sg-ntu-dr.10356-46432
record_format dspace
spelling sg-ntu-dr.10356-464322023-03-03T20:25:13Z Network steganography – an investigation of covert channels in network protocols Tan, Soon Siang. School of Computer Engineering Xiao Xiaokui DRNTU::Engineering::Computer science and engineering::Computer systems organization::Computer-communication networks Network Steganography describes all the methods used for transmitting data over a network without it being detected. This Final Year Project gives an overview of Network Steganography, introducing the concept of covert channels and network protocols that can be exploited to transmit hidden information. Many network protocols can be manipulated to provide a covert communication channel, such as TCP/IP, UDP, ICMP and HTTP. This report further investigates the existence of covert channels within the TCP/IP protocol suite. The main method approach to achieve this is through packet header manipulation. 3 methods were identified; Modifying the IP Identification field, the TCP Initial Sequence field, and making use of the TCP Sequence field after “bouncing” a packet off a remote server. The last method could allow covert communication even in networks heavily protected by firewalls or packet filters. The report also demonstrates how covert communication can be achieved through a proof-of-concept program coded in Java. In particular, the program makes use of Jpcap, a Java library for capturing and sending network packets to create the customized TCP/IP packets used to transmit hidden information. The last part of the report explores the applications, detection and ethical concerns of Steganography. In particular, it covers ways in which Steganography can be exploited for nefarious purposes, the concept of passive and active wardens in Network Steganography detection (or Steganalysis) and the conflict of interest between governments, organizations and individuals where Steganography is concerned. Bachelor of Engineering (Computer Science) 2011-12-06T02:24:07Z 2011-12-06T02:24:07Z 2011 2011 Final Year Project (FYP) http://hdl.handle.net/10356/46432 en Nanyang Technological University 50 p. application/pdf
institution Nanyang Technological University
building NTU Library
continent Asia
country Singapore
Singapore
content_provider NTU Library
collection DR-NTU
language English
topic DRNTU::Engineering::Computer science and engineering::Computer systems organization::Computer-communication networks
spellingShingle DRNTU::Engineering::Computer science and engineering::Computer systems organization::Computer-communication networks
Tan, Soon Siang.
Network steganography – an investigation of covert channels in network protocols
description Network Steganography describes all the methods used for transmitting data over a network without it being detected. This Final Year Project gives an overview of Network Steganography, introducing the concept of covert channels and network protocols that can be exploited to transmit hidden information. Many network protocols can be manipulated to provide a covert communication channel, such as TCP/IP, UDP, ICMP and HTTP. This report further investigates the existence of covert channels within the TCP/IP protocol suite. The main method approach to achieve this is through packet header manipulation. 3 methods were identified; Modifying the IP Identification field, the TCP Initial Sequence field, and making use of the TCP Sequence field after “bouncing” a packet off a remote server. The last method could allow covert communication even in networks heavily protected by firewalls or packet filters. The report also demonstrates how covert communication can be achieved through a proof-of-concept program coded in Java. In particular, the program makes use of Jpcap, a Java library for capturing and sending network packets to create the customized TCP/IP packets used to transmit hidden information. The last part of the report explores the applications, detection and ethical concerns of Steganography. In particular, it covers ways in which Steganography can be exploited for nefarious purposes, the concept of passive and active wardens in Network Steganography detection (or Steganalysis) and the conflict of interest between governments, organizations and individuals where Steganography is concerned.
author2 School of Computer Engineering
author_facet School of Computer Engineering
Tan, Soon Siang.
format Final Year Project
author Tan, Soon Siang.
author_sort Tan, Soon Siang.
title Network steganography – an investigation of covert channels in network protocols
title_short Network steganography – an investigation of covert channels in network protocols
title_full Network steganography – an investigation of covert channels in network protocols
title_fullStr Network steganography – an investigation of covert channels in network protocols
title_full_unstemmed Network steganography – an investigation of covert channels in network protocols
title_sort network steganography – an investigation of covert channels in network protocols
publishDate 2011
url http://hdl.handle.net/10356/46432
_version_ 1759857877747499008