DNS ID Covert Channel based on Lower Bound Steganography for Normal DNS ID Distribution
The covert channel is a method used to send secret data within a communication channel in unauthorized ways. This is performed by exploiting the weaknesses in packet or network communications with the intention to hide the existence of a covert communication. The DNS identification (DNS ID) method has been exploited by Thyer. However, the major problem in Thyers implementation is that the encrypted cipher was directly inserted as a DNS ID value, which is abnormal, compared to the normal DNS ID distribution. We have overcome this problem through the application of Steganography to insert the cipher value into the DNS ID. The data set test for normal DNS ID is taken from MAWI. We tested four different message lengths and plotted the distribution graph. We found that the proposed result is normal compared to normal distribution of the DNS ID. Therefore, this method produces a normal distribution for DNS ID covert channel.
Keywords: DNS Identification, Covert Channel, Normal Distribution.
Download Full-Text
ABOUT THE AUTHORS
Abdulrahman H. Altalhi
Abdulrahman H. Altalhi is an assistant professor of Information Technology at King Abdulaziz University (KAU). He received a BSc in Computer Science from KAU on December of 1993, MSc on Computer Science from the University of New Orleans on August of 1998. He has obtained his Ph.D. in Engineering and Applied Sciences (Computer Science) from the University of New Orleans on May of 2004. He served as the chairman of the IT department at KAU for two years (2007-2008). Currently, he is the Vice Dean of the College of Computing and Information Technology of KAU. His research interest include: Networking, Wireless Networks, Computer Security, Software Engineering, and Computing Education.
Md Asri Ngadi
Md Asri Ngadi received his BSc in Computer Science,and the MSc in Computer Systems from Universiti Teknologi Malaysia in 1997 and 1999 respectively, and the PhD degree from Aston University, UK in 2004. He is an associate professor in the Faculty of Computer Science and Information System, Universiti Teknologi Malaysia His research interests are computer systems and security,information assurance and network security.
Syaril Nizam Omar
Syaril Nizam Omar is currently a PhD student in the Department of Computer Systems and Communications of the Faculty of Computer Science and Information Systems at the Universiti Teknologi Malaysia. He obtained M.Sc. Information Security from Universiti Teknologi Malaysia (Malaysia) in 2008. He has been involved in lots of academic research since then; presently he is a member of Pervasive Computing Research Group at UTM, while his research interest is Information Hiding.
Zailani Mohamed Sidek
Zailani Mohamed Sidek Received Diploma in Agriculture, University of Agriculture, Malaysia in 1977, BSc in Business Administration from California State University, Fresno, USA in 1982, MSc in MIS from Texas Tech University, USA in 1984, and PhD in Computer Science from Universiti Teknologi Malaysia, Malaysia in 2005. He worked as a Bank Credit Officer in the Agriculture Bank of Malaysia in 1977-1980; Lecturer in the Universiti Teknologi Malaysia, Malaysia in 1982-present; Head of Department in the Faculty of Computer Science & Information Systems, UTM, Malaysia in 1989-1995. He is currently lecturing in the Advanced Informatics School, Universiti Teknologi Malaysia International Campus, Kuala Lumpur, Malaysia.
Abdulrahman H. Altalhi
Abdulrahman H. Altalhi is an assistant professor of Information Technology at King Abdulaziz University (KAU). He received a BSc in Computer Science from KAU on December of 1993, MSc on Computer Science from the University of New Orleans on August of 1998. He has obtained his Ph.D. in Engineering and Applied Sciences (Computer Science) from the University of New Orleans on May of 2004. He served as the chairman of the IT department at KAU for two years (2007-2008). Currently, he is the Vice Dean of the College of Computing and Information Technology of KAU. His research interest include: Networking, Wireless Networks, Computer Security, Software Engineering, and Computing Education.
Md Asri Ngadi
Md Asri Ngadi received his BSc in Computer Science,and the MSc in Computer Systems from Universiti Teknologi Malaysia in 1997 and 1999 respectively, and the PhD degree from Aston University, UK in 2004. He is an associate professor in the Faculty of Computer Science and Information System, Universiti Teknologi Malaysia His research interests are computer systems and security,information assurance and network security.
Syaril Nizam Omar
Syaril Nizam Omar is currently a PhD student in the Department of Computer Systems and Communications of the Faculty of Computer Science and Information Systems at the Universiti Teknologi Malaysia. He obtained M.Sc. Information Security from Universiti Teknologi Malaysia (Malaysia) in 2008. He has been involved in lots of academic research since then; presently he is a member of Pervasive Computing Research Group at UTM, while his research interest is Information Hiding.
Zailani Mohamed Sidek
Zailani Mohamed Sidek Received Diploma in Agriculture, University of Agriculture, Malaysia in 1977, BSc in Business Administration from California State University, Fresno, USA in 1982, MSc in MIS from Texas Tech University, USA in 1984, and PhD in Computer Science from Universiti Teknologi Malaysia, Malaysia in 2005. He worked as a Bank Credit Officer in the Agriculture Bank of Malaysia in 1977-1980; Lecturer in the Universiti Teknologi Malaysia, Malaysia in 1982-present; Head of Department in the Faculty of Computer Science & Information Systems, UTM, Malaysia in 1989-1995. He is currently lecturing in the Advanced Informatics School, Universiti Teknologi Malaysia International Campus, Kuala Lumpur, Malaysia.
