Title: A novel covert channel based on the IP header record route option

Authors: Zouheir Trabelsi, Hesham El-Sayed, Lilia Frikha, Tamer Rabie

Addresses: College of Information Technology, United Arab Emirates University, P.O. Box 17555, Al-Ain, UAE. ' College of Information Technology, United Arab Emirates University, P.O. Box 17555, Al-Ain, UAE. ' College of Telecommunications (SupCom), The University of Carthage, Cite Technologique des Communications, Route de Raoued Km 3,5 – 2083 El Ghazala, Ariana, Tunisia. ' College of Information Technology, United Arab Emirates University, P.O. Box 17555, Al-Ain, UAE

Abstract: In this paper we propose a novel covert channel for exchanging secret information, based on the IP header record route options. Instead of encrypting a secret message or embedding it into a multimedia object, as in traditional steganography, we process the entire message and generate several IP packets with different types to carry the secret information. Thereby we foil an eavesdropper who is primarily applying statistical tests to detect encrypted channels. We show that our approach provides more protection against steganalysis and sniffing attacks, and gives a covert channel capacity which is an order of magnitude higher than traditional methods.

Keywords: covert channels; hidden information; IP header record route options; steganalysis; traceroute; secret information; eavesdropping; secrecy; security; steganography; encryption; sniffing attacks; surveillance; network protocols.

DOI: 10.1504/IJAMC.2007.014811

International Journal of Advanced Media and Communication, 2007 Vol.1 No.4, pp.328 - 350

Published online: 09 Aug 2007 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article