A Feature Watermarking Generation and Embedding Scheme for IPv6 Network

Tao Jun1,2,3, Zhu Zhenchao1,2,3, Wang Zhaoyue1, Li Wenqiang1,2, Sun Weice1,2   

  1. 1(School of Cyber Science and Engineering, Southeast University, Nanjing 211189);2(Key Laboratory of Computer Network and Information Intergration (Southeast University), Ministry of Education, Nanjing 211189);3(Purple Mountain Laboratories for Network Communication and Security, Nanjing 100084)
  2021-11-01
    This work was supported by the National Key Research and Development Program of China (2018YFB1800205), the Fundamental Research Funds for the Central Universities (2242021k30024), Alibaba Cloud College Digital Innovation Project (2021ALA03006), and the Postgraduate Research & Practice Innovation Program of Jiangsu Province (KYCX180103).

Abstract: Under the limitation of space and time resources, researchers exploit the network covert channel, which based on a small amount of watermark information, to trace the attack flow and locate the real attack source. However, the self-similarity of the tracked traffic would appear because of the relatively fixed content and location of the watermark. What’s more, the IPSec encryption protocol embedded in the IPv6 protocol limits the range of carrier choice, which may threaten the watermarking based on the single carrier. In this paper, Targeting at optimizing the watermark invisibility, combined with intermediate node not dividing the packet for IPv6 environment, considering the feature extraction limitation of intermittent transmission network and slow flow network, the feature watermarking sequence extraction strategy associated with the target stream is designed. Aiming at different network transmission scenarios, a packet-dependent watermarking generation based on mixed covert channel and a time-dependent watermarking generation based on mixed time slot are proposed. Extensive experiments show that the watermarking generation technology proposed in this paper can reduce the impact of watermarking embedding on the original traffic, decrease the probability of watermarking being recognized and attack, and improve the imperceptibility of watermark under the premise of certain accuracy.

Key words: feature watermarking, covert channel, mixed interval, IPv6 protocol, flow correlation analysis

