Please use this identifier to cite or link to this item: https://hdl.handle.net/10356/46432
Title: Network steganography – an investigation of covert channels in network protocols
Authors: Tan, Soon Siang.
Keywords: DRNTU::Engineering::Computer science and engineering::Computer systems organization::Computer-communication networks
Issue Date: 2011
Abstract: Network Steganography describes all the methods used for transmitting data over a network without it being detected. This Final Year Project gives an overview of Network Steganography, introducing the concept of covert channels and network protocols that can be exploited to transmit hidden information. Many network protocols can be manipulated to provide a covert communication channel, such as TCP/IP, UDP, ICMP and HTTP. This report further investigates the existence of covert channels within the TCP/IP protocol suite. The main method approach to achieve this is through packet header manipulation. 3 methods were identified; Modifying the IP Identification field, the TCP Initial Sequence field, and making use of the TCP Sequence field after “bouncing” a packet off a remote server. The last method could allow covert communication even in networks heavily protected by firewalls or packet filters. The report also demonstrates how covert communication can be achieved through a proof-of-concept program coded in Java. In particular, the program makes use of Jpcap, a Java library for capturing and sending network packets to create the customized TCP/IP packets used to transmit hidden information. The last part of the report explores the applications, detection and ethical concerns of Steganography. In particular, it covers ways in which Steganography can be exploited for nefarious purposes, the concept of passive and active wardens in Network Steganography detection (or Steganalysis) and the conflict of interest between governments, organizations and individuals where Steganography is concerned.
URI: http://hdl.handle.net/10356/46432
Rights: Nanyang Technological University
Fulltext Permission: restricted
Fulltext Availability: With Fulltext
Appears in Collections:SCSE Student Reports (FYP/IA/PA/PI)

Files in This Item:
File Description SizeFormat 
SCE10-0490.pdf
  Restricted Access
1.48 MBAdobe PDFView/Open

Page view(s) 5

325
checked on Oct 22, 2020

Download(s) 5

11
checked on Oct 22, 2020

Google ScholarTM

Check

Items in DR-NTU are protected by copyright, with all rights reserved, unless otherwise indicated.