Browse > Article
http://dx.doi.org/10.4218/etrij.2018-0410

MKIPS: MKI-based protocol steganography method in SRTP  

Alishavandi, Amir Mahmoud (Faculty of Electrical and Computer Engineering, Malek Ashtar University)
Fakhredanesh, Mohammad (Faculty of Electrical and Computer Engineering, Malek Ashtar University)
Publication Information
ETRI Journal / v.43, no.3, 2021 , pp. 561-570 More about this Journal
Abstract
This paper presents master key identifier based protocol steganography (MKIPS), a new approach toward creating a covert channel within the Secure Real-time Transfer Protocol, also known as SRTP. This can be achieved using the ability of the sender of Voice-over-Internet Protocol packets to select a master key from a pre-shared list of available cryptographic keys. This list is handed to the SRTP sender and receiver by an external key management protocol during session initiation. In this work, by intelligent utilization of the master key identifier field in the SRTP packet creation process, a covert channel is created. The proposed covert channel can reach a relatively high transfer rate, and its capacity may vary based on the underlying SRTP channel properties. In comparison to existing data embedding methods in SRTP, MKIPS can convey a secret message without adding to the traffic overhead of the channel and packet loss in the destination. Additionally, the proposed covert channel is as robust as its underlying user datagram protocol channel.
Keywords
Covert channel; master key identifier; protocol steganography; Secure Real-time Transfer Protocol; Voice-over-Internet Protocol;
Citations & Related Records
Times Cited By KSCI : 1  (Citation Analysis)
연도 인용수 순위
1 W. Mazurczyk and K. Szczypiorski, Covert channels in SIP for VoIP signaling, in Proc. Int. Conf. Glob. e-Secur. (ICGeS), (London, UK), June 2008, pp. 65-72.
2 W. Mazurczyk and K. Szczypiorski, Steganography of VoIP streams, in On the Move to Meaningful Internet Systems: OTM 2008, vol. 5332, Springer, Berlin, Germany, 2008.
3 W. Mazurczyk, VoIP steganography and its detection-A survey, ACM Comput. Surv. 46 (2013), no. 2, 1-21, Article no. 20.   DOI
4 P. Lloyd, An exploration of covert channels within voice over IP, M.S. Thesis, Rochester Institute of Technology, May 2010.
5 M. Mehic, J. Slachta, and M. Voznak, Hiding data in SIP session, in Proc. Conf. Telecommun. Signal Process. (TSP), (Prague, Czech Republic), July 2015.
6 N. Aoki, A packet loss concealment technique for VoIP using steganography, in Proc. Int. Symp. Intell. Signal Process. Commun. Syst. (ISPACS'03), (Awaji Island, Japan), Dec. 2003, pp. 470-473.
7 W. Mazurczyk and Z. Kotulski, New VoIP traffic security scheme with digital watermarking, in Computer Safety, Reliability, and Security, vol. 4166, Springer, Berlin, Germany, 2006, pp. 170-181.
8 A. Giani, V. H. Berk, and G. V. Cybenko, Data exfiltration and covert channels, Dartmouth College, Hanover, NH, USA, 2006.
9 M. Fakhredanesh and N. Sheikholeslami, Improvement of transteg over VoIP, J. Electron. Ind. (2019).
10 H. A. Moghadasi and M. Fakhredanesh, Speech steganography in wavelet domain using continuous genetic algorithm, J. Math. Comput. Sci. 11 (2014), 218-230.   DOI
11 X. Wang, S. Chen, S. Jajodia, Tracking anonymous peer-to-peer VoIP calls on the internet, in Proc. ACM Conf. Comput. Commun. Secur. (CCS'05), (New York, NY, USA), Nov. 2005, pp. 81-91.
12 S. S. Schmidt et al., A new data-hiding approach for IP telephony applications with silence suppression, in Proc. Availability, Reliab. Secur. (ARES '17), (Reggio Calabria, Italy), Aug. 2017.
13 K. Ahsan and D. Kundur, Practical data hiding in TCP/IP, in Proc. Workshop Multimed. Secur. Nov. 2002.
14 IETF | RFC 3711, Secure Real-Time Protocol (SRTP), 2004.
15 IETF | RFC 7201, Options for Securing RTP Sessions, 2014.
16 C. R. Forbes, A new covert channel over RTP, M.S. Thesis, Rochester Institute of Technology, Aug. 2009.
17 L. Bai et al., Covert channels based on jitter field of the RTCP header, in Proc. Int. Conf. Intell. Inform. Hiding Multimed. Signal, Process. (IIHMSP'08), (Harbin, China), Aug. 2008, pp. 1388-1391.
18 G. Shah and M. Blaze, Covert channels through external interference, in Proc. USENIX Conf. Offensive Technol. (Montreal, Canada), Aug. 2009, p. 3.
19 N. Aoki, Potential of value-added speech communications by using steganography, in Proc. Intell. Inform. Hiding Multimedia Signal Process. (IIHMSP'07), (Kaohsiung, Taiwan), Nov. 2007, pp. 251-254.
20 M. Fakhredanesh, R. Safabakhsh, and M. Rahmati, A model-based image steganography method using Watson's visual model, ETRI J. 36 (2014), 479-489.   DOI
21 M. Hamdaqa and L. Tahvildari, ReLACK: A reliable VoIP steganography approach, in Proc. Int. Conf. Secur. Softw. Integration Reliab. Improv. (SSIRI'11), (Jeju, Rep. of Korea), Aug. 2011, pp. 189-197.
22 US Department of Defense, DOD 5200.28-STD, Department of Defense Trusted Computer System Evaluation Criteria, Dec. 1985.
23 IETF | RFC 4568, Security Descriptions for Media Streams: Session Description Protocol (SDP), 2006.
24 S. Chen, X. Wang, and S. Jajodia, On the anonymity and traceability of peer-to-peer VoIP calls, IEEE Netw. 20 (2006), 32-37.
25 G Shah, A Molina, and M Blaze, Keyboards and covert channels, in Proc. USENIX Secur. Symp. (Berkeley, CA, USA), July 2006, pp. 59-75.
26 N. Aoki, VoIP packet loss concealment based on two-side pitch waveform replication technique using steganography, in Proc. IEEE Region 10 Conf. (TENCON'04), (Chiang Mai, Thailand), Nov. 2004, pp. 52-55.
27 L. Yinga et al., Novel covert timing channel based on RTP/RTCP, Chin. J. Electron., 21 (2012), no. 4, 711-714.
28 M. Fakhredanesh, M. Rahmati, and R. Safabakhsh, Steganography in the discrete wavelet transform based on the human visual system and cover model, Multimed. Tools Appl. 78 (2019), 118475-18502.