Current Internet e-mail facilities are built onto the foundation of standard rules and protocols, which usually allow a considerable amount of "freedom" to their designers. Each of these standards has been defined based on a number of vendor specific implementations, in order to provide common inter-working procedures for cross-vendor communication. Thus, a lot of optional and redundant information is being exchanged during e-mail sessions, which is available to implement versatile covert channel mechanisms. This work exploits this possibility by presenting a simple but effective steganographic scheme that can be used to deploy robust secret communication through spam e-mails. This scheme can offer unidirectional asynchronous one-to-one or one-to-many covert channel facilities that are able to bypass the most sophisticated firewalls and traffic analyzers. Its implementation neither affects the involved transport protocols nor causes any perceivable performance degradation or data loss to the end-users. The proposed scheme allows one to manage possible filtering/loss of the e-mails being the vehicle of the secret information. A novel retransmission method based on the Raptor codes has been adopted. The use of Raptor codes is key to correctly and efficiently manage the difficulty or impossibility to retransmit e-mails in the case of a unidirectional secret communication starting from one sender and directed to many recipients. In order to evaluate the performance characteristics of the proposed scheme, an empirical estimation of the covert channel bandwidth has been performed. © 2011 Elsevier Ltd. All rights reserved.
An asynchronous covert channel using spam
Castiglione, Aniello;Fiore, Ugo;
2012-01-01
Abstract
Current Internet e-mail facilities are built onto the foundation of standard rules and protocols, which usually allow a considerable amount of "freedom" to their designers. Each of these standards has been defined based on a number of vendor specific implementations, in order to provide common inter-working procedures for cross-vendor communication. Thus, a lot of optional and redundant information is being exchanged during e-mail sessions, which is available to implement versatile covert channel mechanisms. This work exploits this possibility by presenting a simple but effective steganographic scheme that can be used to deploy robust secret communication through spam e-mails. This scheme can offer unidirectional asynchronous one-to-one or one-to-many covert channel facilities that are able to bypass the most sophisticated firewalls and traffic analyzers. Its implementation neither affects the involved transport protocols nor causes any perceivable performance degradation or data loss to the end-users. The proposed scheme allows one to manage possible filtering/loss of the e-mails being the vehicle of the secret information. A novel retransmission method based on the Raptor codes has been adopted. The use of Raptor codes is key to correctly and efficiently manage the difficulty or impossibility to retransmit e-mails in the case of a unidirectional secret communication starting from one sender and directed to many recipients. In order to evaluate the performance characteristics of the proposed scheme, an empirical estimation of the covert channel bandwidth has been performed. © 2011 Elsevier Ltd. All rights reserved.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
