130 likes | 155 Views
Explore HICCUPS, a network steganographic system designed for shared medium networks, particularly WLANs. Discover its operational details, performance, functional parts, and the advantages and disadvantages it offers.
E N D
HICCUPS: Hidden Communication Systemfor Corrupted Networks From:The Tenth International MultiConference on Advanced Computer Systems ACS'2003. Midzyzdroje. 22-24 October 2004. pp. 31-40 Author: KRZYSZTOF SZCZYPIORSKI
Outline • What is HICCUPS? • IEEE LAN RM vs.TCP/IP Protocol Suite • HICCUPS OPERATION • Functional Parts of HICCUPS • Performance of HICCUPS • Conclusion • Reference
What is HICCUPS? • Hidden Communication Systemfor Corrupted Networks • Work on wireless local area networks. • Use checksum to verify which frame has steganogram. • Must have special hardware which do not discard the frame with wrong checksum.
HICCUPS OPERATION • It is possible to create three hidden data channels (HDC) in MAC frame in networks • HDC1: channel based on cipher’s initialization vectors. • HDC2: channel based on MAC network addresses (for example destination and source). • HDC3: channel based on integrity mechanism values (for example frame checksums).
HICCUPS OPERATION(Cont.) • http://www.youtube.com/watch?feature=player_embedded&v=OWmZBwoI0o0
Functional Parts of HICCUPS • FP1: network cards dedicated. Network cards should have possibility to control HDC1-HDC3 and data payload in MAC frame. • FP2: management system to control HDC1-HDC3 and data payload in MAC frame
Functional Parts of HICCUPS (Cont.) • The management system (P2) may be produced in software or hardware and should perform functions mentioned below: · joining hidden group, · leaving hidden group, · providing interface to upper network layer to control HDC1-HDC3 and data payload in MAC frame,with cryptographic extension: · key agreement/key exchange, · key refresh, · encryption/decryption.
Performance of HICCUPS • assuming that real FER is 1.5%, stations may pretend that FER is 2.5%. • For 11 Mbit/s IEEE 802.11b network [5] with 40% usage of bandwidth we have: 11 Mbit/s· 40%· (2.5%-1.5%) = 44 kbit/s for steganographic system. • For 54 Mbit/s IEEE 802.11g network [6] • we have: 216 kbit/s.
Conclusion • HICCUPS is a new network steganographic systemdedicated to shared medium networks especially to WLAN • Advantage:Very fast(200 Kbs/sec) • Disadvantage: • There are too many corrupted frame. • Must have special hardware which do not discard the frame with wrong checksum.
Reference • [1] Szczypiorski, K.: HICCUPS: Hidden Communication System for Coruppted Networks. In Proc: The Tenth International MultiConference on Advanced Computer Systems ACS'2003. Midzyzdroje. 22-24 October 2004. pp. 31-40 • [2]http://en.wikipedia.org/wiki/Stegenography • [3] Krzysztof Szczypiorski (4 November 2003). "Steganography in TCP/IP Networks. State of the Art and a Proposal of a New System - HICCUPS". Institute of Telecommunications Seminar. Retrieved 17 June 2010. • [4] http://stegano.net/tutorial/steg-met.html • [5] IEEE 802.11b-1999 Supplement to 802.11-1999, Wireless LAN MAC and PHY specifications: Higher speed Physical Layer (PHY) extension in the 2.4 GHz band • [6] IEEE 802.11b-1999 Supplement to 802.11-1999, Wireless LAN MAC and PHY • specifications: Higher speed Physical Layer (PHY) extension in the 2.4 GHz band