{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,2]],"date-time":"2026-04-02T18:45:23Z","timestamp":1775155523254,"version":"3.50.1"},"publisher-location":"Berlin, Heidelberg","reference-count":21,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"value":"9783540290391","type":"print"},{"value":"9783540314813","type":"electronic"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2005]]},"DOI":"10.1007\/11558859_19","type":"book-chapter","created":{"date-parts":[[2005,11,23]],"date-time":"2005-11-23T09:59:13Z","timestamp":1132739953000},"page":"247-261","source":"Crossref","is-referenced-by-count":152,"title":["Embedding Covert Channels into TCP\/IP"],"prefix":"10.1007","author":[{"given":"Steven J.","family":"Murdoch","sequence":"first","affiliation":[]},{"given":"Stephen","family":"Lewis","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"19_CR1","first-page":"51","volume-title":"Crypto 1983. Advances in Cryptography","author":"G.J. Simmons","year":"1983","unstructured":"Simmons, G.J.: The prisoners\u2019 problem and the subliminal channel. In: Chaum, D. (ed.) Crypto 1983. Advances in Cryptography, pp. 51\u201367. Plenum Press, New York (1983)"},{"key":"19_CR2","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"23","DOI":"10.1007\/3-540-61996-8_29","volume-title":"Information Hiding","author":"T. Handel","year":"1996","unstructured":"Handel, T., Sandford, M.: Hiding data in the OSI network model. In: Anderson, R. (ed.) IH 1996. LNCS, vol.\u00a01174, pp. 23\u201338. Springer, Heidelberg (1996)"},{"key":"19_CR3","unstructured":"Szczypiorski, K.: HICCUPS: Hidden communication system for corrupted networks. In: International Multi-Conference on Advanced Computer Systems, pp. 31\u201340 (2003), http:\/\/krzysiek.tele.pw.edu.pl\/pdf\/acs2003-hiccups.pdf"},{"key":"19_CR4","doi-asserted-by":"crossref","unstructured":"Postel, J.: STD7: Transmission control protocol. IETF (1981)","DOI":"10.17487\/rfc0793"},{"key":"19_CR5","doi-asserted-by":"crossref","unstructured":"Postel, J.: STD5: Internet protocol. IETF (1981)","DOI":"10.17487\/rfc0791"},{"key":"19_CR6","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"147","DOI":"10.1007\/11767831_10","volume-title":"Privacy Enhancing Technologies","author":"N.B. Lucena","year":"2006","unstructured":"Lucena, N.B., Lewandowski, G., Chapin, S.J.: Covert channels in IPv6. In: Danezis, G., Martin, D. (eds.) PET 2005. LNCS, vol.\u00a03856, pp. 147\u2013166. Springer, Heidelberg (2006)"},{"key":"19_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"18","DOI":"10.1007\/3-540-36415-3_2","volume-title":"Information Hiding","author":"G. Fisk","year":"2003","unstructured":"Fisk, G., Fisk, M., Papadopoulos, C., Neil, J.: Eliminating steganography in Internet traffic with active wardens. In: Petitcolas, F.A.P. (ed.) IH 2002. LNCS, vol.\u00a02578, pp. 18\u201335. Springer, Heidelberg (2003)"},{"key":"19_CR8","unstructured":"Handley, M., Paxson, V., Kreibich, C.: Network intrusion detection: Evasion, traffic normalization, and end-to-end protocol semantics. In: 10th Usenix Security Symposium (2001)"},{"key":"19_CR9","doi-asserted-by":"crossref","unstructured":"Jacobson, V., Braden, R., Borman, D.: RFC1323: TCP extensions for high performance. IETF (1992)","DOI":"10.17487\/rfc1323"},{"key":"19_CR10","unstructured":"Fyodor: Idle scanning and related IPID games (2001), http:\/\/www.insecure.org\/nmap\/idlescan.html"},{"key":"19_CR11","unstructured":"Ahsan, K., Kundur, D.: Practical data hiding in TCP\/IP. In: ACM Workshop on Multimedia and Security (2002), http:\/\/ee.tamu.edu\/~deepa\/pdf\/acm02.pdf"},{"key":"19_CR12","doi-asserted-by":"crossref","unstructured":"Mogul, J., Deering, S.: RFC1191: Path MTU discovery. IETF (1990)","DOI":"10.17487\/rfc1191"},{"key":"19_CR13","doi-asserted-by":"publisher","first-page":"32","DOI":"10.1145\/378444.378449","volume":"19","author":"S.M. Bellovin","year":"1989","unstructured":"Bellovin, S.M.: Security problems in the TCP\/IP protocol suite. Computer Communication Review\u00a019, 32\u201348 (1989)","journal-title":"Computer Communication Review"},{"key":"19_CR14","doi-asserted-by":"crossref","unstructured":"Rowland, C.H.: Covert channels in the TCP\/IP protocol suite. First Monday 2 (1997), http:\/\/www.firstmonday.org\/issues\/issue2_5\/rowland\/","DOI":"10.5210\/fm.v2i5.528"},{"key":"19_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"313","DOI":"10.1007\/978-3-540-39927-8_29","volume-title":"Information and Communications Security","author":"T. Sohn","year":"2003","unstructured":"Sohn, T., Seo, J., Moon, J.: A study on the covert channel detection of TCP\/IP header using support vector machine. In: Perner, P., Qing, S., Gollmann, D., Zhou, J. (eds.) ICICS 2003. LNCS, vol.\u00a02836, pp. 313\u2013324. Springer, Heidelberg (2003)"},{"key":"19_CR16","unstructured":"Rutkowska, J.: The implementation of passive covert channels in the Linux kernel. In: Chaos Communication Congress, Chaos Computer Club e.V (2004), http:\/\/www.ccc.de\/congress\/2004\/fahrplan\/event\/176.en.html"},{"key":"19_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"194","DOI":"10.1007\/3-540-36467-6_15","volume-title":"Privacy Enhancing Technologies","author":"J. Giffin","year":"2003","unstructured":"Giffin, J., Greenstadt, R., Litwack, P., Tibbetts, R.: Covert messaging in TCP. In: Dingledine, R., Syverson, P.F. (eds.) PET 2002. LNCS, vol.\u00a02482, pp. 194\u2013208. Springer, Heidelberg (2003)"},{"key":"19_CR18","doi-asserted-by":"crossref","unstructured":"Bellovin, S.: RFC1948: Defending against sequence number attacks. IETF (1996)","DOI":"10.17487\/rfc1948"},{"key":"19_CR19","unstructured":"de Raadt, T., Hallqvist, N., Grabowski, A.D., Keromytis, A., Provos, N.: Cryptography in OpenBSD: An overview. In: USENIX Annual Technical Conference (FREENIX Track), pp. 93\u2013102 (1999)"},{"key":"19_CR20","doi-asserted-by":"publisher","first-page":"211","DOI":"10.1109\/SP.2005.18","volume-title":"2005 IEEE Symposium on Security and Privacy","author":"T. Kohno","year":"2005","unstructured":"Kohno, T., Broido, A., claffy, k.: Remote Physical Device Fingerprinting. In: 2005 IEEE Symposium on Security and Privacy, Oakland, California, pp. 211\u2013225. IEEE CS, Los Alamitos (2005)"},{"key":"19_CR21","unstructured":"Hintz, A.: Covert channels in TCP and IP headers. Presentation at DEFCON 10 (2002), http:\/\/guh.nu\/projects\/cc\/"}],"container-title":["Lecture Notes in Computer Science","Information Hiding"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/11558859_19.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,4,27]],"date-time":"2021-04-27T07:10:19Z","timestamp":1619507419000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/11558859_19"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2005]]},"ISBN":["9783540290391","9783540314813"],"references-count":21,"URL":"https:\/\/doi.org\/10.1007\/11558859_19","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2005]]}}}