Abstract
1-Overview of Detection Network Steganography
2-Related Works
3-A method of Detecting Storage Based Network Steganography Using Machine Learning
4-Installation and Experiments
5-Conclusions
6-References
Abstract
Today, the techniques of network steganography are widely applied. In addition to the outstanding advantages about the ability to hide and transmit secret information, it has a huge disadvantage that is being exploited by hackers to transmit information or communicate with the control host. Network steganography storage method is one of the network steganography techniques that is being much applied. Due to the characteristics of the storage based network steganography are different from other network steganography techniques, the detection of this techniques is difficult. The traditional tools and methods used to detect steganography are difficult to detect the signs of steganographic packets that use this technique. Therefore, in this paper, the authors propose using machine learning to detect abnormal behavior of steganographic packets.
Overview of Detection Network Steganography
In the document [1], Wojciech Mazurczyk et al. presented a number of network steganography techniques and classified them based on how the secret data are hidden into the carrier. Network steganography is classified into storage, timing and hybrid methods. Storage methods hide secret data in user data or by modifying protocol fields. Timing methods hide secret data in the protocol messages timing or the packets timing. Hybrid methods combine two methods. Storage methods are the most popular methods. In this paper, the authors propose the detection method of storage based network steganography. Each network steganography method can be characterized by three features: Steganography bandwidth: how much secret data one is able to send per time unit. Undetectability: an inability of an adversary to detect a stegano-gram inside a carrier. Robustness: the amount of alteration a stegano-gram can withstand without destroying the secret data. For each network steganography method, there is always a trade-off between maximizing steganography bandwidth and still remaining undetected (and retaining an acceptable level of robustness).