Detecting Parallel Covert Data Transmission Channels in Video Conferencing Using Machine Learning
Covert communication channels are a concept in which a policy-breaking method is used in order to covertly transmit data from inside an organization to an external or accessible point. VoIP and Video systems are exposed to such attacks on different layers, such as the underlying real-time transport...
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
MDPI AG
2023-02-01
|
| Series: | Electronics |
| Subjects: | |
| Online Access: | https://www.mdpi.com/2079-9292/12/5/1091 |
| _version_ | 1797615513477578752 |
|---|---|
| author | Ofir Joseph Avshalom Elmalech Chen Hajaj |
| author_facet | Ofir Joseph Avshalom Elmalech Chen Hajaj |
| author_sort | Ofir Joseph |
| collection | DOAJ |
| description | Covert communication channels are a concept in which a policy-breaking method is used in order to covertly transmit data from inside an organization to an external or accessible point. VoIP and Video systems are exposed to such attacks on different layers, such as the underlying real-time transport protocol (RTP) which uses Transmission Control Protocol (TCP) or User Datagram Protocol (UDP) packet streams to punch a hole through Network address translation (NAT). This paper presents different innovative attack methods utilizing covert communication and RTP channels to spread malware or to create a data leak channel between different organizations. The demonstrated attacks are based on a UDP punch hole created using Skype peer-to-peer video conferencing communication. The different attack methods were successfully able to transmit a small text file in an undetectable manner by observing the communication channel, and without causing interruption to the audio/video channels or creating a noticeable disturbance to the quality. While these attacks are hard to detect by the eye, we show that applying classical Machine Learning algorithms to detect these covert channels on statistical features sampled from the communication channel is effective for one type of attack. |
| first_indexed | 2024-03-11T07:27:35Z |
| format | Article |
| id | doaj.art-63c56b6674184874adf3d7e785425010 |
| institution | Directory Open Access Journal |
| issn | 2079-9292 |
| language | English |
| last_indexed | 2024-03-11T07:27:35Z |
| publishDate | 2023-02-01 |
| publisher | MDPI AG |
| record_format | Article |
| series | Electronics |
| spelling | doaj.art-63c56b6674184874adf3d7e7854250102023-11-17T07:31:35ZengMDPI AGElectronics2079-92922023-02-01125109110.3390/electronics12051091Detecting Parallel Covert Data Transmission Channels in Video Conferencing Using Machine LearningOfir Joseph0Avshalom Elmalech1Chen Hajaj2Information Science Department, Bar-Ilan University, Ramat Gan 5290002, IsraelInformation Science Department, Bar-Ilan University, Ramat Gan 5290002, IsraelDepartment of Industrial Engineering and Management, Ariel University, Ariel 4076414, IsraelCovert communication channels are a concept in which a policy-breaking method is used in order to covertly transmit data from inside an organization to an external or accessible point. VoIP and Video systems are exposed to such attacks on different layers, such as the underlying real-time transport protocol (RTP) which uses Transmission Control Protocol (TCP) or User Datagram Protocol (UDP) packet streams to punch a hole through Network address translation (NAT). This paper presents different innovative attack methods utilizing covert communication and RTP channels to spread malware or to create a data leak channel between different organizations. The demonstrated attacks are based on a UDP punch hole created using Skype peer-to-peer video conferencing communication. The different attack methods were successfully able to transmit a small text file in an undetectable manner by observing the communication channel, and without causing interruption to the audio/video channels or creating a noticeable disturbance to the quality. While these attacks are hard to detect by the eye, we show that applying classical Machine Learning algorithms to detect these covert channels on statistical features sampled from the communication channel is effective for one type of attack.https://www.mdpi.com/2079-9292/12/5/1091AI/ML for communication and networkingcovert channelshole punchingsecurityprivacy and content protectionmachine learning |
| spellingShingle | Ofir Joseph Avshalom Elmalech Chen Hajaj Detecting Parallel Covert Data Transmission Channels in Video Conferencing Using Machine Learning Electronics AI/ML for communication and networking covert channels hole punching security privacy and content protection machine learning |
| title | Detecting Parallel Covert Data Transmission Channels in Video Conferencing Using Machine Learning |
| title_full | Detecting Parallel Covert Data Transmission Channels in Video Conferencing Using Machine Learning |
| title_fullStr | Detecting Parallel Covert Data Transmission Channels in Video Conferencing Using Machine Learning |
| title_full_unstemmed | Detecting Parallel Covert Data Transmission Channels in Video Conferencing Using Machine Learning |
| title_short | Detecting Parallel Covert Data Transmission Channels in Video Conferencing Using Machine Learning |
| title_sort | detecting parallel covert data transmission channels in video conferencing using machine learning |
| topic | AI/ML for communication and networking covert channels hole punching security privacy and content protection machine learning |
| url | https://www.mdpi.com/2079-9292/12/5/1091 |
| work_keys_str_mv | AT ofirjoseph detectingparallelcovertdatatransmissionchannelsinvideoconferencingusingmachinelearning AT avshalomelmalech detectingparallelcovertdatatransmissionchannelsinvideoconferencingusingmachinelearning AT chenhajaj detectingparallelcovertdatatransmissionchannelsinvideoconferencingusingmachinelearning |