Stego-marking packets to control information leakage on TCP /IP based networks

Eric Cole, Pace University

Abstract

As more and more companies and people utilize the Internet, security must continue to increase. The problem is that the Internet and most associated networks are built on the TCP/IP protocol stack. This protocol stack is inherently non-secure, but since it is in such widespread use it cannot be changed. Everyone jumped on the Internet bandwagon, looking at the gains in functionality and commerce, without paying attention to the security issues associated with such communication. Some efforts to fix the security have proposed adding a new layer to the protocol stack. This addresses the problem to an extent but opens up a whole new set of problems regarding standards and implementation. Also, this approach mainly addresses the confidentiality of data and overlooks the other two important areas of security: integrity and availability. Since the TCP/IP protocol stack was designed over 30 years ago, some fields that were included are not readily used today. What if these fields were used to embed a limited amount of information, which in turn could help address some of the security issues inherent in the protocol? ^ Steganography, or data hiding, is a relatively new field of study. Most research has focused on hiding information within various files and ways to detect the information. Minimal research has applied this field to network-based traffic. Most of the work has been on the offensive side: hiding information to bypass security devices. However, network steganography can also be used for defensive network traffic. Information could be embedded within packets to help determine whether certain types of traffic are allowed into a network. This approach does not solve all of the current security problems, but it would help increase the current security on most networks. The goal is to design a system combining network steganography with digital watermarking—stego-marking—to determine whether certain packets are to be trusted. This evaluation can be used to determine whether packets should be allowed out of or into a network. This system would work with other packet-filtering devices like routers and firewalls. Since the system would use existing fields to embed the information, it would be relatively easy to configure and to block sensitive network traffic. ^

Subject Area

Computer Science

Recommended Citation

Eric Cole, "Stego-marking packets to control information leakage on TCP /IP based networks" (January 1, 2004). ETD Collection for Pace University. Paper AAI3127379.
http://digitalcommons.pace.edu/dissertations/AAI3127379

Share

COinS

Remote User: Click Here to Login (must have Pace University remote login ID and password. Once logged in, click on the View More link above)