Professional Documents
Culture Documents
Abstract:
Covert channel aims to hide the very existence of network communication between hosts.
Encryption only protects communication from being decoded by unauthorized parties,
whereas covert channels are used for secret transfer of information. This paper discusses
a novel covert file transfer protocol (CFTP) based on the IP record route option. The
CFTP protocol is used to secretly transfer text files and short messages between hosts.
Firewalls that limit the outgoing traffic to a few allowed application protocols (e.g. FTP)
can be circumvented by the CFTP protocol by making use of the ICMP header. The
proposed work is mainly intended for defense, business organizations and in every sector
where secrecy is the main concern. The hidden information exchanged by the CFTP
server and client cannot be identified by the hackers because the proposed IP packet will
be identical to the standard IP packet. To demonstrate the practical efficiency of the
proposed covert protocol, a user friendly tool based on the client/server technology is
recommended. Compared with related research, the contribution of our work is to
introduce a new generation of covert channels. It provides more sophisticated
communication channel that can be used for hiding information. This paper also makes
use of public key encryption – RSA algorithm to reinforce security features.
Introduction: sufficient to detect the onset of activity,
Covert channels are regarded as one of the discover organizational structures or justify
main sub disciplines of data hiding. Covert further investigation. Many applications of
channel is a channel that is used for secret covert channels like unused header field,
information transfer by hiding the very modulating address field and packet length
use communication means which are not unwanted nature, and therefore pose a
transfer and is neither designed nor intended Furthermore, because of increased measures
for network communication between hosts. against overt channels, such as the free
This property makes them quite elusive. transfer of memory storage devices in and
out of organizations, the use of covert
In computer networks, overt channels, such channels in computer networks will
as typical network protocols, are used as increase. Understanding existing covert
carriers for covert channels. Covert channels channel techniques is crucial to the
in computer network protocols are similar to development of countermeasures. The
techniques for hiding information in audio, detection, elimination, and capacity
visual or textual content (steganography). limitation of covert channels are challenging
While steganography requires some form of but need to be addressed to secure future
content as cover, covert channels require computer networks. In this paper, a new
some network protocols as carrier. covert channel technique that offers a covert
The utilization of covert channels for file transfer protocol (CFTP) based on the
communication and coordination is typically record route option of the IP header and
The principle of the covert channel: Figure 5. The format of the record route option in an
IP datagram
When the IP header option designates a
record route, the fields Code and Pointer Then, the value of the Pointer field in the IP
should be set to the values 7 and 4, header option is increased by 4.
respectively. The maximum value in the Consequently, the next router would write
Length field is 40 bytes. These fields and its IP address in the next 4-byte-field.
their corresponding values are listed in However, if the value of the Pointer field
Table 3. becomes greater than the value of the
Length field, then no more routers can write
their IP addresses.
Embedding process:
Advantages
Figure 7.(B) The different values of the Pointer field hidden messages which are assumed
used for the covert channel to be router IP addresses.
2. The proposed technique offers 40
Proposed algorithm for embedding data:
bytes of covert memory which is
Step 1:Get the secret data to be considerably larger than the 4 byte
transferred. size available in TCP based covert
Step 2: Convert the secret data into channel.
binary format. 3. The covert channel has to follow
Step 3: Encrypt the binary bits using restrictions and the rules imposed by
RSA algorithm. the TCP protocol including
Step 4: Process the encrypted data synchronization, flow control and
by using the substitution algorithm. congestion control. In contrast, the
proposed techniques can exclusively
rely on ICMP traffic to carry hidden ICMP packet types. Compared to
messages. related work, the novelty of the
4. The good rate of privacy, memory proposed protocol is that it provides
and flexibility provided by the a new generation of sophisticated
proposed covert channel. covert channels that can be used for
5. Confidentiality is provided by hiding information.. The hidden
making use of the public key information is packaged in the form
encryption – RSA algorithm. of IP addresses. However, it is
6. Confusion technique is given by possible for one to verify the validity
making use of the substitution of these IP addresses in the
algorithm and logical operation. connection path. Therefore, a public
key encryption – RSA algorithm
along with the substitution
techniques is used. This enhances the
Conclusion: level of security and favors secret
This paper discusses a novel covert file transfer.
file transfer protocol (CFTP) based
on the IP record route option used to References:
secretly transfer text files and short 1. Steganography and Steganalysis by
messages between hosts. It was Robert Krenn .
understood that even with a Sniffer, 2. Practical Data Hiding in TCP/IP by
the hidden information exchanged by Kamran Ahren, Kundur.
the CFTP server and client cannot be 3. Covert channel over TCP/IP and
identified. Since, the Sniffer’s users Protocol Steganography by Kashif
assume that the hidden information Ali Siddiqui
in the record route IP options is just a 4. .A survey of covert channels and
list of router IP addresses. In counter measures in computer
addition, to avoid the detection of the network protocols by
packet flow between the CFTP s.zander,G.Armitage,P.Branch.
server and client, the packets 5. S. Katzenbeisser and F. Petitcolas,
exchanged do not have the same “Information Hiding Techniques for
Steganography and Digital
Watermarking.”
6. S. Zander, G. Armitage, P. Branch.
“A Survey of Covert Channels and
Countermeasures in Computer
Network Protocols.”