Abstract
The paper presents an idea and experimental results for RSTEG (Retransmission Steganography), which is an intra-protocol hybrid network steganography method. It is intended for a broad class of protocols that utilises retransmission mechanisms. RSTEG enables hidden communication by not acknowledging a successfully received packet in order to intentionally invoke retransmission. The retransmitted packet carries a steganogram instead of user data in the payload field. Experimental results for TCP-based RSTEG traffic analysis are enclosed which were focused on measuring steganographic bandwidth and influence on TCP network traffic in terms of undetectability.
Article PDF
Similar content being viewed by others
References
Jankowski, B., Mazurczyk, W., & Szczypiorski, K. (2010). Information hiding using improper frame padding. In Proc. of 14th international telecommunications networks strategy and planning symposium (NETWORKS), 27–30 September 2010 (pp. 77–82). ISBN 978-1-4244-6703-7.
Szczypiorski, K. (2003). HICCUPS: hidden communication system for corrupted networks. In Proc. of: ACS’2003, Miedzyzdroje, Poland, October 22–24, 2003 (pp. 31–40).
Berk, V., Giani, A., & Cybenko, G. Detection of covert channel encoding in network packet delays (Tech. Rep. TR2005-536). Department of Computer Science, Dartmouth College, Nov. 2005. URL: http://www.ists.dartmouth.edu/library/149.pdf.
Mazurczyk, W., Smolarczyk, M., & Szczypiorski, K. (2009). Retransmission steganography and its detection. Soft Computing, 15(3), 505–515.
Mazurczyk, W., Smolarczyk, M., & Szczypiorski, K. (2010). Retransmission steganography applied. In Second international workshop on network steganography (IWNS) co-located with the 2010 international conference on multimedia information networking and security (MINES 2010), Nanjing, China, November 4–6, 2010.
Rewaskar, S., Kaur, J., & Smith, F. (2007). A performance study of loss detection/recovery in real-world TCP implementations. In Proc. of the IEEE international conference on network protocols, ICNP 2007, Beijing, China, October 16–19, 2007 (pp. 256–265). ISBN 1-4244-1588-8.
Chen, C., Mangrulkar, M., Ramos, N., & Sarkar, M. Trends in TCP/IP retransmissions and resets. (Technical Report). URL: http://www-cse.ucsd.edu/classes/wi01/cse222/projects/reports/tcp-flags-13.pdf.
Fisk, G., Fisk, M., Papadopoulos, C., & Neil, J. (2002). Eliminating steganography in Internet traffic with active wardens. In Lecture notes in computer science: Vol. 2578. 5th international workshop on information hiding (pp. 18–35).
Stone, J., & Partridge, C. (2000). When the CRC and TCP checksum disagree. In Proc. of SIGCOMM 2000 September 2000.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
Open Access This is an open access article distributed under the terms of the Creative Commons Attribution Noncommercial License (https://creativecommons.org/licenses/by-nc/2.0), which permits any noncommercial use, distribution, and reproduction in any medium, provided the original author(s) and source are credited.
About this article
Cite this article
Mazurczyk, W., Smolarczyk, M. & Szczypiorski, K. On information hiding in retransmissions. Telecommun Syst 52, 1113–1121 (2013). https://doi.org/10.1007/s11235-011-9617-y
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11235-011-9617-y