New Steganographic Methods for Data Hiding in the Payloads of Marked IP Datagrams

The payload of a datagram carries the user data which is required to be transmitted from the source to the destination. So to hide sensitive data in a datagram payload; the data should be first encrypted or hashed then embedded in the payload. Furthermore; the datagram source needs to mark the stego datagrams and mix them with normal ones, and the datagram receiver needs to check for the mark to identify the stego datagrams and excludes them away from the received stream, and then decodes the hidden data. This paper suggests two steganographic methods for data hiding in the payloads of marked IP datagrams. The first suggested method uses an appropriate encryption algorithm and key to encrypt the plaintext blocks, then embeds the resulted ciphertext blocks in the payloads of marked IP packets. The second method hides data in the payloads of marked IP packets' fragments sets. In the second method; IP packet fragmentation is required as the fragment offset field of the fragment (except the first fragment) is used by an intelligent way to hash data blocks before embedding them in its corresponding fragment payload, encryption could be used as an option to encrypt the data before or after hashing it, the matter which provides different available scenarios for this method. The paper also briefly discusses the confidentiality effect of using the IPsec encryption with its different modes with each suggested steganographic method.