Stegozoa: Enhancing WebRTC Covert Channels with Video Steganography for Internet Censorship Circumvention
Gabriel Figueira, Diogo Barradas, Nuno Santos
https://censorbib.nymity.ch/#Figueira2022a
https://github.com/GabrielCFigueira/stegozoa
Presentation video
Protozoa showed a way of establishing a peer-to-peer covert tunnel over WebRTC video. But Protozoa is covert only when the two WebRTC peers are connected directly. Because it works by replacing encrypted media ciphertext with its own ciphertext, a middlebox that is in a position to inspect decrypted media frames can easily see that they do not contain well-formed encoded video. Such middleboxes are common in practice in the form of “WebRTC gateways”. For example, when you make a Jitsi call, you and the other participants actually connect to a WebRTC gateway, which decrypts, re-encrypts, and forwards each participant’s video to the others. Stegozoa solves this problem using video steganography. It embeds covert information into encoded video, in a way that is not apparent even on inspection of the video stream by a middlebox. The cost of being able to pass through WebRTC gateways is lower capacity: while not ultra-low-bandwidth (the authors report 8 kbps), Stegozoa is more suited to short messages. Stegozoa does not have Protozoa’s perfect traffic features indistinguishability, but it still has good resistance to traffic analysis attacks, as long as you keep the transmission rate sufficiently low. Stegozoa can be seen as a realization of the “stego circuits” from CRON Section 4.2.
The implementation uses a modified Chrome browser, as it requires hooking into the browser’s VP8 video encoder at a low level (see Figures 4 and 5). The steganography uses preexisting techniques: syndrome-trellis codes over the least significant bits of quantized discrete cosine transform coefficients of the luminance channel. The implementation required some care to make it run fast enough for real-time video; Figure 9 shows that an unoptimized implementation actually affects traffic analysis features. The steganography does not survive transcoding; it only works when the WebRTC gateway passes the video through without modifications. The protocol requires each peer to have exchanged a shared secret in advance, out of band.
The evaluation in Section 5 looks at:
- Performance (throughput, round-trip time)
- Resistance to traffic analysis (using an XGBoost classifier over packet size, timing, and direction features)
- Resistance to video steganalysis (using two tools designed for the quantized DCT technique Stegozoa uses)
- Changes under adverse network conditions
- Comparison of the decoded video stream with an original (to approximately measure visual detectability of the use of steganography)