Important concept since the ancient time
Steganography has been an important concept since the ancient time, and now in the modern era it has emerged as an important concept for digital watermarking and copyright. Generally, the steganography is implemented under text, image, audio, and video. But, along with the improvement in internet technology, various ways of implementing steganography on VoIP are being proposed. The motivation behind this proposal is its use in military, detective applications and copyrights in the world of VoIP communications. Moreover, implementing steganography is the first step toward steganalysis - the methods to detect and block steganography for bad purpose. If VoIP steganography is implemented in military applications, the data can be sent across the world without even being noticed. If it is used in detective services, confidential data can be sent underway while talking over the VoIP call. For applications such as “Skype”, this can be used for copyright - A hidden copyright material can be available under the ongoing VoIP call.
Along with improvements in network and VoIP technology, steganography has emerged as a parallel technology . The primary aim of network steganography is to establish a covert channel such that hidden data can be sent through this covert channel without being noticed. For example, secret data can be transferred within jpeg files by using the least significant bits to carry it . As the least significant bits are only used, the hidden data have less impact on the appearance of the images. Similarly, messages can also be steganographed in the audio/video files.
The VoIP steganography can be divided into three groups (based on ) as shown in Fig 1:
1). Modification of packets:
Here the headers or payload fields of the networking protocols are used for steganography. For example, the unused or redundant header fields of IP, TCP/UDP or RTP can be used, the SIP signaling messages can also be used.
2). Modification of time relation:
Here use of order of sequence is made for steganography. For e.g. changing sequence order of RTP packets , modifying the delay between the packets  or introducing intentional losses .
3). Steganography using Hybrid techniques:
Here both content and time relations between the packets are modified. For E.g. LACK - Lost Audio packets steganography .
The technique of protocol steganography focuses more towards the network protocols than other techniques described later in this proposal.
1. Steganography on IP/UDP/TCP protocol:
If we look closely to the IP packet, TCP or UDP packet, we can find many fields that are present but are not used in usual communication. Only, few fields are change during the communication process .We can use these redundant/unneeded fields for sending the hidden data. There are many fields in TCP/IP stack that can be used for steganography. Also, for any communication on the network, these protocols have to be used.
2. RTP/RTCP Protocol steganography:
Along with the general protocols described above, in any real time application running over the internet, RTP protocol is used. Hence, for the VoIP streams also, the RTP protocol is used. The RTP header contains certain fields that can be used for establishing covert channel. These fields are for e.g. padding, extension header, initial values of time stamps and the sequence number as in .
For the control of real time communications, RTCP protocol is also used. It contains some fields that can be used for steganography but at the cost of losing some functionality of RTCP.
LACK - Lost Audio paCKets steganography:
For implementing VoIP and similar services, protocols like RTP (Real-time Transport Protocol) and RTCP (Real-time Transport Control Protocol) are used. This is because such services are real time services and a suitable Real time protocol is needed to handle such services. In such services and protocols the sequence order of the data arriving at receiver must be same as the order of data sent. Hence, when the packet comes with greater delay, it is discarded by the receiver. LACK uses this mechanism for its own advantage i.e. steganography. The idea (as in ) is to deliberately delay particular packets with hidden data such that the receiver with corresponding software of steganography can identify this packet and take out the steganogram.
As described in , LACK has four basic scenarios. (1) Select a packet from RTP stream and insert the hidden data i.e. change the bits in that packet by the steganogram (2) insert suitable to the chosen packets and send them. (3) If receiver is unaware of steganographic procedure, packet is discarded (4) If receiver is aware of steganographic procedure, packet is taken by that software and steganogram is extracted.
RTP is usually integrated at the endpoints of the communication, so it is easier to access packet generation and modification that lower layer protocols. Hence, although LACK is an application layer technique, it is less complex to implement. The performance of LACK (as in ) depends on factors like, type of codec used, QoS of the network, packet delay, packet loss probability and jitter.
HICCUPS - Hidden Communication system for CorrUPted networkS:
HICCUPS is one of the current technique in VoIP steganography as discussed in . This steganographic technique is dedicated to the shared-medium networks such as Wi-Fi. In wireless networks, the data is transmitted by broadcasting it in form of frames. The network does not care about what is there inside these frames. It depends on the receiver's program to check whether the frames arrived contain proper data (original data) or not, and also whether there is error in the arrived frame. Also, the transmitter has to take care whether the frame reached destination or not. The receiver usually detects errors using the checksum - a signature kind of thing used for integrity. If the checksum does not match, the packet is consider corrupted and is discarded. For HICCUPS the frames are deliberately corrupted by inserting the steganogram. Hence if the receiver is unknown about the steganography, it will discard it. But, if a proper steganography program is installed on receiver's computer, it can take such packets and extract the steganogram. The good thing about HICCUPS is that it uses secure communication network to provide steganographic system. It uses a new protocol which is based on corrupted frames. This technique makes use of the imperfections of transmission environment i.e. interferences and noise in medium and thus distortion of data. Now a day, it is seen that wireless networks are used more than the wired-network, hence use of this technique can be beneficial as the distortion is more in wireless networks than the wired networks. In this technique, covert channel can be established in three ways as described in . (1) Based on cipher's initialization vector, (2) based on MAC network address (3) based on integrity mechanism such as checksum.
There has always been research going on to maintain confidentiality of data over the internet and many cryptographic protocols and algorithms have been designed for the same. In cryptography, the data is encrypted using algorithms and keys, thus making it confidential. But along with improvement in cryptographic techniques, the cryptographic attacks are becoming more and more sophisticated and more dangerous. At this time use of steganography can help a lot. In steganography the data is transferred and no one even knows that it is getting transferred, hence making it much confidential for an attack. Use of VoIP steganography can help sending more data depending on call duration.
Although the steganography is an emerging technique in networking which is improving day by day, many papers and articles have been published by now. The author Daniel Collins has very well described SIP protocol in his book Carrier grade Voice over IP. Many papers are helpful in understanding VoIP steganography such as Internet Steganography - Data Hiding in IP by Kundur and Ahsan . Much research is being done by two professors from the Warsaw University of Technology, Poland. They have published many papers related to steganography which are very helpful.
MOTIVATION AND APPLICATION:
Increase in amount of cryptographic attacks and their sophistication has raised a threat on confidentiality over the networks. Steganography is a way that might help us in finding a new way to maintain confidentiality. The concept of steganography can be implemented in networking technology for benefits such as authentication, digital watermarking, and confidentiality. Application of steganography on VoIP streams can help in copyright and confidentiality. On implementing VoIP steganography, a company can embed its identity or copyrights underneath the protocol steganography. If applied in military applications, the information can be transmitted by just a normal call as a carrier without even being noticed. Also, learning the techniques can help in staganalysis - a method to detect and block evil use of steganography.
Once the sufficient material on steganography on VoIP is accumulated, the project will have greater emphasize on LACK and Protocol steganography techniques. The steganography on VoIP will enable the VoIP service providers to establish copyright and authentication using such techniques. More focus will be on protocol steganography where in analysis of different fields will be done. If a suitable technique is found, it may be applied to a system. By using steganography in protocol fields (such as in SIP) copyrighting may be implemented for call connection. Working on both LACK and protocol steganography the pros and cons of each technique can be found out.