Research On Construction Methods Of VoLTE Covert Channels

A covert channel is defined as a covert communication method using authorized overt channels as carrier media for the covert message.Network covert channels have become a safe and effective means to covertly transmit covert message in overt network traffic,which are classified into covert timing channels and covert storage channels.Covert timing channels transfer the covert message by modulating the timing behavior of the entity in overt communications.Covert storage channels usually hide the covert message into the network protocol fields.Vo LTE(Voice over LTE)is an IP-based voice and video calling solution over LTE(Long Term Evolution)networks.Compared with Internet-based Vo IP(Voice over IP)applications,Vo LTE provides high-quality voice and video calling services.Moreover,Vo LTE has been widely adopted in 4G mobile networks and will be the foundation for telecom-grade voice and video calling services in future 5G networks.With the popularization of Vo LTE,the covert channels over Vo LTE traffic will attract more attention,and its research is of great significance to the data transmission security of mobile networks.Based on the study of Vo LTE traffic characteristics,three undetectable and robust Vo LTE covert channels are constructed over Vo LTE traffic by RTCP packet reordering,voice packet and video packet interleaving rearrangement,and silence period adjustment respectively.The achieved innovations are mainly summarized as follows:(1)A scheme for constructing a Vo LTE covert channel is proposed,which is realized through RTCP packet rearrangement over Vo LTE video traffic.The covert message is modulated into the numbers of packets between RTCP packets in the Vo LTE video traffic.Since the number of packets is random,the covert message can be hidden by a moderate adjustment of the numbers of packets.In order to mitigate the impact of network jitter on the covert channel,this scheme encodes the covert message by Gray code to improve the robustness of the covert channel.In order to achieve the undetectability of the covert channel,this scheme designs a variable code length encoding method to modulate the numbers of packets between RTCP packets so that the distribution of covert traffic better fits the distribution of the overt traffic.The experimental results show that the covert channel can resist the detection of commonly used statistical detection methods such as KS and KLD tests,and outperforms the covert channels based on inter-packet delay in terms of robustness.(2)A method for building a high-capacity Vo LTE covert channel is proposed,which is based on interleaving rearrangement of voice packets and video packets over Vo LTE mixed traffic.Due to the number of video packets in the voice packet interval is random,the covert message can be modulated into the numbers of video packets.Moreover,this method helps to increase the capacity of the covert channel.To achieve the undetectability of the covert channel,the approach adopts modular operation and the block composed of voice packet intervals to reduce the distribution difference between the covert traffic and the overt traffic.To deal with different adversary models,two different schemes are designed including the one based on video frames and another based on video packets.The difference between the two schemes is whether the rearranged video packets belong to the same video frame.The experimental results show that this solution can achieve high capacity while keeping undetectable and robust.(3)An approach for constructing a Vo LTE covert channel is introduced,which is implemented by silence period adjustment over Vo LTE voice traffic.Since the length of the silence period is random,the covert message can be modulated by postponing or extending the silence periods.The number of bits of the covert message is adjusted by the timing window,and the modulation process ensures the undetectability by filtering the positions where the silence period can be adjusted.The robustness of the covert channel is improved by Gray code encoding method and the silence period grouping strategy.Experimental results have verified that this solution not only can resist the KS test and KLD test,but also can resist the detection of the number and proportion of SID(Silence Insertion Descriptor)frames in the silence periods.Moreover,the adjustment of silence periods has little effect on the voice quality of Vo LTE voice calling and can meet the requirements of Vo LTE high-definition voice.