Hiding Information in Retransmissions

The paper presents a new steganographic method called RSTEG (Retransmission Steganography) which is intended for a broad class of protocols that utilize retransmission mechanisms. The main idea of RSTEG is to not acknowledge a successfully received packet to intentionally invoke retransmission. The retransmitted packet carries a steganogram instead of user data in the payload field. RSTEG is presented in a broader context of network steganography and in particular, utilizing RSTEG for TCP (Transport Control Protocol) retransmission mechanisms is described in details. Simulations results are also enclosed, which main aim were to measure and compare steganographic bandwidth of the proposed method for different TCP retransmission mechanisms and the influence RSTEG has on the network retransmissions level.