Covert Channel in RTP Payload Using a Pointer in Sip Header

  • Miroslav Voznak
  • Ivo Zbranek
  • Miralem Mehic
  • Dan Komosny
  • Homero Toral-Cruz
  • Jerry Chun-Wei Lin
Keywords: steganography, VoIP, RTP, payload, SIP, pointer

Abstract

The paper addresses the issue of hiding data in the network flow. The authors discuss a new proposal of the steganographic approach in IP telephony: transmitting texts using the pointer in the SIP header by means of a data stream within the RTP protocol. This method is based on tagging the binary sequences in payload of the RTP packets, with the individual binary sequences representing individual steganogram characters. Subsequently, the position of the binary sequences is recorded in the SIP header in the Via field and the branch parameter. The proposed way of hidden data transmission cannot be detected by existing anomaly detectors; and does not represent an approach to statistical detection of covert channels. In fact, it is a new contribution to covert communication in ordinary VoIP traffic.

Author Biographies

Miroslav Voznak

VSB-Technical University of Ostrava, Czech Republic

Ivo Zbranek

VSB-Technical University of Ostrava, Czech Republic

Miralem Mehic

VSB-Technical University of Ostrava, Czech Republic

Dan Komosny

Brno University of Technology, Czech Republic

Homero Toral-Cruz

University of Quintana Roo, Mexico

Jerry Chun-Wei Lin

School of Computer Science and Technology, Harbin Institute of Technology Shenzhen Graduate School, Shenzhen, China

Published
2016-02-29
How to Cite
Voznak, M., Zbranek, I., Mehic, M., Komosny, D., Toral-Cruz, H., & Lin, J. C.-W. (2016). Covert Channel in RTP Payload Using a Pointer in Sip Header. Communications - Scientific Letters of the University of Zilina, 18(1), 40-47. Retrieved from http://journals.uniza.sk/index.php/communications/article/view/376
Issue
Vol 18 No 1 (2016)
Section
Articles