Invisible Flow Watermarks for Channels with Dependent Substitution, Deletion, and Bursty Insertion Errors
Abstract
Flow watermarks efficiently link packet flows in a network in order to thwart various attacks such as stepping stones. We study the problem of designing good flow watermarks. Earlier flow watermarking schemes mostly considered substitution errors, neglecting the effects of packet insertions and deletions that commonly happen within a network. More recent schemes consider packet deletions but often at the expense of the watermark visibility. We present an invisible flow watermarking scheme capable of enduring a large number of packet losses and insertions. To maintain invisibility, our scheme uses quantization index modulation (QIM) to embed the watermark into inter-packet delays, as opposed to time intervals including many packets. As the watermark is injected within individual packets, packet losses and insertions may lead to watermark desynchronization and substitution errors. To address this issue, we add a layer of error-correction coding to our scheme. Experimental results on both synthetic and real network traces demonstrate that our scheme is robust to network jitter, packet drops and splits, while remaining invisible to an attacker.
- Publication:
-
arXiv e-prints
- Pub Date:
- February 2013
- DOI:
- arXiv:
- arXiv:1302.5734
- Bibcode:
- 2013arXiv1302.5734G
- Keywords:
-
- Computer Science - Cryptography and Security;
- Computer Science - Information Theory;
- Computer Science - Networking and Internet Architecture