View
218
Download
0
Category
Preview:
Citation preview
PROTOTYPE DEVELOPMENT OF VOIP STEGANOGRAPHY
ABDULALEEM ZAID MOHAMMED AL-OTHMANI
A project report submitted in partial fulfillment of the
requirements for the award of the degree of
Master of Computer Science (Information Security)
Faculty of Computer Science and Information Systems
Universiti Teknologi Malaysia
NOVEMBER 2009
ii
Dedication
Dedicated to
My beloved parents, my darling supportive wife, my gorgeous daughter, my dearest
siblings and to all whom were beside me
iii
ACKNOWLEDGEMENT
First and foremost praise and gratitude be to ALLAH, almighty, without
whose gracious help it would have been impossible to accomplish this work.
I was extraordinarily fortunate in having Prof. Dr. Azizah Bt. Abd Manaf as
my supervisor in UTM. I would like to express my gratitude and appreciation to her,
who has supported me throughout my project with her patience and knowledge
whilst allowing me the room to work in my own way. I attribute the level of my
Masters degree to her encouragement and effort and without her this project, too,
would not have been completed or written. One simply could not wish for a better or
friendlier supervisor.
Many thanks to each lecturer in UTM-CASE, they were my guidance to
achieve my goals, they gave me all the support I need and were always kind. My
entire study in this honorable institute was an everyday opportunity to acquire fine
knowledge.
Furthermore, my special thanks go to my friend and colleague Saeed
AlQahtani for his indispensable advices, valuable assistance and sincere
companionship.
Finally and most importantly, words fail me to express my appreciation to my
wife whose dedication, love and persistent confidence in me, has taken the load off
my shoulder. I owe her for being unselfishly let her intelligence, passions, and
ambitions collide with mine. I am deeply and forever indebted to my parents for their
inseparable support, love and prayers throughout my entire life. I am also very
grateful to all my brothers and sisters.
iv
ABSTRACT
Information Security has evolved significantly over the last decade and even
more quickly over the last few years. Most organizations recognize that one of their
most important assets is their data. Steganography is an effective means of hiding
secret data, thereby protecting the data from unauthorized or unwanted viewing.
Indeed, along with encryption, steganography is one of the fundamental ways by
which data can be kept confidential. Hiding the desired secret information in
seemingly innocent multimedia files or medium will avoid the need to secure
communication channel when sending secret messages. The biggest challenge to
steganography is how to increase the amount of information to be embedded in the
host channel without affecting the properties of that channel while keeping this secret
transmission invisible to unauthorized parties. To face this challenge, many methods,
media, techniques and algorithms are being introduced. One of the new and
promising communication medium that can be used as a host for steganography is
Voice over Internet Protocol. VoIP is a form of communication that allows people to
make phone calls over an internet connection instead of typical analogue telephone
lines. VoIP characteristics, such as, real-time transmission, bi-directional nature and
vast amount of data make it very appropriate medium to hide secret data. Few recent
researches were conducted to elucidate the steganography techniques and theories
that can be applied on VoIP. This project concerns available steganographic
techniques that can be used for creating covert channels for VoIP streams. Based on
that, the proposed prototype is configured to apply some of these techniques in lab
environment. Consequently, some suggested improvements and techniques are
introduced in this project report to enhance VoIP steganography.
v
ABSTRAK
Keselamatan maklumat telah berevolusi pesat selama sedekad lalu, lebih-
lebih lagi beberapa tahun kebelakangan ini. Kebanyakan organisasi sedia maklum
bahawa salah satu aset terpenting mereka ialah data. “Steganography” ialah salah
satu asset cara berkesan untuk menyembunyikan data sulit dan melindunginya dari
dilihat oleh pihak yang tidak berkenaan. Bersama “encryption”, “steganography”
adalah salah satu langkah asas agar data kekal sulit. Dengan menyembunyikan data
sulit di dalam fail multimedia biasa atau medium yang normal, saluran komunikasi
tidak perlu dikawal ketat apabila menghantar mesej rahsia. Cabaran terbesar untuk
“steganography” ialah bagaimana untuk menambah saiz informasi yang boleh
dimasukkan ke dalam “host channel” dan pada masa yang sama mengekalkan ciri-
ciri saluran tersebut supaya ia tidak dapat dilihat oleh pihak yang tidak berkenaan.
Pelbagai cara, media, teknik dan algoritma sedang diperkenalkan untuk menghadapi
cabaran ini. Salah satu daripada medium komunikasi yang baru dan berpotensi untuk
digunakan sebagai perumah untuk “steganography” ialah “Voice over Internet
Protocol”. VoIP ialah satu bentuk komunikasi “online” di mana pengguna boleh
membuat panggilan telefon menggunakan Internet. Ciri-ciri VoIP iaitu “real-time
transmission”, “bi-directional nature” dan jumlah data yang banyak membuatkan ia
medium yang sesuai untuk menyembunyikan data sulit. Beberapa kajian terbaru telah
dijalankan untuk menerangkan teori dan teknik “steganography” yang boleh
digunakan untuk VoIP. Projek ini ialah berkenaan teknik “steganography” sedia ada
yang boleh digunakan untuk mencipta saluran rahsia untuk VoIP. Berdasarkan teknik
ini, satu prototaip cadangan telah dibina untuk mempraktikkan beberapa teknik
tersebut di dalam “lab environment”. Seterusnya, beberapa cadangan
pengubahsuaian dan teknik diperkenalkan dalam laporan projek ini untuk
memperbaiki VoIP “steganography”.
vi
TABLE OF CONTENTS
CHAPTER TITLE PAGE
declaration I
DEDICATION II
ACKNOWLEDGEMENT III
ABSTRACT IV
ABSTRAK V
TABLE OF CONTENTS VI
LIST OF TABLES IX
LIST OF FIGURES X
1 INTRODUCTION 1
1.1 Overview 1
1.2 Background of the Problem 2
1.3 Problem Statement 3
1.4 Project Aim 4
1.5 Project Objectives 4
1.6 Project Scope 5
1.7 Summary 6
2 LITERATURE REVIEW 7
2.1 Introduction 7
2.2 Voice over Internet Protocol 8
2.2.1 Definition 8
2.2.2 Historical Background of VoIP 8
2.2.3 Background Concepts 10
2.2.4 VoIP Benefits and Challenges 17
vii
2.2.5 VoIP Architecture 21
2.2.6 VoIP Solution Components 25
2.2.7 VoIP Protocols and Communication Flow 26
2.2.8 Establishing VoIP Connections with H.323 36
2.2.9 Establishing VoIP Connections with SIP 37
2.3 Steganography 39
2.3.1 Definition 39
2.3.2 Uses of Steganography 40
2.3.3 History of Steganography 41
2.3.4 Digital Steganography 42
2.3.5 Steganography Capacity and Robustness 43
2.3.6 Audio steganography 44
2.3.7 Digital Audio Signal 46
2.3.8 Methods of Audio Steganography 47
2.3.9 Real-Time steganography 50
2.4 VoIP Steganography 54
2.4.1 Previous Researches 54
2.5 Summary 58
3 RESEARCH METHODOLOGY 59
3.1 Introduction 59
3.2 Research Approach 60
3.3 Research Phases and Procedure 61
3.3.1 Study and Analyze 61
3.3.2 Prototype Design and Implementation 63
3.3.3 Suggestions for Capacity Enhancement 67
3.4 Summary 67
4 PROTOTYPE DESIGN AND IMPLEMENTATION 68
4.1 Introduction 68
4.2 VoIP Call 69
4.2.1 Initialize VoIP Call 69
4.2.2 VoIP Conversation 72
4.2.3 Ending VoIP Call 75
viii
4.3 Embedding and Extracting 75
4.3.1 Embedding Process 75
4.3.2 Extracting Process 77
4.4 Voice Waveforms Drawing 79
4.5 Presenting Results 81
4.6 Summary 81
5 RESULTS AND DISCUSSION 83
5.1 Introduction 83
5.2 Current Relevant Steganography Techniques 83
5.3 Testing Approaches and Methods 85
5.3.1 Program Performance 86
5.3.2 Results Listing and Analyzing 86
5.4 Limitations of LSB Steganography Technique 94
5.5 Suggested Steganography Techniques 94
5.6 Summary 96
6 CONCLUSION AND FUTURE WORK 97
6.1 Introduction 97
6.2 Project Summary and Conclusion 98
6.3 Meeting Research Objectives 98
6.4 Project Contribution 99
6.5 Future Work 99
6.6 Summary 100
REFERENCES 102
ix
LIST OF TABLES
TABLE NO. TITLE PAGE
2-1 ITU Encoding Standards 15
2-2 Common VoIP Audio Codecs 52
5-1 Summary Comparison between Steganography Techniques 85
5-2 Initial Comparison between LSB Techniques 89
5-3 Result of Hiding 100bytes of Secret Data 90
5-4 Result of Hiding 1KB of Secret Data 91
5-5 Result of Hiding 4KB of Secret Data 91
5-6 Result of Hiding 8KB of Secret Data 92
5-7 Suggested VoIP Techniques 95
x
LIST OF FIGURES
FIGURE NO. TITLE PAGE
2.1 Packetization of Voice Traffic 16
2.2 Network Stack 22
2.3 VoIP Stack and Protocols 27
2.4 An RTP Data Transfer Packet 28
2.5 RSVP Merge 33
2.6 H.323 Call Setup Process 37
2.7 SIP Proxy Operation 38
2.8 SIP Redirector Server 38
2.9 Conflicting Requirements for Data Hiding 43
2.10 Audio Signal Coding 46
2.11 Hidden Communication Scenarios for VoIP 56
3.1 Research Phases 61
3.2 Prototype Main Tasks 65
4.1 Prototype Design Phases 68
4.2 Prototype General Architecture 69
4.3 Receiver may accept or reject INVITE message 70
4.4 Messages of VoIP Call 70
4.5 Flowchart of "Send" Threat 73
4.6 Flowchart of "Receive" Threat 75
4.7 Flowchart of Embedding Process (1 LSB) 76
4.8 Replacement of 1 LSB in Embedding Function 77
4.9 Flowchart of Extracting Process (1 LSB) 78
4.10 Screenshot of Waveform Drawing of VoIP Prototype 79
xi
4.11 Screenshot of Prototype GUI Showing Call Results 81
5.1 Screenshot of Prototype Call Waveforms 88
5.2 “Time Used” Measure 92
5.3 “Used VoIP Segments” Measure 93
5.4 “Time Used” Measure 93
CHAPTER 1
INTRODUCTION
1.1 Overview
Steganography is the process of hiding secret data inside other, normally
transmitted data. In other words, as defined by [40] steganography means hiding of a
secret message within an ordinary message during sending or transmission phases
and its extraction at the destination point. Ideally, anyone scanning this information
will fail to know whether it contains covert data or not.
Steganography applications conceal information in other, seemingly innocent
media. Steganographic results may masquerade as other file for data types, be
concealed within various media, or even hidden in network traffic or disk space. We
are only limited by our imagination in the many ways information and data can be
exploited to conceal additional information [49].
Steganographic techniques for hiding messages have been around for as long
as cryptography and have evolved with technology. One of major advantages of
steganography over simply scrambling messages using cryptographic techniques is
that probable eavesdroppers don't know what to listen to and whether there is a
hidden data or not [23]. A covert channel is one of the most popular steganographic
techniques that can be applied in the networks.
2
The covert channel offers an opportunity to manipulate certain properties of
the communications medium in an unanticipated, unconventional, or unforeseen
way, in order to transmit information through the medium without detection by
anyone other than the entities operating the covert channel [40].
Voice over Internet Protocol (VoIP), or IP telephony, is defined by [1] as a
general term for a family of transmission technologies for delivery of voice
communications over IP networks such as the Internet or other packet-
switched networks".
At the present time, VoIP is one of the most popular services in the Internet.
It was introduced to the telecommunication market and since then, changed it
completely and gradually. As it is used worldwide more freely, the traffic volume
that it generates is still increasing. Because of its popularity, it is becoming a natural
target for steganography. That is why VoIP is appropriate to enable hidden
communication throughout IP networks [40]. This new area and medium of
steganography is going to be one of the most popular media to be used to hide data
over internet networking due to the relatively huge amount of data that could be
hidden, the real time nature of VoIP calls and the bi-directional capability that is
provided by such transmission.
1.2 Background of the Problem
No real-world steganographic method is perfect: no matter what the method
is, the hidden information can be potentially revealed. Generally, the more hidden
information is inserted into the normally transmitted data, the greater the chance it
will be detected [43].
Because the number of steganographic methods and mechanisms which are
applicable on VoIP streaming is large, steganography in VoIP should be considered
3
as an excellent, secure and efficient way to hide data over IP networking. Moreover,
the fact that until now there is no single method to detect hidden data within VoIP
streaming, VoIP steganography should be considered safe and invulnerable for more
few years ahead.
Like conventional steganography, VoIP steganography techniques can be
unsafe to organizations because of the risk of confidential information leakage [28].
These are also the reasons that make some researchers suggested that VoIP
steganography should be treated as a threat to public security. It is thus important to
understand the essential nature of various steganographic methods and, in effect, be
able to construct effective steganalysis solutions.
Nevertheless, for good purposes, it is very useful to identify and find out
better steganographic techniques and approach or to improve the existing ones to
make hiding data within VoIP streams more secure, efficient and practical.
1.3 Problem Statement
Mazurczyk and Szczypiorski [44] stated that securing Internet Telephony is a
complex process. This not only means the ability to make secure conversation
between two communicating parties, but also the security of signaling messages used
to make this call possible at all. It may also means the security of the steganographic
or watermarking channels that may be used within the VoIP streaming signals.
Providing methods and techniques to hide data in a very popular medium like
VoIP is a challenging goal. It is obvious that there are limitations on the amount of
secret data that should be buried in VoIP streaming without affecting the overall
voice stream during VoIP call. The fact that there are limitations on the rate of covert
data makes it harder to introduce secure and practical techniques which provide
4
larger rate of impeded data. In addition, [16] stated that if covert data rate is too high
it may cause voice quality deterioration and increased risk of detection.
The problem that this project is proposed to solve is how to provide or
suggest efficient VoIP steganography techniques or improvements to increase the
rate of the impeded secret data within VoIP stream without effecting the overall
conversation process of the VoIP calls? How VoIP steganography system that
applies one or more of these enhanced techniques could be implemented, keeping in
mind that, to my best knowledge, until now, there is no known such system?
1.4 Project Aim
While the overall idea of using steganography to implement covert
communications is not new, burying hidden message in internet phone calls
represents the latest evolution of steganography [23].
The main aim of this project is to implement a simple prototype by utilizing
some steganography techniques on VoIP streaming in order to investigate how to
increase the overall rate of covert data without affecting the voice quality and with
less rate of detection.
These investigations will be done in accordance with what have been found
by other researchers in this field, even though it is still a very new area of research
and there is only very small number of researches on this subject.
1.5 Project Objectives
The objectives of this project are:
5
1. To study VoIP steganography, analyze its current techniques and discuss their
performance in terms of capacity.
2. To develop a simple lab-based system that performs VoIP steganography
using one or more LSB techniques to illustrate the VoIP steganography
process.
3. To suggest effective ways to improve the capacity of covert data in VoIP
steganography.
1.6 Project Scope
VoIP steganography covers a wide range of information hiding techniques;
including popular techniques based on IP or TCP and others protocols. The main
idea is to use free, redundant or unused fields of these protocols [43].
There are many techniques that could be used to hide communications in
various layers of VoIP traffic. One of them is by taking advantage of unused or
rarely used data fields.
In this research, I will study available covert channels that may be utilized for
hidden communication for SIP protocol used as a signaling protocol for VoIP
service. Moreover, new steganographic methods that were introduced very recently
will be studied in this project. For each of these methods, this research will estimate
potential bandwidth to later evaluate how much information may be transferred in a
typical IP telephony call. I will study also the ability to use the payload of the voice
packets in VoIP real-time steganography process.
As mentioned before, this project program will be designed and implemented
to work in a lab-based environment. This means, the VoIP call will be limited to two
hosts using point-to-point connection with static IP addresses. This is different from
the real life VoIP applications which use client-server calls. As a result, the system
6
will be based on LAN network which provides an environment with almost zero
noise. This will greatly help to get better VoIP steganography performance and
correctness. Due to the complexity of VoIP steganography, only specific basic types
of visual and statistical measures will be considered.
The most important success factors of this project are keeping the overall
changes of the VoIP stream very small so that they can be hardly noticed while
embedding a large amount of covert data and providing maximum extraction of the
hidden information.
1.7 Summary
In this chapter, an introduction to this project is provided as well as the aim,
and objectives of this project. The underlying background of the problem was
explained as the reason to choose this topic of the project. The scope of this project
was identified and the problem statement was declared.
Recommended