Current Internet e-mail facilities are built on the foundation of standard rules and protocols, which usually allow a considerable amount of "freedom" to their designers. Each of these standards has been defined based on a number of vendor specific implementations, in order to provide common inter-working procedures for cross-vendor communication. Thus, a lot of optional and redundant information is being exchanged during e-mail sessions, which is available to implement versatile covert channel mechanisms. The work exploits this possibility by presenting a simple but effective steganographic schema that can be used to deploy robust secret communication through e-mail. This schema can offer unidirectional asynchronous one-to-one or one-to-many covert channel facilities that are able to bypass the most sophisticated firewalls and traffic analyzers. Its implementation neither affects the involved transport protocols nor causes any perceivable performance degradation or data loss to the end-users. © 2011 IEEE.

E-mail-based covert channels for asynchronous message steganography

Castiglione, Aniello;Fiore, Ugo;
2011-01-01

Abstract

Current Internet e-mail facilities are built on the foundation of standard rules and protocols, which usually allow a considerable amount of "freedom" to their designers. Each of these standards has been defined based on a number of vendor specific implementations, in order to provide common inter-working procedures for cross-vendor communication. Thus, a lot of optional and redundant information is being exchanged during e-mail sessions, which is available to implement versatile covert channel mechanisms. The work exploits this possibility by presenting a simple but effective steganographic schema that can be used to deploy robust secret communication through e-mail. This schema can offer unidirectional asynchronous one-to-one or one-to-many covert channel facilities that are able to bypass the most sophisticated firewalls and traffic analyzers. Its implementation neither affects the involved transport protocols nor causes any perceivable performance degradation or data loss to the end-users. © 2011 IEEE.
2011
9780769543727
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11367/64112
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 24
  • ???jsp.display-item.citation.isi??? ND
social impact