Prototype Development of VoIP Steganographyeprints.utm.my/id/eprint/11240/6/AbdulaleemZaidMohammedMFSKSM2010.pdf · satu asset cara berkesan untuk menyembunyikan data sulit dan melindunginya

PROTOTYPE DEVELOPMENT OF VOIP STEGANOGRAPHY

ABDULALEEM ZAID MOHAMMED AL-OTHMANI

A project report submitted in partial fulfillment of the

requirements for the award of the degree of

Master of Computer Science (Information Security)

Faculty of Computer Science and Information Systems

Universiti Teknologi Malaysia

NOVEMBER 2009

ii

Dedication

Dedicated to

My beloved parents, my darling supportive wife, my gorgeous daughter, my dearest

siblings and to all whom were beside me

iii

ACKNOWLEDGEMENT

First and foremost praise and gratitude be to ALLAH, almighty, without

whose gracious help it would have been impossible to accomplish this work.

I was extraordinarily fortunate in having Prof. Dr. Azizah Bt. Abd Manaf as

my supervisor in UTM. I would like to express my gratitude and appreciation to her,

who has supported me throughout my project with her patience and knowledge

whilst allowing me the room to work in my own way. I attribute the level of my

Masters degree to her encouragement and effort and without her this project, too,

would not have been completed or written. One simply could not wish for a better or

friendlier supervisor.

Many thanks to each lecturer in UTM-CASE, they were my guidance to

achieve my goals, they gave me all the support I need and were always kind. My

entire study in this honorable institute was an everyday opportunity to acquire fine

knowledge.

Furthermore, my special thanks go to my friend and colleague Saeed

AlQahtani for his indispensable advices, valuable assistance and sincere

companionship.

Finally and most importantly, words fail me to express my appreciation to my

wife whose dedication, love and persistent confidence in me, has taken the load off

my shoulder. I owe her for being unselfishly let her intelligence, passions, and

ambitions collide with mine. I am deeply and forever indebted to my parents for their

inseparable support, love and prayers throughout my entire life. I am also very

grateful to all my brothers and sisters.

iv

ABSTRACT

Information Security has evolved significantly over the last decade and even

more quickly over the last few years. Most organizations recognize that one of their

most important assets is their data. Steganography is an effective means of hiding

secret data, thereby protecting the data from unauthorized or unwanted viewing.

Indeed, along with encryption, steganography is one of the fundamental ways by

which data can be kept confidential. Hiding the desired secret information in

seemingly innocent multimedia files or medium will avoid the need to secure

communication channel when sending secret messages. The biggest challenge to

steganography is how to increase the amount of information to be embedded in the

host channel without affecting the properties of that channel while keeping this secret

transmission invisible to unauthorized parties. To face this challenge, many methods,

media, techniques and algorithms are being introduced. One of the new and

promising communication medium that can be used as a host for steganography is

Voice over Internet Protocol. VoIP is a form of communication that allows people to

make phone calls over an internet connection instead of typical analogue telephone

lines. VoIP characteristics, such as, real-time transmission, bi-directional nature and

vast amount of data make it very appropriate medium to hide secret data. Few recent

researches were conducted to elucidate the steganography techniques and theories

that can be applied on VoIP. This project concerns available steganographic

techniques that can be used for creating covert channels for VoIP streams. Based on

that, the proposed prototype is configured to apply some of these techniques in lab

environment. Consequently, some suggested improvements and techniques are

introduced in this project report to enhance VoIP steganography.

v

ABSTRAK

Keselamatan maklumat telah berevolusi pesat selama sedekad lalu, lebih-

lebih lagi beberapa tahun kebelakangan ini. Kebanyakan organisasi sedia maklum

bahawa salah satu aset terpenting mereka ialah data. “Steganography” ialah salah

satu asset cara berkesan untuk menyembunyikan data sulit dan melindunginya dari

dilihat oleh pihak yang tidak berkenaan. Bersama “encryption”, “steganography”

adalah salah satu langkah asas agar data kekal sulit. Dengan menyembunyikan data

sulit di dalam fail multimedia biasa atau medium yang normal, saluran komunikasi

tidak perlu dikawal ketat apabila menghantar mesej rahsia. Cabaran terbesar untuk

“steganography” ialah bagaimana untuk menambah saiz informasi yang boleh

dimasukkan ke dalam “host channel” dan pada masa yang sama mengekalkan ciri-

ciri saluran tersebut supaya ia tidak dapat dilihat oleh pihak yang tidak berkenaan.

Pelbagai cara, media, teknik dan algoritma sedang diperkenalkan untuk menghadapi

cabaran ini. Salah satu daripada medium komunikasi yang baru dan berpotensi untuk

digunakan sebagai perumah untuk “steganography” ialah “Voice over Internet

Protocol”. VoIP ialah satu bentuk komunikasi “online” di mana pengguna boleh

membuat panggilan telefon menggunakan Internet. Ciri-ciri VoIP iaitu “real-time

transmission”, “bi-directional nature” dan jumlah data yang banyak membuatkan ia

medium yang sesuai untuk menyembunyikan data sulit. Beberapa kajian terbaru telah

dijalankan untuk menerangkan teori dan teknik “steganography” yang boleh

digunakan untuk VoIP. Projek ini ialah berkenaan teknik “steganography” sedia ada

yang boleh digunakan untuk mencipta saluran rahsia untuk VoIP. Berdasarkan teknik

ini, satu prototaip cadangan telah dibina untuk mempraktikkan beberapa teknik

tersebut di dalam “lab environment”. Seterusnya, beberapa cadangan

pengubahsuaian dan teknik diperkenalkan dalam laporan projek ini untuk

memperbaiki VoIP “steganography”.

vi

TABLE OF CONTENTS

CHAPTER TITLE PAGE

declaration I

DEDICATION II

ACKNOWLEDGEMENT III

ABSTRACT IV

ABSTRAK V

TABLE OF CONTENTS VI

LIST OF TABLES IX

LIST OF FIGURES X

1 INTRODUCTION 1

1.1 Overview 1

1.2 Background of the Problem 2

1.3 Problem Statement 3

1.4 Project Aim 4

1.5 Project Objectives 4

1.6 Project Scope 5

1.7 Summary 6

2 LITERATURE REVIEW 7

2.1 Introduction 7

2.2 Voice over Internet Protocol 8

2.2.1 Definition 8

2.2.2 Historical Background of VoIP 8

2.2.3 Background Concepts 10

2.2.4 VoIP Benefits and Challenges 17

vii

2.2.5 VoIP Architecture 21

2.2.6 VoIP Solution Components 25

2.2.7 VoIP Protocols and Communication Flow 26

2.2.8 Establishing VoIP Connections with H.323 36

2.2.9 Establishing VoIP Connections with SIP 37

2.3 Steganography 39

2.3.1 Definition 39

2.3.2 Uses of Steganography 40

2.3.3 History of Steganography 41

2.3.4 Digital Steganography 42

2.3.5 Steganography Capacity and Robustness 43

2.3.6 Audio steganography 44

2.3.7 Digital Audio Signal 46

2.3.8 Methods of Audio Steganography 47

2.3.9 Real-Time steganography 50

2.4 VoIP Steganography 54

2.4.1 Previous Researches 54

2.5 Summary 58

3 RESEARCH METHODOLOGY 59

3.1 Introduction 59

3.2 Research Approach 60

3.3 Research Phases and Procedure 61

3.3.1 Study and Analyze 61

3.3.2 Prototype Design and Implementation 63

3.3.3 Suggestions for Capacity Enhancement 67

3.4 Summary 67

4 PROTOTYPE DESIGN AND IMPLEMENTATION 68

4.1 Introduction 68

4.2 VoIP Call 69

4.2.1 Initialize VoIP Call 69

4.2.2 VoIP Conversation 72

4.2.3 Ending VoIP Call 75

viii

4.3 Embedding and Extracting 75

4.3.1 Embedding Process 75

4.3.2 Extracting Process 77

4.4 Voice Waveforms Drawing 79

4.5 Presenting Results 81

4.6 Summary 81

5 RESULTS AND DISCUSSION 83

5.1 Introduction 83

5.2 Current Relevant Steganography Techniques 83

5.3 Testing Approaches and Methods 85

5.3.1 Program Performance 86

5.3.2 Results Listing and Analyzing 86

5.4 Limitations of LSB Steganography Technique 94

5.5 Suggested Steganography Techniques 94

5.6 Summary 96

6 CONCLUSION AND FUTURE WORK 97

6.1 Introduction 97

6.2 Project Summary and Conclusion 98

6.3 Meeting Research Objectives 98

6.4 Project Contribution 99

6.5 Future Work 99

6.6 Summary 100

REFERENCES 102

ix

LIST OF TABLES

TABLE NO. TITLE PAGE

2-1 ITU Encoding Standards 15

2-2 Common VoIP Audio Codecs 52

5-1 Summary Comparison between Steganography Techniques 85

5-2 Initial Comparison between LSB Techniques 89

5-3 Result of Hiding 100bytes of Secret Data 90

5-4 Result of Hiding 1KB of Secret Data 91

5-5 Result of Hiding 4KB of Secret Data 91

5-6 Result of Hiding 8KB of Secret Data 92

5-7 Suggested VoIP Techniques 95

x

LIST OF FIGURES

FIGURE NO. TITLE PAGE

2.1 Packetization of Voice Traffic 16

2.2 Network Stack 22

2.3 VoIP Stack and Protocols 27

2.4 An RTP Data Transfer Packet 28

2.5 RSVP Merge 33

2.6 H.323 Call Setup Process 37

2.7 SIP Proxy Operation 38

2.8 SIP Redirector Server 38

2.9 Conflicting Requirements for Data Hiding 43

2.10 Audio Signal Coding 46

2.11 Hidden Communication Scenarios for VoIP 56

3.1 Research Phases 61

3.2 Prototype Main Tasks 65

4.1 Prototype Design Phases 68

4.2 Prototype General Architecture 69

4.3 Receiver may accept or reject INVITE message 70

4.4 Messages of VoIP Call 70

4.5 Flowchart of "Send" Threat 73

4.6 Flowchart of "Receive" Threat 75

4.7 Flowchart of Embedding Process (1 LSB) 76

4.8 Replacement of 1 LSB in Embedding Function 77

4.9 Flowchart of Extracting Process (1 LSB) 78

4.10 Screenshot of Waveform Drawing of VoIP Prototype 79

xi

4.11 Screenshot of Prototype GUI Showing Call Results 81

5.1 Screenshot of Prototype Call Waveforms 88

5.2 “Time Used” Measure 92

5.3 “Used VoIP Segments” Measure 93

5.4 “Time Used” Measure 93

CHAPTER 1

INTRODUCTION

1.1 Overview

Steganography is the process of hiding secret data inside other, normally

transmitted data. In other words, as defined by [40] steganography means hiding of a

secret message within an ordinary message during sending or transmission phases

and its extraction at the destination point. Ideally, anyone scanning this information

will fail to know whether it contains covert data or not.

Steganography applications conceal information in other, seemingly innocent

media. Steganographic results may masquerade as other file for data types, be

concealed within various media, or even hidden in network traffic or disk space. We

are only limited by our imagination in the many ways information and data can be

exploited to conceal additional information [49].

Steganographic techniques for hiding messages have been around for as long

as cryptography and have evolved with technology. One of major advantages of

steganography over simply scrambling messages using cryptographic techniques is

that probable eavesdroppers don't know what to listen to and whether there is a

hidden data or not [23]. A covert channel is one of the most popular steganographic

techniques that can be applied in the networks.

2

The covert channel offers an opportunity to manipulate certain properties of

the communications medium in an unanticipated, unconventional, or unforeseen

way, in order to transmit information through the medium without detection by

anyone other than the entities operating the covert channel [40].

Voice over Internet Protocol (VoIP), or IP telephony, is defined by [1] as a

general term for a family of transmission technologies for delivery of voice

communications over IP networks such as the Internet or other packet-

switched networks".

At the present time, VoIP is one of the most popular services in the Internet.

It was introduced to the telecommunication market and since then, changed it

completely and gradually. As it is used worldwide more freely, the traffic volume

that it generates is still increasing. Because of its popularity, it is becoming a natural

target for steganography. That is why VoIP is appropriate to enable hidden

communication throughout IP networks [40]. This new area and medium of

steganography is going to be one of the most popular media to be used to hide data

over internet networking due to the relatively huge amount of data that could be

hidden, the real time nature of VoIP calls and the bi-directional capability that is

provided by such transmission.

1.2 Background of the Problem

No real-world steganographic method is perfect: no matter what the method

is, the hidden information can be potentially revealed. Generally, the more hidden

information is inserted into the normally transmitted data, the greater the chance it

will be detected [43].

Because the number of steganographic methods and mechanisms which are

applicable on VoIP streaming is large, steganography in VoIP should be considered

3

as an excellent, secure and efficient way to hide data over IP networking. Moreover,

the fact that until now there is no single method to detect hidden data within VoIP

streaming, VoIP steganography should be considered safe and invulnerable for more

few years ahead.

Like conventional steganography, VoIP steganography techniques can be

unsafe to organizations because of the risk of confidential information leakage [28].

These are also the reasons that make some researchers suggested that VoIP

steganography should be treated as a threat to public security. It is thus important to

understand the essential nature of various steganographic methods and, in effect, be

able to construct effective steganalysis solutions.

Nevertheless, for good purposes, it is very useful to identify and find out

better steganographic techniques and approach or to improve the existing ones to

make hiding data within VoIP streams more secure, efficient and practical.

1.3 Problem Statement

Mazurczyk and Szczypiorski [44] stated that securing Internet Telephony is a

complex process. This not only means the ability to make secure conversation

between two communicating parties, but also the security of signaling messages used

to make this call possible at all. It may also means the security of the steganographic

or watermarking channels that may be used within the VoIP streaming signals.

Providing methods and techniques to hide data in a very popular medium like

VoIP is a challenging goal. It is obvious that there are limitations on the amount of

secret data that should be buried in VoIP streaming without affecting the overall

voice stream during VoIP call. The fact that there are limitations on the rate of covert

data makes it harder to introduce secure and practical techniques which provide

4

larger rate of impeded data. In addition, [16] stated that if covert data rate is too high

it may cause voice quality deterioration and increased risk of detection.

The problem that this project is proposed to solve is how to provide or

suggest efficient VoIP steganography techniques or improvements to increase the

rate of the impeded secret data within VoIP stream without effecting the overall

conversation process of the VoIP calls? How VoIP steganography system that

applies one or more of these enhanced techniques could be implemented, keeping in

mind that, to my best knowledge, until now, there is no known such system?

1.4 Project Aim

While the overall idea of using steganography to implement covert

communications is not new, burying hidden message in internet phone calls

represents the latest evolution of steganography [23].

The main aim of this project is to implement a simple prototype by utilizing

some steganography techniques on VoIP streaming in order to investigate how to

increase the overall rate of covert data without affecting the voice quality and with

less rate of detection.

These investigations will be done in accordance with what have been found

by other researchers in this field, even though it is still a very new area of research

and there is only very small number of researches on this subject.

1.5 Project Objectives

The objectives of this project are:

5

1. To study VoIP steganography, analyze its current techniques and discuss their

performance in terms of capacity.

2. To develop a simple lab-based system that performs VoIP steganography

using one or more LSB techniques to illustrate the VoIP steganography

process.

3. To suggest effective ways to improve the capacity of covert data in VoIP

steganography.

1.6 Project Scope

VoIP steganography covers a wide range of information hiding techniques;

including popular techniques based on IP or TCP and others protocols. The main

idea is to use free, redundant or unused fields of these protocols [43].

There are many techniques that could be used to hide communications in

various layers of VoIP traffic. One of them is by taking advantage of unused or

rarely used data fields.

In this research, I will study available covert channels that may be utilized for

hidden communication for SIP protocol used as a signaling protocol for VoIP

service. Moreover, new steganographic methods that were introduced very recently

will be studied in this project. For each of these methods, this research will estimate

potential bandwidth to later evaluate how much information may be transferred in a

typical IP telephony call. I will study also the ability to use the payload of the voice

packets in VoIP real-time steganography process.

As mentioned before, this project program will be designed and implemented

to work in a lab-based environment. This means, the VoIP call will be limited to two

hosts using point-to-point connection with static IP addresses. This is different from

the real life VoIP applications which use client-server calls. As a result, the system

6

will be based on LAN network which provides an environment with almost zero

noise. This will greatly help to get better VoIP steganography performance and

correctness. Due to the complexity of VoIP steganography, only specific basic types

of visual and statistical measures will be considered.

The most important success factors of this project are keeping the overall

changes of the VoIP stream very small so that they can be hardly noticed while

embedding a large amount of covert data and providing maximum extraction of the

hidden information.

1.7 Summary

In this chapter, an introduction to this project is provided as well as the aim,

and objectives of this project. The underlying background of the problem was

explained as the reason to choose this topic of the project. The scope of this project

was identified and the problem statement was declared.