A Method For Realizing Covert Communication At Router Driving Layer

The existing information hiding methods mainly focus on the analysis of the header field of the network protocol and the researches of VoIP. Well, the location of embedded covert data is easy to detect, its capacity is limited and the condition of covert communication is limited. In this paper, we propose a method which builds a covert channel between two routers for transmitting large-capacity information at the driver layer. The router is divided into sender and receiver, both of which mount our own driver and user application, intercept UDP packets generated during the user's voice or video call with instant message software. We analyze the UDP characteristics and construct UDP meta-model, and then split the secret information into the payload part of the meta-model with CRC check. The forged UDP is sent out with the common UDP traffic. The receiver router intercepts and identifies the forged UDP packets by CRC check and utilizes the obtained forged UDP to restore the original information. Moreover, we exploited WeChat and QQ voice call to conduct numerous simulations of covert communication, and successfully transmitted the secret information transparently from a network-restricted area to a more relaxed area of network supervision, verifying the concealment of the method.