• DocumentCode
    508994
  • Title

    A Security Model for VoIP Steganography

  • Author

    Yu, Zhiwei ; Thomborson, Clark ; Wang, Chaokun ; Fu, Junning ; Wang, Jianmin

  • Author_Institution
    Dept. of Comput. Sci. & Technol., Tsinghua Univ., Beijing, China
  • Volume
    1
  • fYear
    2009
  • fDate
    18-20 Nov. 2009
  • Firstpage
    35
  • Lastpage
    40
  • Abstract
    In 2005, an extensive taxonomy of threats for VoIP was published by a prominent industry group. Strangely, this taxonomy does not identify stegocommunication as a threat, even though many steganographic channels have been identified in VoIP protocols. To avoid such security gaps in the future, we argue that stegocommunication should be added to the traditional list of network threats: interruption, interception, modification, fabrication. The stegocommunication threat arises when the communication channel is purchased, provided, or supervised by anyone other than the communicating parties. We illustrate a stegocommunication threat to a business owner Charles. If Charles purchases a VoIP service for business-related communications by an employee Alice, then he faces the risk that Alice may undetectably communicate a business secret to an outside party Bob. In this insider-threat scenario, Charles can mitigate his security risk by installing a stegodetector.
  • Keywords
    IP networks; Internet telephony; protocols; steganography; telecommunication channels; telecommunication security; VoIP protocols; VoIP steganography; business-related communications; communication channel; fabrication threat; insider-threat scenario; interception threat; interruption threat; modification threat; network threats; security model; steganographic channels; stegocommunication; stegodetector; Business communication; Chaotic communication; Communication system security; Computer science; Computer security; Information security; Internet telephony; National security; Steganography; Taxonomy; Security Model; Steganography; VoIP;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Multimedia Information Networking and Security, 2009. MINES '09. International Conference on
  • Conference_Location
    Hubei
  • Print_ISBN
    978-0-7695-3843-3
  • Electronic_ISBN
    978-1-4244-5068-8
  • Type

    conf

  • DOI
    10.1109/MINES.2009.227
  • Filename
    5368981
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=508994