Skip to main content
Conference ProceedingsOPEN ACCESS

How to make an intrusion detection systemaware of steganographic transmission

ACM International Conference Proceeding Series (2021) 77-82
DOI: 10.1145/3487405.3487421
8Citations
Citations of this article
15Readers
Mendeley users who have this article in their library.

Abstract

Information hiding techniques are becoming a major threat in network communication. This paper describes how to modify an intrusion detection system (IDS) to detect certain types of steganography. As a sample IDS we use open-source Zeek software. We show how to adapt it for the purpose of steganalysis. Additionally, we propose a set of validation tests that are suitable for detecting steganography and describe how they were applied to different types of covert channels. We also suggest how to build a steganography detection system by integrating Zeek with a security information and event management system with log and alert support. The scripts are freely available for download.

Author supplied keywords

Cite

CITATION STYLE

APA

Koziak, T., Wasielewska, K., & Janicki, A. (2021). How to make an intrusion detection systemaware of steganographic transmission. In ACM International Conference Proceeding Series (pp. 77–82). Association for Computing Machinery. https://doi.org/10.1145/3487405.3487421

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free