【作者】 缪海波；

【导师】 黄刘生；

【作者基本信息】 中国科学技术大学 ， 计算机软件与理论， 2014， 博士

【摘要】 基于流媒体的网络隐信道研究吸引了越来越多学者的关注,作为一种“多通道”载体,流媒体具有瞬时性和不可预测性,以它作为载体构建隐信道进行隐蔽通信,具有其他媒介无法比拟的优势。目前为止,流媒体隐信道在构建算法研究方面已经有不少研究成果,与正向研究相比,其逆向检测研究仍然处于起步阶段,有效的检测算法很少。现有的流媒体隐信道大多局限在G711, G.723.1, G.729a等互联网VoIP编码流中,而随着3G移动网络的迅速发展,基于移动流媒体的隐信道研究必将是未来隐信道的发展趋势。除此以外,流媒体隐信道在系统设计研究和应用研究方面也远远不足。针对目前流媒体隐信道的研究现状,本文从逆向检测研究、正向构建算法研究、系统设计与实现以及应用研究这四个方面展开工作。在逆向检测研究方面,本文设计了两种高效的盲检测算法。第一种是基于马尔科夫状态转移的检测方法,利用多维马尔科夫链对流媒体参数进行建模分析,并将马尔科夫状态转移矩阵作为分类特征矢量。第二种是基于信源熵率的检测方法,该方法使用马尔科夫信源模型对流媒体参数进行统计分析,将马尔科夫信源极限熵作为分类特征值。实验结果表明,这两种方法在检测准确率和检测窗口尺寸方面都要优于现有算法,大大提高了在线检测的能力。在正向研究方面,本文首先提出了基于次优编码的自适应隐信道算法。该方法利用代数码本搜索的冗余性来设计隐写嵌入算法,并引入自适应参数,在变速率编码过程中自动调节嵌入率,使隐写后得到的语音始终保持良好的听觉效果。该方法构建的隐信道带宽最高可达3.2kbpso实验表明,基于次优编码的隐写算法不会给编码器带来额外的计算复杂度,具有良好的不可感知性(语音质量高)和较强的抗检测性,现有的检测算法无法进行有效检测。此外,本文还提出了一种基于码率伪装的高速率隐信道算法,该方法利用流媒体变速率编码器的多码率冗余性设计隐写嵌入算法,它将隐蔽信息填充在低码率编码器语音帧尾部,伪装成高码率的编码器语音帧,并采用SRTP协议加密语音帧保证其安全性。该方法构建的隐信道带宽达到5.6kbps,实验表明该方法在隐藏容量和安全性方面都有较强的实用性。在系统设计与实现研究方面,本文基于正向研究的成果,设计并实现了3G手机上的隐信道系统软件—Stegdroid,该系统引入半可靠的传输控制机制,支持任意形式的数据传输,Stegdroid可以构建单双工隐信道,传输带宽为3.2kbps-5.6kbps。测试结果表明Stegdroid运行稳定,可以在3G、4G和Wifi等网络中使用,具有实际应用意义。在应用研究方面,本文提出使用隐信道来节省流媒体的传输带宽。论文以AMR-WB为例,详细介绍了隐信道降低流媒体传输带宽的基本原理和工作流程,实验结果表明该方法可以为AMR-WB节省10.7%-15.1%(1.6kbps-2.55kbps)的带宽,且基本不会降低AMR-WB的语音质量。该方法有效节约了网络带宽资源,减轻流媒体网络负载。虽然论文只是以AMR-WB为例进行介绍,但基于隐信道降低传输带宽的思想也可以应用到其他流媒体中,其基本原理是一样的。更多还原

【Abstract】 Research on covert channel based on streaming media has been attracting more and more people’s attention. As a "multi-channel" carrier, streaming media is instantaneous and unpredictable. Using it to build covert channel for covert communication has incomparable advantages than others. So far, research on methods of building covert channel based on streaming media have had a number of research results. Compared with the forward studies, the study of reverse detection is still in its infancy, and has little effective detection algorithms. Most of the existing covert channels based on streaming media are limited to the compressed streaming of Internet VoIP such as G.711, G.723.1, G729a. But with the rapid development of3G mobile networks, research on mobile streaming based covert channel must be a trend in the future. In addition, system design and application of covert streaming channels are also far from enough.In view of the current research of covert channel based on streaming media, this article works in the four areas of reverse detection, building algorithms, system design and implementation, as well as application.In the reverse detection research, we design two efficient blind detection algorithm. The first detection method is based on Markov state transition, using Markov chain to model and analyse the parameters of streaming, and employing Markov state transition matrix as the classification feature vector. The second detection method is based on the rate of entropy. The method analyses the parameters of streaming media by using Markov source model. It employes the entropy rate of Markov source as the classification feature. Experimental results show that the two methods are superior to the existing algorithms in the aspects of detection accuracy and the size of detection window, and greatly improve the ability of detecting online.In the forward research, this paper proposes an adaptive covert channel scheme based on suboptimal coding. The method designs the steganographic embedding algorithm by making use of the redundancy of the fixed codebook search process, and introduces an adaptive parameter, to adjust the embedding rate during the switch of coding bit rate, for always keeping good speech qualities. The bandwidth of the covert channel built by the method is up to3.2kbps. Experiments show that the steganography based on suboptimal coding, brings no additional computational complexity to the encoder, and has good imperceptibility (in term of high speech quality) and strong anti-detection property. The existing detection algorithms are useless for the method. In addition, the paper also presents a high rate covert channel based on rate camouflage. It fills the covert messages into the tail of the speech frame of a low bit rate coder, disguised as a speech frame of a high rate coder, and uses SRTP protocol to encrypt the frame for safety. The bandwidth of the covert channel built by the method is up to5.6kbps. Experiments show that the method has the strong usability in terms of hidden capacity and safety.In the system design and implementation research, based on the positive results of the forward research, the paper design and implement a covert channel system on3G phone-Stegdroid. The system introduces semi-reliable transmission control mechanism and supports any form of data transmission. Stegdroid can build single and duplex covert channels, with a bandwidth among3.2kbps～5.6kbps. Test results show Stegdroid is stable, and can be used in3G,4G and wifi networks, which has a strong usability.In application research, we propose to use covert channel to save transmission bandwidth of streaming media. Taking the AMR-WB for example, the paper details the basic principles and workflow of using covert channel to reduce the transmission bandwidth of streaming media. The experimental results show that this method can contribute to10.7%～15.1%(1.6kbps～2.55kbps) bandwidth reduction for AMR-WB, with little degradation of the speech quality. This method can effectively save network bandwidth resources, reducing the load of streaming media network. Although the method is only applied to AMR-WB as an example in this article, the idea can be be further applied in any other streaming media and the basic principle is the same.更多还原