Aleksandra Mileva scite author profile

Steganography embraces several hiding techniques which spawn across multiple domains. However, the related terminology is not unified among the different domains, such as digital media steganography, text steganography, cyber-physical systems steganography, network steganography (network covert channels), local covert channels, and out-of-band covert channels. To cope with this, a prime attempt has been done in 2015, with the introduction of the so-called hiding patterns, which allow to describe hiding techniques in a more abstract manner. Despite significant enhancements, the main limitation of such a taxonomy is that it only considers the case of network steganography.Therefore, this paper reviews both the terminology and the taxonomy of hiding patterns as to make them more general. Specifically, hiding patterns are split into those that describe the embedding and the representation of hidden data within the cover object.This work is licensed under a Creative Commons Attribution International 4.0 License.

show abstract

Covert channels in TCP/IP protocol stack - extended version-

Mileva

Panajotov

2014

View full text Add to dashboard Cite

We give a survey of different techniques for hiding data in several protocols from the TCP/IP protocol stack.Techniques are organized according to affected layer and protocol. For most of the covert channels its data bandwidth is given. IntroductionAn overt channel is a communication channel within a computer system or network, designed for the authorized transfer of data. A covert channel (first introduced by Lampson [62]), on the other hand, is any communication channel that can be exploited by a process to transfer information in a manner that violates the systems security policy [26]. Any shared resource can potentially be used as a covert channel. Covert channels can be divided primarily in storage and timing channels. In a case of the storage channels, usually one process writes (directly or indirectly) to a shared resource, while another process reads from it. Timing channel is essentially any technique that conveys information by the timing of events, in which case the receiving process needs a clock. Special timing covert channel is counting channel which carries data by counting the occurrences of certain events [44].Additionally, timing channels can be active if they generate additional traffic or passive if they manipulate the timing of existing traffic. As any other communication channel, covert channel can be noisy or noiseless.According to the number of information flows between the sender and the receiver -several or one, there are aggregated and non-aggregated covert channels [36]. According to the presence or absence of the intermediate node in the communication, covert channels can be indirect or direct. Payload tunnel is a covert channel, where one protocol is tunnelled in the payload of the other protocol. Covert channels are studied as a part of the science * E-mail: aleksandra.mileva@ugd.edu.mk † E-mail: boris.panajotov@ugd.edu.mk steganography, and different steganographic methods used in telecommunication networks are known as network steganography.The adversary model is based on the Simmons prisoner problem [105]: two parties want to communicate confidentially and undetected over an insecure channel, the warden. The warden can be passive -which monitor traffic and report when some unauthorized traffic is detected, or active -which can modify the content of the messages with the purpose of eliminating any form of hidden communication. Simmons introduced the term subliminal channel, a variant of covert channel which uses cryptographic algorithm or protocol for hiding messages. A composition of covert channel with subliminal channel is the hybrid channel.Covert channels can be analysed by the total number of steganogram bits transmitted during a second (Raw Bit Rate -RBR), or by the total number of steganogram bits transmitted per PDU (for example, Packet Raw BitRate-PRBR) [78]. In ideal case, if no packets are lost, capacity of some storage channels can be expressed as Steganography in Internet layerInternet Protocol (IP) is the primary protocol in the TCP/IP protocol stack, ...

show abstract

Comprehensive analysis of MQTT 5.0 susceptibility to network covert channels

Mileva

Velinov

Hartmann

et al. 2021

Computers & Security

View full text Add to dashboard Cite

Covert Channels in the MQTT-Based Internet of Things

et al. 2019

View full text Add to dashboard Cite

Network covert channels are a part of the information hiding research area that deals with the secret transfer of information over communication networks. Covert channels can be utilized, for instance, for data leakage and stealthy malware communications. While data hiding in communication networks has been studied within the last years for several major communication protocols, currently no work is available that investigates covert channels for the publish-subscriber model. To fill this gap, we present the first comprehensive study of covert channels in a protocol utilizing the publish-subscriber model, i.e., the Message Queuing Telemetry Transport (MQTT) protocol which is widely deployed in Internet of Things (IoT) environments. In particular, we describe seven direct and six indirect covert channels and we evaluate and categorize them using the network information hiding patterns approach. Finally, in order to prove that MQTT-based covert channels are practically feasible and effective, we implement the chosen data hiding scheme and perform its experimental evaluation. INDEX TERMS MQTT, network steganography, network covert channels, data hiding, information hiding, IoT.

show abstract

Analysis of the Authenticated Cipher MORUS (v1)

Mileva

Dimitrova

Velichkov

2016

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.