Abstract
Covert communication using Internet Protocol version 6 (IPv6) header fields can be easily detected. By thoroughly exploring the characteristics of IPv6 multicast, this study proposes a novel covert communication model based on IPv6 multicast (MCv6). In this model, a multicast group, containing a large number of members across different subnets, is created to hide the receiver’s network ID, thereby achieving covert communications. To ensure the security of this covert communication, a random key generation algorithm, based on the chaotic sequence, is proposed to encrypt communication packets. To ensure the legitimacy of covert communications, a multicast source authentication mechanism based on hash comparison is proposed to verify the legitimacy of communication source nodes. To ensure the integrity of covert communications, a two-stage error control mechanism is proposed to control the possible packet-loss and other errors. Theoretical analysis and simulation results show that the proposed MCv6 model can provide good IPv6-based covert communications, efficiently reducing the probability of detection, and ensuring the security and reliability of the IPv6-based medium.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Huang, Y., Li, S.: Network covert communication and its detection technology, pp. 13–14, Tsinghua University Press, Beijing (2016)
Jankowski, B., Mazurczyk, W., Szczypiorski, K.: Information hiding using improper frame padding. In: Telecommunications and Network Strategy and Planning Symposium (NETWORKS), pp. 1–6. IEEE (2010)
Anthony, D., et al.: A behavior based covert channel within anti-virus updates. In: Proceedings of the International Conference on Security and Management (SAM), p. 1. The Steering Committee of The World Congress in Computer Science, Computer Engineering and Applied Computing (WorldComp) (2012)
Murdoch, S.J.: Covert channel vulnerabilities in anonymity systems. No. UCAM-CL-TR-706. University of Cambridge, Computer Laboratory (2007)
Johnson, N.F., Duric, Z., Jajodia, S.: Information Hiding: Steganography and Watermarking-Attacks and Countermeasures: Steganography and Watermarking: Attacks and Countermeasures, vol. 1. Springer Science & Business Media, New York (2001). https://doi.org/10.1007/978-1-4615-4375-6
Ahsan, K., Kundur, D.: Practical data hiding in TCP/IP. In: Proceedings Workshop on Multimedia Security at ACM Multimedia, vol. 2. No. 7 (2002)
Frikha, L., Trabelsi, Z., Tabbane, S.: Simulation, optimisation and integration of Covert Channels, Intrusion Detection and packet filtering systems. In: Information Infrastructure Symposium, GIIS 2009. Global. IEEE (2009)
Allix, P.: Covert channels analysis in TCP/IP networks. IFIPS School of Engineering, University of Paris-Sud XI, Orsay, France (2007)
Zander, S., Armitage, G., Branch, P.: A survey of covert channels and countermeasures in computer network protocols. IEEE Commun. Surv. Tutorials 9(3), 44–57 (2007)
Supriyanto, R.K.M., Ramadass, S.: Review on ipv6 security vulnerability issues and mitigation methods. Int. J. Netw. Secur. Appl. 4(6), 173 (2012)
Zagar, D., Grgic, K.: IPv6 security threats and possible solutions. In: Automation Congress, WAC 2006. World, pp. 1–7. IEEE (2006)
Abley, J., Savola, P., Neville-Neil, G.: Deprecation of type 0 routing headers in ipv6. draft-ietf-ipv6-deprecate-rh0-01 (2007)
Handel, T.G., Sandford, M.T.: Hiding data in the OSI network model. In: Anderson, R. (ed.) IH 1996. LNCS, vol. 1174, pp. 23–38. Springer, Heidelberg (1996). https://doi.org/10.1007/3-540-61996-8_29
Hintz, A.: Covert channels in TCP and IP headers. Presentation at DEFCON 10 (2002)
Rowland, C.H.: Covert channels in the TCP/IP protocol suite. First Monday 2(5), (1997)
Rutkowska, J.: The implementation of passive covert channels in the Linux kernel. In: Chaos Communication Congress, Chaos Computer Club eV (2004)
Tom, D.: Internet steganography. Technical report, Oak Ridge National Laboratory (Contract No. DE-AC05-96OR22464), Oak Ridge, Tennessee (1998)
Trabelsi, Z., Jawhar, I.: Covert file transfer protocol based on the IP record route option. J. Inf. Assur. Secur. 5(1), 64–73 (2010)
Lucena, N.B., Lewandowski, G., Chapin, S.J.: Covert Channels in IPv6. In: Danezis, G., Martin, D. (eds.) PET 2005. LNCS, vol. 3856, pp. 147–166. Springer, Heidelberg (2006). https://doi.org/10.1007/11767831_10
Plonka, D., Berger, A.: kIP: a Measured Approach to IPv6 Address Anonymization. arXiv preprint arXiv:1707.03900 (2017)
Ryan Giobbi Homepage: Filtering ICMPv6 Using Host-Based Firewalls. https://www.cert.org/blogs/vuls/2008/11/icmpv6_types_and_hostbased_fir.html. Accessed 21 Dec 2017
Graf, T.: Messaging over IPv6 destination options (2003)
Murphy, R.P.: IPv6/ICMPv6 Covert Channels. Defcon, Las Vegas (2006)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Switzerland AG
About this paper
Cite this paper
Kong, Y., Zhang, L., Wang, Z., Guo, Y., Guo, W. (2018). A Covert Communication Model Based on IPv6 Multicast. In: Sun, X., Pan, Z., Bertino, E. (eds) Cloud Computing and Security. ICCCS 2018. Lecture Notes in Computer Science(), vol 11066. Springer, Cham. https://doi.org/10.1007/978-3-030-00015-8_8
Download citation
DOI: https://doi.org/10.1007/978-3-030-00015-8_8
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-00014-1
Online ISBN: 978-3-030-00015-8
eBook Packages: Computer ScienceComputer Science (R0)