Application of Perfectly Undetectable Network Steganography Method for Malware Hidden Communication

Abstract

Currently designed malware utilizes various mechanisms allowing to increase the level of its undetectability through static and dynamic analysis. One of such mechanisms may be hiding in overt network traffic proper communication between the attacker and an active malware application on the infected terminal side. In this paper, a design of such a covert channel of communication is proposed, using a StegBlocks method, which is characterized by a proven feature of perfectly undetectable network steganography. An environment was implemented to test the proof of concept of the designed system of covert transmission. Characteristics and limitations of the method were discussed and directions for development were proposed.