Comparative Analysis Of Steganographic Techniques In Voip Computer Science Essay

Published: Last Edited:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

Steganography is the technique of hiding a secret message or data such that the existence of the same is hard to determine. Steganography is practiced since ancient times for sending secret messages. With the advance in technology and digital world, Steganography is being implemented using technical Steganography tools developed recently. VoIP (Voice over IP) being an emerging technology for making calls over internet, research has been carried out to implement Steganography by creating covert channels over VoIP. This project deals with analysis and implementation of Steganography in VoIP and ways to detect Steganography in the network.


Different layers of TCP/IP Stack such as Application, Transport, Network and Link layer can be used to establish covert channel for steganographic purpose of VoIP streams. Different methods of Steganography for VoIP such as LACK, HICCUPS, protocol steganography and different types of protocol steganography are analyzed in detail and a comparison of all, in terms of efficiency, reliability and other factors will be made in this project work. Suitable method with competitive terms will be suggested and its implementation will be carried out. If time permits, ways and impacts of steganalysis for each method will be considered and discussed, or they will be considered for the future scope of this project.


Steganography is the art of hiding a message such that its mere existence is unpredictable. Word "Steganography" means "covered writing" in Greek and has been used in various forms since more than 1800 years. Secret messages within wax tablets, messages on slave's shaven head hidden by growing hairs, written messages with invisible ink, hidden message written on back of the stamps are some of the examples of Steganography used in ancient times. Steganography has been an emerging technology in this last decade. It started with hiding data in text and covered the areas of data hiding in images, audio and video files. Many tools were developed and implemented for data hiding in such files.

In today's world, internet has become the center of communication. VoIP is one of the most popular areas in IP networks and has changed the image of telephony systems in the market. Along with this emerging technology for communication, comes the question of security, watermarking and reliability. Different encryption techniques have been proposed and implemented and equal number ways of attacking them came into the market.

VoIP has been suitable medium for creating covert channels for hidden communication. According to the specification of US Department of Defense in [1] any covert channel with bandwidth higher than 100 bps is considered insecure for average security requirements and for high security requirements it should not exceed 1 bps.

Following are the three basic possible ways of implementing Steganography in VoIP:

LACK (Lost Audio Packet Steganography);

HICCUPS (Hidden Communication System for Corrupted Networks) and

Protocol Steganography for VoIP streams.

LACK (Lost Audio Packet Steganography)

LACK is the method of Steganography where in the audio packets are intentionally delayed and are actually used for sending secret messages. Usually when the packet does not reach the destination or is delayed by large amount of time that becomes unusable for reconstruction at the receiver, it is considered as lost packet and discarded. This feature of VoIP service can be used for Steganography and is called LACK. For intentional users, the intentionally delayed packets are steganograms and used for sending secret messages, while for unaware users, the delayed packets are discarded by default and the existence of secret message is simply invisible.

This process is briefly shown in the following fig.1 [2]. Scenario (1) shows that N4 is chosen as delayed audio packet for sending steganogram and is sent after a certain delay as seen in scenario (2). In scenario (3), an unaware user is considered on the receiver side, and hence the receiver drops the packet and the packet is lost by default. Scenario (4) has an intentional receiver that considers the delayed packet for steganogram and the secret communication takes place. Performance based on different parameters that needs to be considered will be covered in this project and results in terms of efficiency, packet loss and other parameters will be presented.

Fig. 1 [2]

HICCUPS (Hidden Communication System for Corrupted Networks):

There are imperfections in the transmission medium that leads to natural susceptibility of data distortion. Lot of noise and interferences in communication system exists. Taking advantage of these defects, HICCUPS is implemented as steganographic method for VoIP calls. It works on basis of bandwidth allocation of shared medium networks [3], where wireless networks, which are more vulnerable to data distortion, are targeted. HICCUPS may be applied to cryptosystems working in the network susceptible to interception such as LAN of large range. The numerical value assigned to the data packet based on number of bits in a packet is called checksum, which is used to authenticate whether the data is corrupted or not. Detecting HICCUPS would be very hard. Number of frames with incorrect checksums need to be observed.

Fig. 2 [3] MAC Frame

Three hidden data channels can be created in MAC frame (Fig. 2 [3]) according to [3]:

Channel based on ciphers initialization vectors,

Channel based on MAC network addresses,

Channel based on integrity mechanism values.


Only few fields of headers in the TCP, UDP or IP protocols are changed in the communication process [4]. The redundant fields that are provided in these protocols are often unused and can be utilized for inserting hidden data. There are fields in IP header that can be used as covert channels, as explained in [4]. IP, UDP, TCP and RTP protocols steganography can be applied in network and transport layer, while RTCP protocol steganography and codec SID frames steganography in application layer of TCP/IP stack. Any VoIP call can be divided into signaling phase and conversation phase. RTP protocol is usually used in the conversation phase of the call. Certain fields in the RTP header can be used to create covert channel.


There have been many algorithms and encryption techniques developed with time for secure communication and transfer of data. But no security system is absolutely perfect and unbreakable. Though steganography also has steganalysis methods to detect it, but detecting steganograms steganographed with certain techniques is very hard and nearly impossible due to the problem of interference and deteriorated quality of service due to use of steganalysis implication in the network. Hence if steganography is used for secure communication of secret messages, it can prove more efficient then other techniques, in the way that steganography hides the existence of the message itself.

Literature Survey

Many IEEE papers were reviewed and information is collected from them for study of different methods developed so far for VoIP steganography. Two engineering professors, Wojciech Mazurczyk and Krzysztof Szczypiorski from Warsaw University of technology, have written many papers on Steganography in IP Telephony. Those papers related to VoIP streams steganography have been studies.

Motivation & Application

Apart from sending secret messages in a hidden manner, steganography can be used as Digital Watermarking, authentication, military applications, detect copyright violation. One of the applications would be for the owner of image, uploaded on the internet, to detect the users using the image for their own websites or online purposes through web crawler and check if they have paid for the same or are violating the copyrights. Similar application of VoIP steganography would be to watermark or authenticate VoIP calls. Steganography is also suspected as being used for bad purposes. Hence steganalysis tools are being developed to stop the threats in VoIP steganography. This project will help analyzing the methods of steganography and ways to analyze and control them from harmful applications.


In this project, detailed study of all the methods of VoIP steganography will be done. Concentrated efforts will be on analyzing the protocol steganography and LACK method for covert channels. As shown in the fig. 3 [5], RTP header has four different areas which can be used for sending secret messages:

RTP padding field: when the padding bit P is set, the packet has some padding octets in the header which are not the part of original data. This padding octets can be used for sending hidden data,

Extension header: When X bit is set, the header extension may be used,

Initial Values of Sequence Number and Timestamp fields: the first RTP packet can be used for covert communication since these values are random in it.

All the above mentioned methods will be analyzed in detail and the efficiency parameters considering bit rates and bandwidth will be calculated. Security mechanisms steganography and RTCP free and unused fields that can be used for steganography will be analyzed and PRBR (Packet Raw Bit Rate) will be calculated.


This project gives detailed idea about the ways of steganography in VoIP including the efficiency of each method and steganalysis tools that can be developed to control steganography for harmful purposes based on the implementation of such methods. Analysis of all the methods of VoIP steganography will help determine the best method for steganography in VoIP considering the efficiency parameters and further develop steganalysis tools. Specific comparison will be done between LACK and protocol steganography for covert channels.