Synthetic Embedding of Hidden Information in Industrial Control System   Network Protocols for Evaluation of Steganographic Malware

Tom Neubert; Bjarne Peuker; Laura Buxhoidt; Eric Schueler; Claus; Vielhauer

arXiv:2406.19338·cs.CR·June 28, 2024

Synthetic Embedding of Hidden Information in Industrial Control System Network Protocols for Evaluation of Steganographic Malware

Tom Neubert, Bjarne Peuker, Laura Buxhoidt, Eric Schueler, Claus, Vielhauer

PDF

Open Access

TL;DR

This paper presents a method to generate synthetic steganographic network data for industrial control systems, enabling efficient training and evaluation of defense mechanisms against hidden information attacks.

Contribution

It introduces a novel embedding concept that produces synthetic steganographic data rapidly, surpassing current methods, to improve cybersecurity defenses in ICS networks.

Findings

01

Synthetic data generation is faster than existing methods.

02

The approach effectively simulates steganographic embedding in ICS network protocols.

03

Enhanced training datasets improve detection of steganographic malware.

Abstract

For the last several years, the embedding of hidden information by steganographic techniques in network communications is increasingly used by attackers in order to obscure data infiltration, exfiltration or command and control in IT (information technology) and OT (operational technology) systems. Especially industrial control systems (ICS) and critical infrastructures have increased protection requirements. Currently, network defense mechanisms are unfortunately quite ineffective against novel attacks based on network steganography. Thus, on the one hand huge amounts of network data with steganographic embedding is required to train, evaluate and improve defense mechanisms. On the other hand, the real-time embedding of hidden information in productive ICS networks is crucial due to safety violations. Additionally it is time consuming because it needs special laboratory setup. To…

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.

Taxonomy

TopicsNetwork Security and Intrusion Detection · Advanced Steganography and Watermarking Techniques · Internet Traffic Analysis and Secure E-voting