Covert channel cyber-attack over video stream DCT payload: (Copyright protection algorithm for video and audio streams)

Yoram Segal; Ofer Hadar

doi:10.1007/978-3-030-20951-3_4

Covert channel cyber-attack over video stream DCT payload: (Copyright protection algorithm for video and audio streams)

Yoram Segal, Ofer Hadar

Ben-Gurion University of the Negev

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

The two main cyber-attack techniques via video packets are based on using the packet header or the payload. Most of the standard software protection tools easily detect anomalies in headers since there are fewer places to embed the malicious content. Moreover, due to the relatively small header size, such attacks are limited by the data volumes that can transfer. On the other hand, a cyber-attack that uses video packets’ payload can effectively conceal much more information and produce covert channels. Multimedia covert channels provide reasonable bandwidth and long-lasting transmission streams, suitable for planting malicious information and therefore used as an exploit alternative. The primary focus of this article is a proof of concept of cyber-attack that conceals malicious data in a video payload in the compressed domain, using steganography (in real time). This malicious data is extracted using a covert channel and a malware (that had previously planted at the end user side), on the other side. Additionally, after the implementation of the attack, it is necessary to review its parameters and conclude what the optimal parameters to use in different video scenarios. In this paper, we will demonstrate attacks that take advantage of compressed domain video payload. It is important to note that this method can be used as a method of copyright protection.

Original language	English
Title of host publication	Cyber Security Cryptography and Machine Learning - 3rd International Symposium, CSCML 2019, Proceedings
Editors	Shlomi Dolev, Danny Hendler, Sachin Lodha, Moti Yung
Publisher	Springer Verlag
Pages	47-66
Number of pages	20
ISBN (Print)	9783030209506
DOIs	https://doi.org/10.1007/978-3-030-20951-3_4
State	Published - 2019
Externally published	Yes
Event	3rd International Symposium on Cyber Security Cryptography and Machine Learning, CSCML 2019 - Beer Sheva, Israel Duration: 27 Jun 2019 → 28 Jun 2019

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	11527 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	3rd International Symposium on Cyber Security Cryptography and Machine Learning, CSCML 2019
Country/Territory	Israel
City	Beer Sheva
Period	27/06/19 → 28/06/19

Bibliographical note

Publisher Copyright:
© Springer Nature Switzerland AG 2019.

Keywords

Cyber
DCT
Discrete Cosine Transform
Exploit
Inter prediction
Intra prediction
Invisible covert channel
Motion vectors
Steganography
Steno objects
Watermarking

Access to Document

10.1007/978-3-030-20951-3_4

Cite this

Segal, Y., & Hadar, O. (2019). Covert channel cyber-attack over video stream DCT payload: (Copyright protection algorithm for video and audio streams). In S. Dolev, D. Hendler, S. Lodha, & M. Yung (Eds.), Cyber Security Cryptography and Machine Learning - 3rd International Symposium, CSCML 2019, Proceedings (pp. 47-66). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 11527 LNCS). Springer Verlag. https://doi.org/10.1007/978-3-030-20951-3_4

Segal, Yoram ; Hadar, Ofer. / Covert channel cyber-attack over video stream DCT payload : (Copyright protection algorithm for video and audio streams). Cyber Security Cryptography and Machine Learning - 3rd International Symposium, CSCML 2019, Proceedings. editor / Shlomi Dolev ; Danny Hendler ; Sachin Lodha ; Moti Yung. Springer Verlag, 2019. pp. 47-66 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{87be75982b794dd183e4d91c8035d10e,

title = "Covert channel cyber-attack over video stream DCT payload: (Copyright protection algorithm for video and audio streams)",

abstract = "The two main cyber-attack techniques via video packets are based on using the packet header or the payload. Most of the standard software protection tools easily detect anomalies in headers since there are fewer places to embed the malicious content. Moreover, due to the relatively small header size, such attacks are limited by the data volumes that can transfer. On the other hand, a cyber-attack that uses video packets{\textquoteright} payload can effectively conceal much more information and produce covert channels. Multimedia covert channels provide reasonable bandwidth and long-lasting transmission streams, suitable for planting malicious information and therefore used as an exploit alternative. The primary focus of this article is a proof of concept of cyber-attack that conceals malicious data in a video payload in the compressed domain, using steganography (in real time). This malicious data is extracted using a covert channel and a malware (that had previously planted at the end user side), on the other side. Additionally, after the implementation of the attack, it is necessary to review its parameters and conclude what the optimal parameters to use in different video scenarios. In this paper, we will demonstrate attacks that take advantage of compressed domain video payload. It is important to note that this method can be used as a method of copyright protection.",

keywords = "Cyber, DCT, Discrete Cosine Transform, Exploit, Inter prediction, Intra prediction, Invisible covert channel, Motion vectors, Steganography, Steno objects, Watermarking",

author = "Yoram Segal and Ofer Hadar",

note = "Publisher Copyright: {\textcopyright} Springer Nature Switzerland AG 2019.; 3rd International Symposium on Cyber Security Cryptography and Machine Learning, CSCML 2019 ; Conference date: 27-06-2019 Through 28-06-2019",

year = "2019",

doi = "10.1007/978-3-030-20951-3_4",

language = "אנגלית",

isbn = "9783030209506",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer Verlag",

pages = "47--66",

editor = "Shlomi Dolev and Danny Hendler and Sachin Lodha and Moti Yung",

booktitle = "Cyber Security Cryptography and Machine Learning - 3rd International Symposium, CSCML 2019, Proceedings",

address = "גרמניה",

}

Segal, Y & Hadar, O 2019, Covert channel cyber-attack over video stream DCT payload: (Copyright protection algorithm for video and audio streams). in S Dolev, D Hendler, S Lodha & M Yung (eds), Cyber Security Cryptography and Machine Learning - 3rd International Symposium, CSCML 2019, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 11527 LNCS, Springer Verlag, pp. 47-66, 3rd International Symposium on Cyber Security Cryptography and Machine Learning, CSCML 2019, Beer Sheva, Israel, 27/06/19. https://doi.org/10.1007/978-3-030-20951-3_4

Covert channel cyber-attack over video stream DCT payload: (Copyright protection algorithm for video and audio streams). / Segal, Yoram; Hadar, Ofer.
Cyber Security Cryptography and Machine Learning - 3rd International Symposium, CSCML 2019, Proceedings. ed. / Shlomi Dolev; Danny Hendler; Sachin Lodha; Moti Yung. Springer Verlag, 2019. p. 47-66 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 11527 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Covert channel cyber-attack over video stream DCT payload

T2 - 3rd International Symposium on Cyber Security Cryptography and Machine Learning, CSCML 2019

AU - Segal, Yoram

AU - Hadar, Ofer

N1 - Publisher Copyright: © Springer Nature Switzerland AG 2019.

PY - 2019

Y1 - 2019

N2 - The two main cyber-attack techniques via video packets are based on using the packet header or the payload. Most of the standard software protection tools easily detect anomalies in headers since there are fewer places to embed the malicious content. Moreover, due to the relatively small header size, such attacks are limited by the data volumes that can transfer. On the other hand, a cyber-attack that uses video packets’ payload can effectively conceal much more information and produce covert channels. Multimedia covert channels provide reasonable bandwidth and long-lasting transmission streams, suitable for planting malicious information and therefore used as an exploit alternative. The primary focus of this article is a proof of concept of cyber-attack that conceals malicious data in a video payload in the compressed domain, using steganography (in real time). This malicious data is extracted using a covert channel and a malware (that had previously planted at the end user side), on the other side. Additionally, after the implementation of the attack, it is necessary to review its parameters and conclude what the optimal parameters to use in different video scenarios. In this paper, we will demonstrate attacks that take advantage of compressed domain video payload. It is important to note that this method can be used as a method of copyright protection.

AB - The two main cyber-attack techniques via video packets are based on using the packet header or the payload. Most of the standard software protection tools easily detect anomalies in headers since there are fewer places to embed the malicious content. Moreover, due to the relatively small header size, such attacks are limited by the data volumes that can transfer. On the other hand, a cyber-attack that uses video packets’ payload can effectively conceal much more information and produce covert channels. Multimedia covert channels provide reasonable bandwidth and long-lasting transmission streams, suitable for planting malicious information and therefore used as an exploit alternative. The primary focus of this article is a proof of concept of cyber-attack that conceals malicious data in a video payload in the compressed domain, using steganography (in real time). This malicious data is extracted using a covert channel and a malware (that had previously planted at the end user side), on the other side. Additionally, after the implementation of the attack, it is necessary to review its parameters and conclude what the optimal parameters to use in different video scenarios. In this paper, we will demonstrate attacks that take advantage of compressed domain video payload. It is important to note that this method can be used as a method of copyright protection.

KW - Cyber

KW - DCT

KW - Discrete Cosine Transform

KW - Exploit

KW - Inter prediction

KW - Intra prediction

KW - Invisible covert channel

KW - Motion vectors

KW - Steganography

KW - Steno objects

KW - Watermarking

UR - http://www.scopus.com/inward/record.url?scp=85068207427&partnerID=8YFLogxK

U2 - 10.1007/978-3-030-20951-3_4

DO - 10.1007/978-3-030-20951-3_4

M3 - ???researchoutput.researchoutputtypes.contributiontobookanthology.conference???

AN - SCOPUS:85068207427

SN - 9783030209506

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 47

EP - 66

BT - Cyber Security Cryptography and Machine Learning - 3rd International Symposium, CSCML 2019, Proceedings

A2 - Dolev, Shlomi

A2 - Hendler, Danny

A2 - Lodha, Sachin

A2 - Yung, Moti

PB - Springer Verlag

Y2 - 27 June 2019 through 28 June 2019

ER -

Segal Y, Hadar O. Covert channel cyber-attack over video stream DCT payload: (Copyright protection algorithm for video and audio streams). In Dolev S, Hendler D, Lodha S, Yung M, editors, Cyber Security Cryptography and Machine Learning - 3rd International Symposium, CSCML 2019, Proceedings. Springer Verlag. 2019. p. 47-66. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-030-20951-3_4

Covert channel cyber-attack over video stream DCT payload: (Copyright protection algorithm for video and audio streams)

Abstract

Publication series

Conference

Bibliographical note

Keywords

Access to Document

Other files and links

Fingerprint

Cite this