The method of hidden terminal transmission of network attack signatures
Автор: Igor Ruban, Nataliia Lukova-Chuiko, Vadym Mukhin, Yaroslav Kornaga, Igor Grishko, Anton Smirnov
Журнал: International Journal of Computer Network and Information Security @ijcnis
Статья в выпуске: 4 vol.10, 2018 года.
Бесплатный доступ
This article is proposes a new approach to the transmission of signatures of network attacks onto a remote Internet resource. The problem is that the known protocols that are used for transfer data and control actions from an administrative resource to a network agents are poorly protected. Even in case of use of cryptographic mechanisms for organization of secure connections, it is possible to form behavioral patterns of interactions such as "administrative resource - network agents." Such templates allow to predict the actions taken in accordance with the security policy in order to maintain the required level of functionality of a remote Internet resource. Thus, it is necessary to develop a new protocol for the transfer of designated information, based on information technology, which level out the existence of opportunities for the formation of behavioral patterns of network interactions. As such technology, it is proposed to use a set of means of network interaction and some methods of hidden (steganographic) data transmission in information and telecommunication networks.
Steganography, network steganography, hidden data transfer, covert channels
Короткий адрес: https://sciup.org/15015589
IDR: 15015589 | DOI: 10.5815/ijcnis.2018.04.01
Список литературы The method of hidden terminal transmission of network attack signatures
- Mazurczyk W. Steganography of VoIP Streams / W. Mazurczyk, K. Szczypiorski. – Warsaw University of Technology, Faculty of Electronics and Information Technology, Institute of Telecommunications [Electr. resource]. – Accessed to: http://arxiv.org/pdf/0805.2938v1/.
- Szczypiorski К. HICCUPS: Hidden Communication System for Corrupted Networks / K. Szczypiorski – Warsaw University of Technology, Institute of Telecommunications [Electr. resource]. – Accessed to: http://krzysiek.tele.pw.edu.pl/pdf/acs2003-hiccups.pdf.
- Kundur D., Ahsan K., Practical Internet Steganography: Data Hiding in IP, Proc. Texas Wksp. Securit of Information Systems, Apr. 2003 [Electr. resource]. – Accessed to: http://arxiv.org/pdf/1207.0917.pdf.
- E. Cauich, R. Gómez Cárdenas, R. Watanabe. Data Hiding in Identification and Offset IP Fields. In Proceedings of 5th International School and Symposium of Advanced Distributed Systems (ISSADS), jan. 2005. – P. 118-125 [Electr. resource]. – Accessed to: http://webdia.cem.itesm.mx/ac/raulm/netsec/ prod_cientifica/2005/DataHidingIPHeader.pdf.
- Hiding data in the OSI network model. Theodore G. Handel, Maxwell T. Sandford II [Electr. resource]. – Accessed to: https://static-content.springer.com/lookinside/chp%3A10.1007%2F3-540-61996-8_29/000.png.
- Jankowski B., Mazurczyk W., Szczypiorski K., PadSteg: Introducing Inter-Protocol Steganography - In: Telecommunication Systems: Modelling, Analysis, Design and Management, Volume 58: 1-2 January/February 2015, ISSN: 1018-4864 (print version), ISSN: 1572-9451 (electronic version), Springer US, Journal no. 11235.
- Stanev S., Szczypiorski K., International Journal of Electronics and Telecommunications, Volume 62, Issue 3, Pages 315–318, ISSN (Online) 2300-1933, DOI: https://doi.org/10.1515/eletel-2016-0043.
- Murdoch S.J., Lewis S., Embedding Covert Channels into TCP/IP. Information Hiding (2005) 247-267.
- "Internet protocol – DARPA Internet Program Protocol Specification" RFC-791 USC/Information Sciences Institute, September 1981 [Electr. resource]. – Accessed to: http://www.rfc-base.org/txt/rfc-791.txt.
- "Internet protocol – DARPA Internet Program Protocol Specification" RFC-793 USC / Transmission control protocol, September 1981 [Electr. resource]. – Accessed to: https://tools.ietf.org/html/rfc793.
- "Internet protocol – DARPA Internet Program Protocol Specification". RFC-792. Internet Control Message Protocol - IETF Tools, September 1981. [Electr. resource]. – Accessed to: https://tools.ietf.org/html/rfc79.
- Ruban, I., Smirnov A., The TCP-connections processing model for steganographic data transfer in information telecommunication networks. Modern Information Technologies in the Sphere of Security and Defence 3(24), Pages 108–112, ISSN 2311-7249 (Print) / ISSN 2410-7336 (Online), Kyiv, Ukraine 2015.
- "Internet protocol – DARPA Internet Program Protocol Specification". RFC-3550. A Transport Protocol for Real-Time Applications, July 2003. [Electr. resource]. – Accessed to: https://tools.ietf.org/html/rfc3550 .
- "Internet protocol – DARPA Internet Program Protocol Specification". RFC-768. User Datagram Protocol, 28 August 1980. [Electr. resource]. – Accessed to: https://tools.ietf.org/html/rfc768.
- "Internet protocol – DARPA Internet Program Protocol Specification". RFC-4961. Symmetric RTP / RTP Control Protocol (RTCP), July 2007. [Electr. resource]. – Accessed to: https://tools.ietf.org/html/rfc4961.
- Dhobale, D.D., Ghorpade, V.R., Patil, B.S., et al.: Steganography by hiding data in TCP/IP headers. In: Paper presented at the 3rd International Conference on Advanced Computer Theory and Engineering (ICACTE) (August 2010).
- Mukhin V.Ye. The Forming of Trust Level to the Nodes in the Distributed Computer Systems. / V.Ye. Mukhin, A.Ye.Bidkov, Vu Duc Thinh // Proc. of XIth International Conference “Modern Problems of Radio Engineering, Telecommunications and Computer Science TCSET’2012”. Lvov–Slavsko, 21-24 February 2012. – p.362.
- Mukhin V. Adaptive approach to safety control and security system modification in computer systems and networks / V. Mukhin // Proc. of 5th IEEE Int. Workshop on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications, IDAACS' 2009. Rende (Cosenza), Italy, 21-23 Sept. 2009. – pp.212–217.
- Hu Z. Distributed Computing System Resources Control Mechanism Based on the Network-Centric Approach / Z. Hu, V. Mukhin, Ya. Kornaga, O. Herasymenko, Ya. Lavrenko // I.J. Intelligent Systems and Applications, (IJISA). – 2017. – Vol.9. – No.7. – pp.41-51. doi: 10.5815/ijisa.2017.07.05.
- Hu Z. Analytical Assessment of Security Level of Distributed and Scalable Computer Systems / Z. Hu, V. Mukhin, Ya. Kornaga, Ya. Lavrenko, O. Barabash, O. Herasymenko // International Journal of Intelligent Systems and Applications (IJISA). – 2016. – Vol.8. – No.12. – pp.57-64. DOI: 10.5815/ijisa.2016.12.07.
- V.Ye. Mukhin. The Security Mechanisms for Grid Computers.// Proc. of the 4th IEEE Workshop on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications (IDAACS’2007), Dortmund, Germany, 6-8 September 2007. – pp. 584-589.