Network Steganography is a technique that uses common network protocols (the header field, the payload field or both) to hide a secret message. TCP/IP protocol suite has been a potential target for network steganography from the very beginning. This PowerPoint deck delivers a basic overview of Steganography along with the different types of it & explains what is network steganography and how it can be done using the required tools. In the end, some limitations and countermeasures are discussed. References of the relevant sources are cited in the end of the deck. I hope it will be useful to whoever use this ppt.
2. Table of contents
You can describe the topic of
the section here
Steganography
What is steganography?
Limitations
Limitations and potential
drawback of this approach
Types of Steg
Prisoner’s problem
The need for network
steganography
Countermeasures
Countermeasures to be taken
against network steg
Proposed Methodology
Method proposed for the
network steganography
01
03
02
04
05 06
6. a covert channel is an information hiding technique in which
the user takes advantage of the design and availability of a
standard communication channel to transfer covert data
between two processes or entities without a third party
knowing of its existence.
Covert Channel
10. The Prisoner’s Problem
The Prisoner’s Problem is a
game theory. It was introduced
by Gustavus J. Simmons in 1983.
11. The Prisoner’s Problem
Two prisoners are each placed in separate cells and are not
allowed to communicate directly with each other. The
Warden is the medium between them to communicate. How
to share their secret without Warden knowing?
13. Types of Covert Channels
Storage-based
Timing-based
Hybrid
Uses payload fields as covert channel
Based on timings or delays in PDUs
Uses both storage and timing based
channels
14. Scope of This Method
Local Area Network
Internet Protocol (IPv4)
Scapy and Wireshark
Time-based
Environment
Layer 3 Protocol
Covert Channel
Tools or Libraries
15. Local Area Network
Host A and B connected into LAN
It uses UDP protocol at Transport layer
All devices are connected through
Ethernet
Router is needed to communicate to the
internet.
22. Limitations
Does not use the existing IP packets
Require to create new packets to hide data in them
Limited to send 20 bits per packet
Can send above 20 bits but it will generate warnings
in Wireshark
25. Countermeasures
Encryption
Encrypting network
packets to avoid steg. SSL
& TLS etc
Network monitoring
Identify unusual behavior or
anomalies. NIDS and NBA etc
Traffic Analysis
Analysing patterns
using Sniffing tools
Steg detection tools
Various tools are available
to detect steganography.
1 2
4
3
26. References
1) Alsaffar, Hassan, & Daryl. (2015). Covert channel using the IP timestamp option of
an IPv4 packet. The International Conference on Electrical and Bio-medical
Engineering, 48-51.
2) Bedi, P., & Dua, A. (2020). Network Steganography using the Overflow Field of
Timestamp. Procedia Computer Science, 1810-1818.
3) Handel, G, T., & Stanford, M. T. (1996). Hiding Data in the OSI Network Model. `
4) Rowland, & H, C. (1997). Covert channels in the TCP/IP protocol suite. First
Monday.
5) Soni, T. (2020). Moving target network steganography. Theses and Dissertations,
2850.
6) Trabelsi, Zouheir, & Imad , J. (2010). Covert file transfer protocol based on the IP
record route option. Journal of Information Assurance and Security, 64-73.
7) http://datahide.org/BPCSe/applications-e.html
27. CREDITS: This presentation template was created
by Slidesgo, and includes icons by Flaticon, and
infographics & images by Freepik
Any questions?
Thanks!
Please keep this slide for attribution