research-article

VoIP steganography and its Detection—A survey

Author:
Wojciech Mazurczyk

Warsaw University of Technology, Poland, Nowowiejska

Warsaw University of Technology, Poland, Nowowiejska
View Profile

Authors Info & Claims

ACM Computing Surveys Volume 46 Issue 2Article No.: 20pp 1–21https://doi.org/10.1145/2543581.2543587

Published:27 December 2013Publication History

ACM Computing Surveys

Abstract

Steganography is an ancient art that encompasses various techniques of information hiding, the aim of which is to embed secret information into a carrier message. Steganographic methods are usually aimed at hiding the very existence of the communication. Due to the rise in popularity of IP telephony, together with the large volume of data and variety of protocols involved, it is currently attracting the attention of the research community as a perfect carrier for steganographic purposes. This article is a first survey of the existing Voice over IP (VoIP) steganography methods and their countermeasures.

References

Aoki, N. 2003. A packet loss concealment technique for VoIP using steganography. In Proceedings of International Symposium on Intelligent Signal Processing and Communication Systems (ISPACS’03). 470--473.Google Scholar
Aoki, N. 2004. VoIP packet loss concealment based on two-side pitch waveform replication technique using steganography. In Proceedings of the IEEE Region 10 Conference (TENCON’04): Volume 3. 52--55.Google ScholarCross Ref
Aoki, N. 2007. Potential of value-added speech communications by using steganography. In Proceedings of Intelligent Information Hiding and Multimedia Signal Processing (IIHMSP’07). 251--254. Google ScholarDigital Library
Aoki, N. 2008. A technique of lossless steganography for G.711 telephony speech. In Proceedings of the International Conference on Intelligent Information Hiding and Multimedia Signal Processing (IIHMSP’08). Harbin, China, 608--611. Google ScholarDigital Library
Aoki, N. 2009. Lossless steganography techniques for IP telephony speech taking account of the redundancy of folded binary code. In Proceedings of the 5th International Joint Conference on INC, IMS and IDC. 1689--1692. Google ScholarDigital Library
Aoki, N. 2010. A semi-lossless steganography technique for G.711 telephony speech. In Proceedings of the 6th International Conference on Intelligent Information Hiding and Multimedia Signal Processing (IIHMSP’10). 534--537. Google ScholarDigital Library
Arackaparambil, C., Yan, G., Bratus, S., and Caglayan, A. 2012. On tuning the knobs of distribution-based methods for detecting VoIP covert channels. In Proceedings of the Hawaii International Conference on System Sciences (HICSS-45). Hawaii, 2431--2440. Google ScholarDigital Library
Bai, L. Y., Huang, Y., Hou, G., and Xiao, B. 2008. Covert channels based on jitter field of the RTCP header. In Proceedings of the International Conference on Intelligent Information Hiding and Multimedia Signal Processing (IIHMSP’08). 1388--1391. Google ScholarDigital Library
Bender, W., Gruhl, D., Morimoto, N., and Lu, A. 1996. Techniques for data hiding. IBM. Syst. J. 35, 3--4, 313--336. Google ScholarDigital Library
Chen, S., Wang, X., and Jajodia, S. 2006. On the anonymity and traceability of peer-to-peer VoIP calls. IEEE Netw. 20, 5, 32--37. Google ScholarDigital Library
Deng, Z., Shao, X., Yang, Z., and Zheng, B. 2008. A novel covert speech communication system and its implementation. J. Electron. 25, 6, 737--745.Google Scholar
Dittmann, J., Hesse, D., and Hillert, R. 2005. Steganography and steganalysis in voice-over IP scenarios: Operational aspects and first experiences with a new steganalysis tool set. In Proceedings of SPIE 2005: Volume 5681, Security, Steganography, and Watermarking of Multimedia Contents VII. 607--618.Google Scholar
DoD “Orange Book.” 1985. Trusted computer system evaluation criteria. Tech. rep. DOD 5200.28-STD. National Computer Security Center.Google Scholar
Druid. 2007. Real-time steganography with RTP. Tech. rep. http://www.uninformed.org/&quest;v=8&a==3&t==pdf.Google Scholar
Forbes, C. R. 2009. A new covert channel over RTP. Master's thesis, Rochester Institute of Technology. https://ritdml.rit.edu/bitstream/handle/1850/12883/CForbesThesis8-21-2009.pdf&quest;sequence=1.Google Scholar
Fridrich, J. 2010. Steganography in Digital Media—Principles, Algorithms, and Applications. Cambridge University Press. Google ScholarDigital Library
Garateguy, G., Arce, G., and Pelaez, J. 2011. Covert channel detection in VoIP streams. In Proceedings of the 45th Annual Conference on Information Sciences and Systems (CISS). 1--6.Google Scholar
Geiser, B., Mertz, F., and Vary, P. 2008. Steganographic packet loss concealment for wireless VoIP. In Proceedings of the Conference on Voice Communication (SprachKommunikation). 1--4.Google Scholar
Gianvecchio, S. and Wang, H. 2011. An entropy-based approach to detecting covert timing channels. In IEEE T. Depend. Secure. Comput. 8, 6, 785--797. Google ScholarDigital Library
Hamdaqa, M. and Tahvildari, L. 2011. ReLACK: A reliable VoIP steganography approach. In Proceedings of the 5th International Conference on Secure Software Integration and Reliability Improvement (SSIRI’11). 189--197. Google ScholarDigital Library
Huang, Y., Tang, S., and Yuan, J. 2011b. Steganography in inactive frames of VoIP streams encoded by source codec. IEEE Trans. Inf. Forensics Security 6, 2, 296--306. Google ScholarDigital Library
Huang, Y., Tang, S., and Zhang, Y. 2011c. Detection of covert voice-over Internet protocol communications using sliding window-based steganalysis. IET Commun. 5, 7, 929--936.Google ScholarCross Ref
Huang, Y., Tang, S., Bao, C., Yip, Y. J., and Yau, J. 2011d. Steganalysis of compressed speech to detect covert voice over Internet protocol channels. IET Inf. Secur. 5, 1, 26--32.Google ScholarCross Ref
Huang, Y., Xiao, B., and Xiao, H. 2008. Implementation of covert communication based on steganography. In Proceedings of the International Conference on Intelligent Information Hiding and Multimedia Signal Processing (IIH-MSP’08). 1512--1515. Google ScholarDigital Library
Huang, Y., Yuan, J., Chen, M., and Xiao, B. 2011a. Key distribution over the covert communication based on VoIP. J. Electron. 20, 2, 357--360.Google Scholar
Janicki, A., Mazurczyk, W., and Szczypiorski, K. 2012a. Influence of speech codecs selection on transcoding steganography. In Computing Research Repository (CoRR), abs/1201.6218, arXiv.org E-print archive. Cornell University, Ithaca, NY. http://arxiv.org/abs/1201.6218.Google Scholar
Janicki, A., Mazurczyk, W., and Szczypiorski, K. 2012b. Steganalysis of transcoding steganography. In Computing Research Repository (CoRR), abs/1210.5888, arXiv.org E-print archive. Cornell University, Ithaca, NY. http://arxiv.org/abs/1210.5888.Google Scholar
Jia, W., Tso, F. P., Ling, Z., Fu, X., Xuan, D., and Yu, W. 2009. Blind detection of spread spectrum flow watermarks. In Proceedings of IEEE INFOCOM. 2195--2203.Google Scholar
Krätzer, C., Dittman, J., Vogel, T., and Hillert, R. 2006. Design and evaluation of steganography for Voice-over-IP. In Proceedings of the IEEE International Symposium on Circuits and Systems (ISCAS’06).Google Scholar
Kkrätzer, C. and Dittman, J. 2007. Mel-cepstrum based steganalysis for VoIP steganography. In Proceedings of the 19th Annual Symposium of the Electronic Imaging Science and Technology, SPIE and IS&T. San Jose, CA.Google Scholar
Krätzer, C. and Dittman, J. 2008a. Pros and cons of mel-cepstrum based audio steganalysis using SVM classification. In Proceedings of the 9th International Conference on Information Hiding (IH’07). 359--377. Google ScholarDigital Library
Krätzer, C. and Dittman, J. 2008b. Cover signal specific steganalysis: The impact of training on the example of two selected audio steganalysis approaches. In Proceedings of SPIE-IS&T Electronic Imaging: Volume 6819.Google Scholar
Kundur, D. and Ahsan, K. 2003. Practical Internet steganography: Data hiding in IP. In Proceedings of the Texas Workshop on Security of Information Systems.Google Scholar
Lampson, B. W. 1973. A note on the confinement problem. Comm. ACM 16, 10, 613--615. Google ScholarDigital Library
Li, S. and Huang, Y. 2012. Detection of QIM steganography in G.723.1 bit stream based on quantization index sequence analysis. J. Zhejiang Univ. Sci. C 13, 8, 624--634.Google ScholarCross Ref
Ling, Z., Fu, X., Jia, W., Yu, W., and Xuan, D. 2011. A novel packet size based covert channel attack against anonymizer. In Proceedings of the IEEE International Conference on Computer Communications (INFOCOM’11). 186--190.Google Scholar
Liu, L., Li, M., Li, Q., and Liang, Y. 2008. Perceptually transparent information hiding in G.729 bitstream. In Proceedings of the 4th International Conference on Intelligent Information Hiding and Multimedia Signal Processing. 406--409. Google ScholarDigital Library
Liu, J., Zhou, K., and Tian, H. 2012. Least-significant-digit steganography in low bit-rate speech. In Proceedings of the 47th IEEE International Conference on Communications (ICC). Ottawa, Canada, 1--5.Google Scholar
Lloyd, P. 2010. An exploration of covert channels within Voice over IP. Master's thesis. Rochester Institute of Technology, https://ritdml.rit.edu/bitstream/handle/1850/12241/PLloydThesis5-4-2010.pdf&quest;sequence=1.Google Scholar
Lu, C. S. 2005. Multimedia Security: Steganography and Digital Watermarking Techniques for Protection of Intellectual Property. Idea Group Publishing. Google ScholarDigital Library
Lubacz, J., Mazurczyk, W., and Szczypiorski, K. 2008. Hiding data in VoIP. In Proceedings of the 26th Army Science Conference (ASC’08). Orlando, FL.Google Scholar
Lubacz, J., Mazurczyk, W., and Szczypiorski, K. 2010. Vice over IP. IEEE Spectr. 40--45. Google ScholarDigital Library
Lucena, N. B., Pease, J., Yadollahpour, P., and Chapin, S. 2004. Syntax and symantics-preserving application-layer protocol steganography. In Proceedings of the 6th International Conference on Information Hiding (IH’04). 164--179. Google ScholarDigital Library
Ma, L., Wu, Z., and Yang, W. 2007. Approach to hide secret speech information in G.721 scheme. In Proceedings of the Intelligent Computing 3rd International Conference on Intelligent Computing Theories and Applications (ICIC’07). 1315--1324. Google ScholarDigital Library
Mazurczyk, W. 2012. Lost audio packets steganography: A first practical evaluation. Int. J. Secur. Commun. Netw. 5, 12, 1394--1403. Google ScholarDigital Library
Mazurczyk, W. and Kotulski, Z. 2006a. New VoIP traffic security scheme with digital watermarking. In Proceedings of the 25th International Conference on Computer Safety, Reliability and Security (SafeComp’06). 170--181. Google ScholarDigital Library
Mazurczyk, W. and Kotulski, Z. 2006b. New security and control protocol for VoIP based on steganography and digital watermarking. In Proceedings of the 5th International Conference on Computer Science— Research and Applications (IBIZA’06).Google Scholar
Mazurczyk, W. and Lubacz, J. 2010. LACK—a VoIP steganographic method. Telecommun. Syst. Model Anal. Des. Manag. 45, 2--3, 153--163.Google Scholar
Mazurczyk, W. and Szczypiorski, K. 2008a. Covert channels in SIP for VoIP signalling. In Proceedings of 4th International Conference on Global E-Security. London, United Kingdom, 65--70.Google Scholar
Mazurczyk, W. and Szczypiorski, K. 2008b. Steganography of VoIP streams. In Proceedings of the On The Move Federated Conferences and Workshops: 3rd International Symposium on Information Security (IS’08). Monterrey, Mexico, 1001--1018. Google ScholarDigital Library
Mazurczyk, W., Cabaj, K., and Szczypiorski, K. 2010. What are suspicious VoIP delays&quest; Multimed. Tools Appl. 57, 1, 109--126. Google ScholarDigital Library
Mazurczyk, W., Szaga, P., and Szczypiorski, K. 2011. Using transcoding for hidden communication in IP telephony. In Computing Research Repository (CoRR), abs/1111.1250, arXiv.org E-print archive. Cornell University, Ithaca, NY. http://arxiv.org/abs/1111.1250.Google Scholar
Miao, R. and Huang, Y. 2011. An approach of covert communication based on the adaptive steganography scheme on Voice over IP. In Proceedings of the IEEE International Conference on Communications (ICC’11). 1--5.Google Scholar
Murdoch, S. and Lewis, S. 2005. Embedding covert channels into TCP/IP. In Proceedings of the 7th International Conference on Information Hiding (IH’05). 247--266. Google ScholarDigital Library
Nishimura, A. 2009. Steganographic band width extension for the AMR codec of low-bit-rate modes. In Proceedings of Interspeech 2009. Brighton, UK, 2611--2614.Google Scholar
Nutzinger, M. and Wurzer, J. 2011. A novel phase coding technique for steganography in auditive media. In Proceedings of the IEEE International Conference on Availability, Reliability and Security. Vienna, Austria, 91--98. Google ScholarDigital Library
Nutzinger, M., Fabian, C., and Marschalek, M. 2010. Secure hybrid spread spectrum system for stegnanography in auditive media. In Proceedings of the IEEE International Conference on Intelligent Information Hiding and Multimedia Signal Processing. 78--81. Google ScholarDigital Library
Petitcolas, F., Anderson, R., and Kuhn, M. 1999. Information hiding—a survey. Proc. IEEE 87, 7, 1062--1078.Google ScholarCross Ref
Rosenberg, J., Schulzrinne, H., Camarillo, G., and Johnston, A. 2002. SIP: Session Initiation Protocol. IETF, RFC 3261. Google ScholarDigital Library
Schulzrinne, H., Casner, S., Frederick, R., and Jacobson, V. 2003. RTP: A transport protocol for real-time applications. IETF, RFC 3550. Google ScholarDigital Library
Servetto, S. D. and Vetterli, M. 2001. Communication using phantoms: Covert channels in the Internet. In Proceedings of the IEEE International Symposium on Information Theory (ISIT’01).Google Scholar
Shah G. and Blaze, M. 2009. Covert channels through external interference. In Proceedings of the 3rd USENIX Conference on Offensive Technologies. Montreal, Canada, 3--3. Google ScholarDigital Library
Shah, G., Molina, A., and Blaze, M. 2006. Keyboards and covert channels. In Proceedings of the 15th USENIX Security Symposium. 59--75. Google ScholarDigital Library
Simmons, G. J. 1984. The prisoner's problem and the subliminal channel. In Proceedings of CRYPTO ’83. Plenum Press, Santa Barbara, CA.Google ScholarCross Ref
Takahashi, T. and Lee, W. 2007. An assessment of VoIP covert channel threats. In Proceedings of the 3rd International Conference on Security and Privacy in Communication Networks (SecureComm’07). 371--380.Google Scholar
Tian, H., Guo, R., Lu, J., and Chen, Y. 2012. Implementing covert communication over voice conversations with Windows Live Messenger. AISS 4, 4, 18--26.Google ScholarCross Ref
Tian, H., Zhou, K., and Feng, D. 2010. Dynamic matrix encoding strategy for voice-over-IP steganography. J. Cent. South Univ. Technol. 17, 1285--1292.Google ScholarCross Ref
Tian, H., Zhou, K., Huang, Y., Feng, D., and Liu, J. 2008. A covert communication model based on least significant bits steganography in Voice over IP. In Proceedings of the 9th International Conference for Young Computer Scientists. 647--652. Google ScholarDigital Library
Tian, H., Zhou, K., Jiang, H., Liu, J., Huang, Y., and Feng, D. 2009a. An M-sequence based steganography model for voice over IP. In Proceedings of the IEEE International Conference on Communications (ICC’09). 1--5. Google ScholarDigital Library
Tian, H., Zhou, K., Jiang, H., Liu, J., Huang, Y., and Feng, D. 2009b. An adaptive steganography scheme for Voice over IP. In Proceedings of the IEEE International Symposium on Circuits and Systems (ISCAS’09). Taipei, Taiwan, 2922--2925.Google Scholar
Tian, H., Jiang, H., Zhou, K., and Feng, D. 2011a. Adaptive partial-matching steganography for Voice over IP using triple M sequences. Comput. Comm. 34, 2236--2247. Google ScholarDigital Library
Tian, H., Jiang, H., Zhou, K., and Feng, D. 2011b. Transparency-orientated encoding strategies for Voice-over-IP steganography. Comput. J. 55, 6, 702--716. Google ScholarDigital Library
Wang, C. and Wu, W. 2007. Information hiding in real-time VoIP streams. In Proceedings of the 9th IEEE International Symposium on Multimedia (ISM’07). 255--262. Google ScholarDigital Library
Wang, X., Chen, S., and Jajodia, S. 2005. Tracking anonymous peer-to-peer VoIP calls on the Internet. In Proceedings of the 12th ACM Conference on Computer and Communications Security (CCS’05). 81--91. Google ScholarDigital Library
Wieser, C. and Röning, J. 2010. An evaluation of VoIP covert channels in an SBC setting. In Proceedings of the Security in Futures--Security in Change Conference. 54--58.Google Scholar
Wu, Z. and Yang, W. 2006. G.711-based adaptive speech information hiding approach. In Proceedings of the International Conference on Intelligent Computing: Volume Part I. 1139--1144. Google ScholarDigital Library
Wu, Z. J., Gao, W., and Yang, W. 2009. LPC parameters substitution for speech information hiding. J. China Univ. Posts Telecomm. 16, 6, 103--112.Google ScholarCross Ref
Wu, Z. J., Yang, W., and Yang, Y. X. 2003. ABS-based speech information hiding approach. Electron. Lett. 39, 1617--1619.Google ScholarCross Ref
Xiao, B., Huang, Y., and Tang, S. 2008. An approach to information hiding in low bit-rate speech stream. In Proceedings of the Global Telecommunications Conference (GLOBECOM’08). 1--5.Google Scholar
Xu, E., Liu, B., Xu, L., Wei, Z., Zhao, B., and Su, J. 2011. Adaptive VoIP steganography for information hiding within network audio streams. In Proceedings of the International Conference on Network-Based Information Systems, 612--617. Google ScholarDigital Library
Xu, T. and Yang, Z. 2009. Simple and effective speech steganography in G.723.1 low-rate codes. In Proceedings of the International Conference on Wireless Communications and Signal Processing (WCSP’09). 1--4.Google Scholar
Yu, W., Fu, X., Graham, S., Xuan, D., and Zhao, W. 2007. DSSS-based flow marking technique for invisible traceback. In Proceedings of the IEEE Symposium on Security and Privacy (SP’07). 18--32. Google ScholarDigital Library
Zander, S., Armitage, G., and Branch, P. 2007. A survey of covert channels and countermeasures in computer network protocols. IEEE Commun. Surv. Tutor. 9, 3, 44--57. Google ScholarDigital Library

Index Terms

VoIP steganography and its Detection—A survey
1. Hardware
  1. Communication hardware, interfaces and storage
2. Networks

Recommendations

An adaptive steganographic method based on the measurement of just noticeable distortion profile

This paper presents an adaptive steganographic method based on just noticeable distortion (JND) profile measurement. According to the input requirements, our method can produce a higher quality or higher embedding capacity stego-image. In the embedding ...
Read More
High-performance JPEG steganography using quantization index modulation in DCT domain

This paper presents two JPEG steganographic methods using quantization index modulation (QIM) in the discrete cosine transform (DCT) domain. The two methods approximately preserve the histogram of quantized DCT coefficients, aiming at secure JPEG ...
Read More
LSB steganographic method based on reversible histogram transformation function for resisting statistical steganalysis

Statistical steganalysis schemes detect the existence of secret information embedded by steganography. The x^2-detection and Regular-Singular (RS)-attack methods are two well-known statistical steganalysis schemes used against LSB (least significant bit)...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

Published in

ACM Computing Surveys Volume 46, Issue 2
November 2013
483 pages
ISSN:0360-0300
EISSN:1557-7341
DOI:10.1145/2543581
Issue’s Table of Contents

Copyright © 2013 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 27 December 2013
- Accepted: 1 March 2013
- Revised: 1 February 2013
- Received: 1 March 2012
Published in csur Volume 46, Issue 2

Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
IP telephony
Information hiding
VoIP
steganography
survey
Qualifiers
- research-article
- Research
- Refereed
Conference
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 74
  Total Citations
  View Citations
- 1,195
  Total Downloads
- Downloads (Last 12 months)32
- Downloads (Last 6 weeks)4
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

VoIP steganography and its Detection—A survey

ACM Computing Surveys

Abstract

References

Cited By

Index Terms

Recommendations

An adaptive steganographic method based on the measurement of just noticeable distortion profile

High-performance JPEG steganography using quantization index modulation in DCT domain

LSB steganographic method based on reversible histogram transformation function for resisting statistical steganalysis

Comments

Login options

Full Access

Published in

Sponsors

In-Cooperation

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Conference

Funding Sources

Other Metrics

Article Metrics

Other Metrics

Cited By

PDF Format

eReader

Digital Edition

Caption

VoIP steganography and its Detection—A survey

ACM Computing Surveys

Abstract

References

Cited By

Index Terms

Recommendations

An adaptive steganographic method based on the measurement of just noticeable distortion profile

High-performance JPEG steganography using quantization index modulation in DCT domain

LSB steganographic method based on reversible histogram transformation function for resisting statistical steganalysis

Comments

Login options

Full Access

Published in

Sponsors

In-Cooperation

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Conference

Funding Sources

Article Metrics

Other Metrics

PDF Format

eReader

Digital Edition

Share this Publication link

Share on Social Media