Covert Channel Cyber-Attack over Video Stream DCT Payload

(Copyright Protection Algorithm for Video and Audio Streams)
  • Yoram SegalEmail author
  • Ofer Hadar
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11527)


The two main cyber-attack techniques via video packets are based on using the packet header or the payload. Most of the standard software protection tools easily detect anomalies in headers since there are fewer places to embed the malicious content. Moreover, due to the relatively small header size, such attacks are limited by the data volumes that can transfer. On the other hand, a cyber-attack that uses video packets’ payload can effectively conceal much more information and produce covert channels. Multimedia covert channels provide reasonable bandwidth and long-lasting transmission streams, suitable for planting malicious information and therefore used as an exploit alternative. The primary focus of this article is a proof of concept of cyber-attack that conceals malicious data in a video payload in the compressed domain, using steganography (in real time). This malicious data is extracted using a covert channel and a malware (that had previously planted at the end user side), on the other side. Additionally, after the implementation of the attack, it is necessary to review its parameters and conclude what the optimal parameters to use in different video scenarios.

In this paper, we will demonstrate attacks that take advantage of compressed domain video payload.

It is important to note that this method can be used as a method of copyright protection.


Exploit Invisible covert channel Steganography Watermarking Cyber Steno objects Intra prediction Inter prediction Discrete Cosine Transform DCT Motion vectors 



This work was supported by the Israel National Cyber Bureau. The authors gratefully thank Mr. Lior Yahav for implementing the attack algorithm.


  1. 1.
    Cisco: Cisco Visual Networking Index: Forecast and Methodology, 2016–2021 (2017)Google Scholar
  2. 2.
    Neufeld, A., Ker, A.D.: A study of embedding operations and locations for steganography in H.264 video. In: SPIE, Multimedia Watermarking, Security, and Forensics, vol. 8665 (2013)Google Scholar
  3. 3.
    Morkel, T., Eloff, J.H., Olivier, M.S.: An overview of image steganography. In: Proceedings of the Fifth Annual Information Security South Africa Conference, ISSA 2005 (2005)Google Scholar
  4. 4.
    Amsden, N.D., Chen, L., Yuan, X.: Transmitting hidden information using steganography via Facebook. In: International Conference on Computing, Communication and Networking Technologies (ICCCNT) (2014)Google Scholar
  5. 5.
    Lampson, B.: A note on the confinement problem. Commun. ACM, 613–615 (1973)CrossRefGoogle Scholar
  6. 6.
    Cox, I.J., Kilian, J., Leighton, T., Shamoon, T.: Secure spread spectrum watermarking for image, audio and video. In: IEEE International Conference on Image Processing, vol. 3, pp. 243–246 (1996)Google Scholar
  7. 7.
    Barni, M.: A DCT-domain system for robust image watermarking. Signal Process. 66, 357–372 (1998)CrossRefGoogle Scholar
  8. 8.
    Verma, H.K., Singh, A.N., Kumar, R.: Robustness of the digital image watermarking techniques against brightness and rotation attack. Int. J. Comput. Sci. Inf. Secur. IJCSIS, 5 (2009)Google Scholar
  9. 9.
    Jianfeng, L., Zhenhua, Y., Fan, Y., Li, L.: A MPEG2 video watermarking algorithm based on DCT domain. In: Digital Media and Digital Content Management (DMDCM) (2011)Google Scholar
  10. 10.
    Amsalem, Y., Hadar, O., Puzanov, A., Bedinerman, A., Kutcher, M.: DCT-based cyber defense techniques. In: Applications of Digital Image Processing XXXVIII (2015)Google Scholar
  11. 11.
    Katzenbeisser, S.: Information Hiding Techniques for Steganography and Digital. Artech House (2000)Google Scholar
  12. 12.
    Fouant, S.: Man in the Middle (MITM) Attacks Explained: ARP Poisoning. ShortestPathFirs (2010)Google Scholar
  13. 13.
    Richardson, I.E.G.: The H.264 Advanced Video Compression Standard. Wiley (2011)Google Scholar
  14. 14.
    “H.264 encoder decoder scheme”Google Scholar
  15. 15.
    Sullivan, G.: Overview of the H.264/AVC video coding standard. IEEE Trans. Circuits Syst. Video Technol. 13, 560–576 (2003)CrossRefGoogle Scholar
  16. 16.
    Juneja, M., Mukesh, D.: Overview of video steganography in compressed domain. Int. J. Control. Theory Appl. 1–11 (2018)Google Scholar
  17. 17.
    Yang, M., Bourbakis, N.: A high bitrate information hiding algorithm for digital video content under H.264/AVC compression. In: Midwest Symposium on Circuits and Systems, vol. 2005, pp. 935–938 (2005)Google Scholar
  18. 18.
    Shou-Dao, W., Chuang-Bai, X., Yu, L.: A high bitrate information hiding algorithm for video in video. Eng. Technol. 413–418 (2009)Google Scholar
  19. 19.
    Ma, X., Li, Z., Tu, H., Zhang, B.: A data hiding algorithm for H.264/AVC video streams without intra-frame distortion drift. IEEE Trans. Circuits Syst. Video Technol. 20(10), 1320–1330 (2010)CrossRefGoogle Scholar
  20. 20.
    Esen, E., Alatan, A.A.: Robust video data hiding using forbidden zone data hiding and selective embedding. IEEE Trans. Circuits Syst. Video Technol. 21, 1130–1138 (2011)CrossRefGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  1. 1.Communication Systems Engineering DepartmentBen Gurion University of the Negev (BGU)Beer-ShevaIsrael

Personalised recommendations