Abstract

When the abstract was writing this master's work was not complete yet. Final completion: june 2019. Full text of work and materials on the topic can be obtained from the website after this date.

Content

• Introduction
• 1. Topicality
• 2. Goal and tasks of the research
• 3. Information Security Tools
• 4. Cryptographic and steganographic approaches to information security
• 4.1. Cryptography
• 4.2. Steganography
• 5. Covert Channels
• 5.1. Distinctive features
• 5.2. Removing hidden channels
• 5.3. Hiding data in the OSI modelI
• 5.4. Hiding data in the TCP / IP protocol suite
• Conclusion
• References

Introduction

In many cases, it is necessary to protect transmitted (or stored) information from unauthorized use. This is required when solving state, diplomatic, military tasks, in business (commerce), when researching new scientific and technical problems, in developing original technological processes and devices. Protect information is required when document management in public organizations and in the conduct of private correspondence. The development of modern telecommunication technologies cannot be imagined without the protection of transmitted information.p>

1. Topicality

The need to develop and research new systems with hidden information transfer is due to the vulnerability of existing methods of protecting information (the presence of effective attacks on existing ciphers). A number of cryptographic protection methods are based on complex mathematical problems, for which it is considered that there are no effective methods for their solution. However, the presence of such methods in one of the parties makes the use of cryptographic protection useless. For this reason, it is necessary to create several levels of protection, which include cryptographic methods for transforming information, steganographic methods for hiding information, and using features of information exchange protocols in telecommunication networks.

2. Goal and tasks of the research

The purpose of the work is to develop and research ways to protect information transmitted over networks based on the TCP / IP protocol stack, which can increase message security.

To achieve this goal, the following tasks were solved:

1. Various methods of covert information transmission in telecommunication networks have been investigated;
2. The TCP / IP protocol stack was analyzed for the possibility of creating a hidden virtual channel;
3. New methods of covert information transmission in telecommunication networks based on the TCP / IP protocol stack have been developed;
4. A new cryptographic data transformation method has been developed.

3. Information Security Tools

Information protection means is a combination of engineering, electrical, electronic, optical and other devices and devices, devices and technical systems, as well as other real elements used to solve various problems of protecting information, including preventing leakage and ensuring the security of information[1].

In general, the means of ensuring the protection of information in part prevention of deliberate actions depending on the method of implementation can be divided into groups:

Technical (hardware) tools. These are various types of devices (mechanical, electromechanical, electronic, etc.) that are used by hardware to solve information protection tasks.

Software tools include programs for user identification, access control, information encryption, deletion of residual (working) information such as temporary files, test control of the protection system, etc.[2]

4. Cryptographic and steganographic approaches to protecting information

4.1. Cryptography

Cryptography is the science of methods of ensuring confidentiality (the inability to read information by an outsider), data integrity (the impossibility of imperceptibly changing information), authentication (authentication of authorship or other properties of an object), and the impossibility of giving up authorship.[2]

Modern cryptography is characterized by the use of open encryption algorithms involving the use of computational tools. There are more than a dozen proven encryption algorithms that, when using a key of sufficient length and the correct implementation of the cryptographic algorithm, are secure. Common algorithms:

1. Symmetric DES, AES, ГОСТ 28147-89, Camellia, Twofish, Blowfish, IDEA, RC4 и др.;
2. Asymmetric RSA и Elgamal (Эль-Гамаль);
3. Hash functions MD4, MD5, MD6, SHA-1, SHA-2, ГОСТ Р 34.11-94.

Figure 1 shows the general classification of cryptographic algorithms.

Figure 1 – General classification of cryptographic algorithms (animation: 7 frames, 20.6 KB)

4.2.Steganography

Steganography is a method of transferring or storing information, taking into account the fact that such transfer (storage) is kept secret.

Unlike cryptography, which hides the contents of a secret message, steganography hides the very fact of its existence.

The advantage of steganography over pure cryptography is that messages do not attract attention. Thus, cryptography protects the content of the message, and steganography protects the very existence of any hidden messages.[4]

In the late 1990s, several areas of steganography emerged:

1. Classic;
2. Computer;
3. Digital.

The block diagram of the stegosystem is shown in Figure 2.

Figure 2 – Block diagram of the stegosystem

5. Covert Channels

5.1.Distinctive features

A covert channel is a communication channel that sends information using a method that was not originally intended for this.

5.2.Eliminate hidden channels

The possibility of having hidden channels cannot be completely eliminated, but it can be significantly reduced by carefully designing the system and analyzing it.

Detecting the covert channel can be made more difficult when using media characteristics for legal channels that are never monitored or verified by user.

Hidden channels in IP-based networks on the mechanism of information transfer divided into channels of memory and time. The continuation of this partition is shown schematically in Figure 3.

Figure 3 – Separation of covert channels in IP networks by transmission mechanism

5.3.Hiding data in the OSI model

Established general principles for hiding data at each of the seven layers of the OSI model. Besides the fact that Handel and Sanford suggested using the reserved protocol header fields (which is easily detectable), they also suggested the possibility of time-based channels relating to the operation on CSMA / CD at the physical level.[6]

5.4.Hiding data in the TCP / IP protocol suite

When a TCP connection is established, the transmitting side (node A) sets the SYN flag and selects an arbitrary 32-bit sequence number (Sequence Number, or abbreviated as SEQ). If the receiving party (node B) agrees to accept node A into its embrace, it sends it a packet with the ACK flag set and the acknowledgment number (Acknowledgment Number) equal to SEQ + 1, and also generates its own sequence number selected at random. Node A, having received confirmation, proceeds in a similar way, which is clearly shown in Figure 4:

Figure 4 – TCP data transfer schemep>

ISN is the initial sequence number (Initial Sequence Number), unique to each TCP / IP connection. Since the connection is established, the sequence numbers are systematically increased by the number of bytes received / sent. However, we will not delve into the theory. The 32-bit ISN field can be modified in a pseudo-random manner, “modulated” by secret data[7].

Conclusions

This research paper provides an overview of existing methods for protecting information in telecommunications networks.

References

1. Степанов Е.А., Корнеев И.К. Информационная безопасность и защита информации. Учебное пособие М.: ИНФРА-М, 2014. - 304 c.
2. Шнайер Б., Прикладная криптография. Протоколы, алгоритмы, исходные тексты на языке С М.: Триумф, 2002 - 816 с.;
3. Фергюсон Н., Шнайер Б., Практическая криптография М.: «Диалектика», 2004 - 432 с.;
4. Грибунин В.Г., Оков И.Н., Туринцев И.В. Цифровая стеганография М.: СОЛОН-Пресс, 2002. - 272 с.;
5. Конахович Г.Ф., Пузыренко А.Ю. Компьютерная стеганография. Теория и практика. К.: «МК-Пресс», 2006. - 288 с.;
6. Шаньгин В.Ф. Защита информации в компьютерных системах и сетях М.: "ДМК пресс. Электронные книги", 2014. - 592 c.;
7. Молдовян А.А., Молдовян Н.А., Гуц Н.Д., Изотов Б.В. Криптография: скоростные шифры. СПб.: БХВ-Петербург, 2002. - 496 с.;
8. Олифер В.Г., Олифер Н.А. Компьютерные сети. Принципы, технологии протоколы: Учебник для вузов. 3-е изд. СПб.: Питер, 2006. - 958 с.;
9. Снейдер Й., Эффективное программирование TCP/IP. СПб: Питер, 2001 – 320с.
10. Хорст Файстель. Криптография и компьютерная безопасность. Перевод Андрея Винокурова.