Abstract
Compared to cryptography, steganography is a less discussed domain. However, there is a recent trend of exploiting various information hiding techniques to empower malware, for instance to bypass security frameworks of mobile devices or to exfiltrate sensitive data. This is mostly due to the need to counteract increasingly sophisticated security mechanisms, such as code analysis, runtime countermeasures, or real-time traffic inspection tools. In this perspective, this paper presents malware exploiting information hiding in a broad sense, i.e., it does not focus on classical covert channels, but also discusses other camouflage techniques. Differently from other works, this paper solely focuses on real-world threats observed in the 2011 - 2017 timeframe. The observation indicates a growing number of malware equipped with some form of data hiding capabilities and a lack of effective and universal countermeasures.
Authors
- Krzysztof Cabaj
This email address is being protected from spambots. You need JavaScript enabled to view it.
Warsaw University of Technology
Warsaw, Poland - Luca Caviglione
This email address is being protected from spambots. You need JavaScript enabled to view it.
National Research Council of Italy
Genoa, Italy - Wojciech Mazurczyk
This email address is being protected from spambots. You need JavaScript enabled to view it.
Warsaw University of Technology
Warsaw, Poland - Steffen Wendzel
This email address is being protected from spambots. You need JavaScript enabled to view it.
Worms University of Applied Science
Worms, Germany - Alan Woodward
This email address is being protected from spambots. You need JavaScript enabled to view it.
University of Surrey
Guildford, UK - Sebastian Zander
This email address is being protected from spambots. You need JavaScript enabled to view it.
Murdoch University
Perth, Australia