Application of Perfectly Undetectable Network Steganography Method for Malware Hidden Communication

Patryk Bąk , Jędrzej Bieniasz , Michał Krzemiński , Krzysztof Szczypiorski


Currently designed malware utilizes various mechanisms allowing to increase the level of its undetectability through static and dynamic analysis. One of such mechanisms may be hiding in overt network traffic proper communication between the attacker and an active malware application on the infected terminal side. In this paper, a design of such a covert channel of communication is proposed, using a StegBlocks method, which is characterized by a proven feature of perfectly undetectable network steganography. An environment was implemented to test the proof of concept of the designed system of covert transmission. Characteristics and limitations of the method were discussed and directions for development were proposed.
Author Patryk Bąk (FEIT / IT)
Patryk Bąk,,
- The Institute of Telecommunications
, Jędrzej Bieniasz (FEIT / IT)
Jędrzej Bieniasz,,
- The Institute of Telecommunications
, Michał Krzemiński (FEIT / IT)
Michał Krzemiński,,
- The Institute of Telecommunications
, Krzysztof Szczypiorski (FEIT / IT)
Krzysztof Szczypiorski,,
- The Institute of Telecommunications
Total number of authors7
Publication size in sheets0.5
Book Jacques Blanc-Talon, Szczypiorski Krzysztof (eds.): Proceedings of the 4th International Conference on Frontiers of Signal Processing - ICFSP 2018, 2018, Institute of Electrical and Electronics Engineers, ISBN 978-1-5386-7852-7, 175 p.
Keywords in Englishmalware, information hiding, StegBlocks, covert channels
projectThe Develpment of Digital Communicatios. Project leader: Siuzdak Jerzy, , Phone: +48 22 234-7868, start date 07-06-2017, end date 30-11-2018, IT/2017/statut, Completed
WEiTI Działalność statutowa
Languageen angielski
2018 Bieniasz Szczypiorski Application of Perfectly Undetectable.pdf 128.62 KB
Score (nominal)15
ScoreMinisterial score = 15.0, 29-04-2019, ChapterFromConference
Ministerial score (2013-2016) = 15.0, 29-04-2019, ChapterFromConference
Publication indicators Scopus Citations = 0
Citation count*
Share Share

Get link to the record

* presented citation count is obtained through Internet information analysis and it is close to the number calculated by the Publish or Perish system.