GAN Tunnel: Network Traffic Steganography by Using GANs to Counter Internet Traffic Classifiers

Fathi-Kazerooni, Sina; Rojas‐Cessa, Roberto

doi:10.1109/access.2020.3007577

Cited by 21 publications

(6 citation statements)

References 34 publications

(60 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In [6], an instruction masking method called Generative Adversarial Network (GAN) is proposed to secure the conventional instructions and traffic information generated by the system from being copied and tampered with in the power system. The GAN tunnel proposed in the article generates instructions that simulate real power allocation operations and encapsulates the actual system instructions in the simulated instructions generated by GAN.…”

Section: Related Workmentioning

confidence: 99%

An instruction level attack detection method for new power load system based on LSTM

Yao,

Zhang,

Fei

et al. 2024

J. Phys.: Conf. Ser.

View full text Add to dashboard Cite

To realize the efficient instruction level attack detection of the new power load resource management system under the load resource coordination and control interactive service scenario, this article proposes a novel LSTM adaptive sequence classification detection method combining MTM feature modeling and GAN countermeasure sample generation. In this method, the system operation instruction model based on MTM is established, and the generalized instruction features are expressed in detail. Simultaneously, large quantities of confrontation samples are generated by the GAN Network, which is similar to the real samples, and the problem of data imbalance in model training is solved. Finally, this paper proposes an adaptive coefficient-based LSTM for system instruction feature learning and testing and realizes the detection and recognition of hidden instruction level attacks in the new power load resource management system, which is more accurate and efficient than other methods.

show abstract

Section: Related Workmentioning

confidence: 99%

An instruction level attack detection method for new power load system based on LSTM

Yao,

Zhang,

Fei

et al. 2024

J. Phys.: Conf. Ser.

View full text Add to dashboard Cite

show abstract

“…Nevertheless, the hidden malware was detected by some other anti-virus scanners. Another malware steganography attach was presented by [ 29 ]. In the proposed steganography system, the identity of the malware was hidden by generating fake network traffic, which mimics benign application traffic.…”

Section: Literature Reviewmentioning

confidence: 99%

A Crypto-Steganography Approach for Hiding Ransomware within HEVC Streams in Android IoT Devices

Almomani

Alkhayer

El‐Shafai

2022

Sensors

View full text Add to dashboard Cite

Steganography is a vital security approach that hides any secret content within ordinary data, such as multimedia. This hiding aims to achieve the confidentiality of the IoT secret data; whether it is benign or malicious (e.g., ransomware) and for defensive or offensive purposes. This paper introduces a hybrid crypto-steganography approach for ransomware hiding within high-resolution video frames. This proposed approach is based on hybridizing an AES (advanced encryption standard) algorithm and LSB (least signification bit) steganography process. Initially, AES encrypts the secret Android ransomware data, and then LSB embeds it based on random selection criteria for the cover video pixels. This research examined broad objective and subjective quality assessment metrics to evaluate the performance of the proposed hybrid approach. We used different sizes of ransomware samples and different resolutions of HEVC (high-efficiency video coding) frames to conduct simulation experiments and comparison studies. The assessment results prove the superior efficiency of the introduced hybrid crypto-steganography approach compared to other existing steganography approaches in terms of (a) achieving the integrity of the secret ransomware data, (b) ensuring higher imperceptibility of stego video frames, (3) introducing a multi-level security approach using the AES encryption in addition to the LSB steganography, (4) performing randomness embedding based on RPS (random pixel selection) for concealing secret ransomware bits, (5) succeeding in fully extracting the ransomware data at the receiver side, (6) obtaining strong subjective and objective qualities for all tested evaluation metrics, (7) embedding different sizes of secret data at the same time within the video frame, and finally (8) passing the security scanning tests of 70 antivirus engines without detecting the existence of the embedded ransomware.

show abstract

“…This section highlights different steganography techniques presented in the literature [14][15][16][17][18][19][20][21][22][23][24][25][26][27][28]. Tab.…”

Section: Literature Reviewmentioning

confidence: 99%

“…However, the attacker output text file is restricted to 23 kB. Another network steganography application was proposed by [26], which implemented a masking technique to conceal the malware application identity. In the proposed scheme, the tunnel generates fake traffic that simulates normal network traffic encapsulating the actual malicious traffic.…”

Section: Literature Reviewmentioning

confidence: 99%

Novel Ransomware Hiding Model Using HEVC Steganography Approach

Almomani¹,

Alkhayer²,

El‐Shafai³

2022

Computers, Materials &Amp; Continua

View full text Add to dashboard Cite

Ransomware is considered one of the most threatening cyberattacks. Existing solutions have focused mainly on discriminating ransomware by analyzing the apps themselves, but they have overlooked possible ways of hiding ransomware apps and making them difficult to be detected and then analyzed. Therefore, this paper proposes a novel ransomware hiding model by utilizing a block-based High-Efficiency Video Coding (HEVC) steganography approach. The main idea of the proposed steganography approach is the division of the secret ransomware data and cover HEVC frames into different blocks. After that, the Least Significant Bit (LSB) based Hamming Distance (HD) calculation is performed amongst the secret data's divided blocks and cover frames. Finally, the secret data bits are hidden into the marked bits of the cover HEVC frame-blocks based on the calculated HD value. The main advantage of the suggested steganography approach is the minor impact on the cover HEVC frames after embedding the ransomware while preserving the histogram attributes of the cover video frame with a high imperceptibility. This is due to the utilization of an adaptive steganography cost function during the embedding process. The proposed ransomware hiding approach was heavily examined using subjective and objective tests and applying different HEVC streams with diverse resolutions and different secret ransomware apps of various sizes. The obtained results prove the efficiency of the proposed steganography approach by achieving high capacity and successful embedding process while ensuring the hidden ransomware's undetectability within the video frames. For example, in terms of embedding quality, the proposed model achieved a high peak signal-to-noise ratio that reached 59.3 dB and a low mean-square-error of 0.07 for the examined HEVC streams. Also, out of 65 antivirus engines, no engine could detect the existence of the embedded ransomware app.

show abstract

GAN Tunnel: Network Traffic Steganography by Using GANs to Counter Internet Traffic Classifiers

Cited by 21 publications

References 34 publications

An instruction level attack detection method for new power load system based on LSTM

An instruction level attack detection method for new power load system based on LSTM

A Crypto-Steganography Approach for Hiding Ransomware within HEVC Streams in Android IoT Devices

Novel Ransomware Hiding Model Using HEVC Steganography Approach

Contact Info

Product

Resources

About