CN117792783A - Back-to-back covert communication architecture for public social network platforms - Google Patents

Abstract

The invention relates to the technical field of cyberspace security and covert communication, and in particular to a back-to-back covert communication architecture for public social network platforms, including: a user layer for managing sessions and controlling sending private messages and receiving new private messages; adaptation The layer is used to encapsulate private messages into formatted information; or to decapsulate and verify the new formatted information, and perform preset processing on the new formatted information based on the verification results to obtain new private messages; the steganographic layer is used to For fragmenting and steganographic processing of formatted information, the steganographic carrier is obtained, and the steganographic carrier is sent to the target social network media in a preset manner; or a new steganographic carrier is received in the target social network media, and the new steganographic carrier is sent to the target social network media in a preset manner. The steganographic carrier is extracted and combined to obtain new formatted information, and the new formatted information is passed to the adaptation layer. This solves the problem of concealment of the behavior of both the sender and the receiver in covert communication.

Description

Back-to-back covert communication architecture for public social networking platforms

Technical field

The present invention relates to the technical field of cyberspace security and covert communication, and in particular to a back-to-back covert communication architecture for public social network platforms.

Background technique

Claude E. Shannon believes that encryption systems, privacy systems and covert communication systems are the three major information security systems in cyberspace. Encryption systems and privacy systems can only hide the content of information, but cannot cover up the existence of information and the behavior of "transmitting private information". They can only improve the security of the content of information. However, in actual scenarios, attackers can target the channel for information transmission. , intercept the information, or directly attack the sender and receiver of the information, preventing the normal transmission of private information. Compared with the aforementioned systems, the covert communication system can use steganography technology to hide secret information in common carriers such as digital media, making it difficult for attackers to detect its existence. This system effectively conceals the sender's "transmitting private information" One act. In addition, the massive and diverse digital media data and open and convenient access to public social network platforms facilitate covert communication. The use of public social network platforms and covert communication systems can greatly ensure the security of private information transmission.

Covert communication protocol is the basis of covert communication system. It includes many important parts such as information sending and receiving synchronization mechanism and steganographic coding and decoding algorithm. Most of the current covert communication protocols are based on the prisoner model proposed by Simmons. The model is described as follows: Alice and Bob are two prisoners in the prison. The two plan to escape from the prison together, but all communications between the two need to be monitored by the guard Wendy. To proceed, Alice and Bob need to hide the secret information in a confidential carrier, making it difficult for the monitor Wendy to detect the difference between the confidential carrier and the normal carrier. The prisoner model has many security risks in the big data environment. This model often only focuses on the indistinguishability of the content of the confidential carrier and the normal carrier, and ignores the concealment of user behavior in covert communication (such as frequent interactions between the communicating parties and other anomalies). Behavior will reveal the relevance of the communicating parties). The current covert communication protocol proposes a variety of algorithms to ensure the indistinguishability of the content of the covert carrier for the prisoner model, ensuring the security of the encoding and decoding part of the private information. There is no effective guarantee mechanism designed for the safe sending and receiving of private information, and no solution to concealment. The problem of user behavior concealment in communication.

Existing covert communication protocols all embed secret information into normal carriers through steganographic algorithms based on shared secret keys or hyperparameters, and send the secret carriers to the receivers in a point-to-point manner. The receivers then extract the secret information from the secret carriers through the shared parameters. In this type of covert communication scheme, the sender and receiver often have obvious correlations, resulting in unclear behaviors.

Related technology: Fan P, Zhang H, Cai Y, et al.A Robust Video SteganographicMethod against Social Networking Transcoding Based on Steganographic SideChannel[C]//IH&MMSec'20: ACM Workshop on Information Hiding and MultimediaSecurity.ACM, 2020. Proposed A sending and receiving mechanism that sends videos containing secret information to social networks in the form of broadcast releases; related technology 2 Bauer L A, Howes IV J K, Markelon S A, et al. CovertMessage Passing over Public Internet Platforms Using Model-Based Format -Transforming Encryption[J].arXiv preprint arXiv:2110.07009,2021 proposes a mechanism that adds a verification tag to the header of the secret information and delivers the secret carrier in the form of a broadcast release through a public social network environment. However, neither of the above two mechanisms takes into account the abnormal interaction behavior caused by the information recipient's frequent access to the information publisher's information. For personal accounts that send information in social networks, the potential visitors of the confidential carriers they send may be very limited. Users who are information receivers will definitely visit corresponding posts much more frequently than normal users. Information receivers’ frequent access to the information sender’s social network posts will form an obvious traffic path between the communicating parties and expose the relationship between the communicating parties. Sexual and behavioral aspects are poorly concealed.

Contents of the invention

The present invention provides a back-to-back covert communication architecture (Social Network Covert Communication Protocol, hereinafter referred to as "SNCC Protocol") for public social network platforms to solve problems such as the concealment of the behavior of both senders and receivers in covert communications.

The first embodiment of the present invention provides a back-to-back covert communication architecture for public social network platforms, including: a user layer, used to manage sessions, and control sending private messages and receiving new private messages; an adaptation layer, used to The private message is encapsulated into formatted information; or the new formatted information is decapsulated and verified, and the new formatted information is preset processed according to the verification result to obtain the new private message; the steganographic layer is used Perform fragmentation and steganography processing on the formatted information to obtain a steganographic carrier, so as to send the steganographic carrier to the target social network media in a preset manner; or receive new information in the target social network media. The steganographic carrier extracts and combines the new steganographic carrier to obtain the new formatted information, and transmits the new formatted information to the adaptation layer.

Optionally, also includes:

The data preparation layer is used to collect a preset amount of user information as the preselected sending address of the steganographic carrier according to the target social network media, and prepare a preset number of available accounts as the sending address of the steganographic carrier or to receive the steganographic carrier. A medium for new steganographic carriers;

An algorithm layer is constructed to construct the preset steganographic algorithm to embed the frame queue into the private message and generate the steganographic carrier.

Optionally, the user layer is further configured to call the message packaging interface provided by the adaptation layer to format the private information and obtain the steganographic carrier through the UI component;

The user layer is further configured to call the sending interface provided by the steganographic layer to transfer the steganographic carrier, or call the information receiving interface provided by the steganographic layer to start a new steganographic carrier in the target social network media. receiving thread.

Optionally, the adaptation layer is further configured to provide a service for reliable sending of private messages to the user layer, verify the new steganographic carrier according to the steganographic carrier processing interface, and send the verification result to the The user layer performs corresponding feedback to ensure reliable transmission of the private message;

The adaptation layer is further used to call the sending interface provided by the stego layer to transfer the new stego carrier;

The adaptation layer is further configured to call the embedding interface provided by the steganographic layer to implement segmentation of the formatted information and embedding of the frame queue;

The steganographic layer is further configured to call the steganographic carrier processing interface provided by the adaptation layer to complete the frame queue splicing or the new steganographic carrier extraction, the formatted information encapsulation, and the new formatted information decoding. Encapsulation and verification processing.

Optionally, the user layer includes:

Session initialization sub-layer, used to build multiple sessions based on the user-entered session key, session start time, session duration, predefined maximum number of messages, and the private message, and generate a set of steganographic vectors that will be sent or received The pointer returns to zero;

Start or terminate the session sublayer, used to start and terminate the session synchronously according to the session start time and the session duration;

The private messaging sub-layer is used to format the private information and feedback the steganographic carrier to the user through the UI component, transfer the steganographic carrier, and start new hidden messages in the target social network media. The receiving thread that writes the carrier.

Optionally, each session corresponds to a steganographic vector ring, each element in each steganographic vector ring is a steganographic vector, and each steganographic vector utilizes a multi-dimensional orthogonal steganographic feature to realize unit privacy information transmission.

Optionally, the adaptation layer includes:

The encapsulation or decapsulation sub-layer is used to format the private information and convert it into binary encoding, add header and tail verification to the binary encoding and encapsulate it into the formatted information, or convert the new formatted information into binary encoding. The information is decapsulated to obtain the new private message;

The error retransmission sublayer is used to check the format correctness of the new formatted information and verify the integrity of the new private message according to the CRC (Cyclic Redundancy Check) check code. If the check succeeds, the formatted information of the confirmation character (ACKnowledge Character, ACK) is constructed. If the check fails, the formatted information of the negative acknowledgment (Negative Acknowledgment, NAK) is constructed, and the embedding interface and the sending interface provided by the stego layer are called to perform steganographic embedding on the formatted information of the negative acknowledgment NAK, and determine whether to perform error control on the new private message.

Optionally, the formats of the formatted information and the new formatted information are: type, payload and CRC check code, wherein:

The types include Message, the private information 00, retransmission private information 01, confirmation character ACK10 and negative response NAK11;

The payload includes the private information content or the index of the steganographic vector corresponding to the formatted information;

The CRC check code includes a cyclic redundancy check code of the payload or null.

Optionally, the steganographic layer includes:

Slicing or combining sub-layers are used to segment the formatted information of the adaptation layer into frame queues of a preset length, or to combine new frame queues to obtain the new formatted information;

Steganography or extraction sub-layer, used to use the preset steganography algorithm to perform steganography on the frame queue to obtain the steganographic carrier, or to extract the new steganographic carrier to obtain the new frame queue ;

The sending or receiving sub-layer is used to send the steganographic carrier to the target social network media in the form of a reply comment or from the target social network according to the instruction information of the user layer or the adaptation layer. The media receives the new steganographic carrier and calls the interface provided by the adaptation layer to hand the new steganographic carrier to the adaptation layer for verification processing.

An embodiment of the second aspect of the present invention provides a covert communication system based on a back-to-back covert communication architecture, including: a back-to-back covert communication architecture for a public social network platform as described in the above embodiment.

The back-to-back covert communication architecture for public social network platforms proposed in the embodiment of the present invention can be applied to any mainstream social network platform on the current Internet, can achieve anti-association of covert communication behavior, effectively improve the concealment of covert communication sending and receiving behavior, and can further ensure the effective transmission of information; and the software built based on the communication structure has concise and clear code, low cost, and easy deployment and use. Therefore, the problem of behavioral concealment of both senders and receivers in covert communication is solved.

Additional aspects and advantages of the present invention will be given in part in the following description and in part will be obvious from the following description, or will be learned through practice of the present invention.

Description of the drawings

The above and/or additional aspects and advantages of the present invention will become apparent and easily understood from the following description of the embodiments in conjunction with the accompanying drawings, in which:

Figure 1 is a schematic structural diagram of a back-to-back covert communication architecture for a public social network platform provided by an embodiment of the present invention;

Figure 2 is a schematic diagram of formatted information provided by an embodiment of the present invention;

FIG3 is a schematic diagram of a ring chain formed by steganographic components in each steganographic component ring provided by an embodiment of the present invention;

Figure 4 is a schematic diagram of an example of one transmission of the back-to-back covert communication architecture for public social network platforms provided by an embodiment of the present invention;

Figure 5 is a block diagram of a covert communication system based on a back-to-back covert communication architecture provided by an embodiment of the present invention.

Detailed ways

Embodiments of the present invention are described in detail below, examples of which are illustrated in the accompanying drawings, wherein the same or similar reference numerals throughout represent the same or similar elements or elements with the same or similar functions. The embodiments described below with reference to the drawings are exemplary and are intended to explain the present invention and are not to be construed as limiting the present invention.

It should be noted that a session refers to the process of transmitting private information within a continuous period of time. Multiple messages may need to be exchanged in a session. The initialization of a session is determined by parameters such as the session key, the start and end time of the session, and the maximum number of messages. A session corresponds to a steganographic capability set. A message refers to the private information or response message (such as ACK or NAK) sent or received by the sender and receiver at one time in a session. The private message sent once has a maximum length limit and needs to be formatted. A private message is transmitted by a stego vector. A frame refers to a unit of steganographic private information obtained by segmenting a formatted message (Packet) according to the stego vector composition rule (for example, according to the equal length segmentation rule, etc.), and a component in the stego vector can be used for network-state steganography. A formatted message (Packet) refers to a private message after formatting, which consists of a message header, a message body, and a message tail. A stego carrier (Stego) refers to a secret carrier generated by a frame of information (Frame) through network-state steganography. Steganographic vector refers to a method of transmitting unit private information (for example, a message) by using multi-dimensional orthogonal steganographic features based on the network multi-dimensional steganography theory. Steganographic capability set refers to the set of all steganographic vectors that a specific private information transmission device can support. Steganographic component refers to a method of embedding and extracting a frame of private information in a message by using a certain steganographic feature (for example, a feature of a social text or image), using a corresponding specific steganographic algorithm and network account. Network steganography (Net-Stego) refers to a method of hiding information by using various digital media and their component structures in a network environment.

The back-to-back covert communication architecture for a public social network platform according to the embodiment of the present invention will be described below with reference to the accompanying drawings.

Specifically, FIG. 1 is a schematic structural diagram of a back-to-back covert communication architecture for a public social network platform provided by an embodiment of the present invention.

As shown in Figure 1, the back-to-back covert communication architecture 10 for public social network platforms includes: user layer 101, adaptation layer 102 and steganography layer 103. This communication architecture realizes "back-to-back" transmission between communication users and target social network media, ensuring the transmission of private information.

Among them, the user layer 101 is used to manage sessions and control sending private messages and receiving new private messages. The adaptation layer 102 is used to encapsulate private messages into formatted information; or to decapsulate and verify the new formatted information, and perform preset processing on the new formatted information based on the verification results to obtain new private messages. The steganographic layer 103 is used to fragment and steganographically process the formatted information to obtain a steganographic carrier, so as to send the steganographic carrier to the target social network media in a preset manner; or to receive new information in the target social network media. The steganographic carrier extracts and combines the new steganographic carrier to obtain new formatted information, and transmits the new formatted information to the adaptation layer 102.

Further, the embodiment of the present invention also includes: a data preparation layer and a construction algorithm layer, wherein,

The data preparation layer is used to collect a preset amount of user information based on the target social network media as a preselected sending address for the steganographic carrier, and prepare a preset number of available accounts as a medium for sending steganographic carriers or receiving new steganographic carriers;

Construct an algorithm layer for constructing a preset steganographic algorithm to embed a frame queue into a normal carrier to generate a steganographic carrier.

Further, in the embodiment of the present invention, information can be exchanged between each layer through an inter-layer interface, where,

The user layer calls the message packaging interface provided by the adaptation layer to format the private information and obtain the steganographic carrier through the UI component; the user layer can also call the sending interface provided by the steganographic layer to transmit the steganographic carrier, or call the information receiving interface provided by the steganographic layer to start the receiving thread of the new steganographic carrier in the target social network media, so as to control the entire session process.

The adaptation layer provides a service for reliable sending of private messages to the user layer, verifies the new steganographic carrier according to the steganographic carrier processing interface in the layer, and provides corresponding feedback to the user layer on the verification results to ensure the privacy of private messages. Reliable transmission; you can also call the sending interface provided by the steganographic layer to deliver a new steganographic carrier that serves reliable transmission;

The adaptation layer calls the embedding interface provided by the steganographic layer to realize the segmentation of formatted private information and the embedding of private information bit frames. The steganographic layer calls the steganographic carrier processing interface provided by the adapting layer through the steganographic layer and the adapting layer. Information interaction completes frame queue splicing or new steganographic carrier extraction, formatted information encapsulation, new formatted information decapsulation and verification processing.

In some embodiments, the user layer 101 includes: a session initialization sublayer, a session initiation or termination sublayer, and a privacy messaging sublayer, where,

The session initialization sub-layer is used to build multiple sessions based on the session key K entered by the user, the session start time T, the session duration ΔT, the predefined maximum number of messages, and the amount of private messages, and generate steganography capabilities. set (i.e., steganographic vector set), and reset the sending or receiving pointer to zero. Among them, the following restrictions need to be made for each Session: a maximum of 128 Messages can be exchanged in a session;

Start or terminate the session sub-layer, which is used to start and terminate the session synchronously according to the session start time T and session duration ΔT;

The private message transmission sublayer is used to call the message packaging interface (Pack (String type, String Message)) provided by the adaptation layer 102 to format the private information, generate the formatted information Packet, and feedback the steganographic carrier to the user through the UI component, and call the sending interface (send (Vector F, String Stego)) provided by the stego layer to transmit the steganographic carrier; call the information receiving interface (getTask (Vector F)) provided by the stego layer at a certain frequency to start the receiving thread of the new steganographic carrier in the target social network media. Among them, the following restrictions are imposed on each Message: The length of each Message does not exceed 1024 bits (128 English characters/64 Chinese characters).

In some embodiments, the adaptation layer 102 includes: an encapsulation or decapsulation sub-layer and an error retransmission sub-layer, wherein,

The encapsulation or decapsulation sublayer is used to format the multimodal privacy information input by the user according to the information (Message) constructed by the message reliable transmission protocol and convert it into binary code. English is in ASCII code format and Chinese is in UTF-8 encoding format. The binary code is then encapsulated into formatted information by adding header and tail checksums (or separating the fields of the Packet and extracting the message body). It is also used to decapsulate the new formatted information to obtain a new multimedia privacy message.

The error retransmission sublayer is used to check the format correctness of the new formatted information and decide whether to enter the error checking mechanism based on the Packet type field. If the Packet type field is "private information" or "retransmit private information", the integrity of the private message needs to be verified based on the CRC check code. If the verification is successful, the formatted information of the ACK is constructed. If the verification fails, the formatted information of the ACK is constructed. For the formatted information of NAK, call the embedded interface (Model.encode(String Packet, intbit), Model represents the steganographic model) and the sending interface (send(Vector F, String Stego)) provided by the steganographic layer to format the NAK information. Perform steganographic embedding and send; if the Packet type is ACK, it means the reception is successful, and no error control operation is required; if the Packet type is NAK information, the Message under the original index needs to be re-encapsulated and retransmitted.

Among them, as shown in Figure 2, the format of the formatted information and the new formatted information is: type (2bit), payload (<1024bits) and CRC check code (8bits), where,

Types include Message, private information 00, retransmission private information 01, confirmation character ACK10 and negative response NAK11;

The payload includes the private information content (type 00/01) or the index of the steganographic vector corresponding to the formatted information (type 10/11);

The CRC check code includes the cyclic redundancy check code of the payload or is empty. When the type is 00/01, it represents the cyclic redundancy check code of the payload field. When it is other types, it is empty. It is also possible to include a tail terminator. Whether this part is included is determined by the encoding method of the adaptation layer and steganographic layer during specific implementation.

In some embodiments, steganographic layer 103 includes:

The fragmentation or combination sub-layer is used to segment the formatting information of the adaptation layer into frame queues of preset length, or to combine new frame queues to obtain new formatting information and pass it to the adaptation layer 102. Among them, there are two types of Frame, one is a non-ending fixed-length Frame with 128 bits per frame, and the other is an ending variable-length Frame, which needs to be marked at the end according to the steganography algorithm;

The steganography or extraction sub-layer is used to steganograph the frame queue using the preset steganography algorithm to obtain the secret carrier (ie, the steganographic carrier Stego), or extract the new steganographic carrier to obtain a new frame queue;

The sending or receiving sublayer is used to send the steganographic carrier Stego to the target social network media in the form of a reply comment according to the instruction information of the user layer or the adaptation layer, or receive a new steganographic carrier Stego from the target social network media, and call the interface (checkMessage(JSONArray Stego,int countget)) and steganographic extraction function provided by the adaptation layer, and hand over the extracted new frame queue to the adaptation layer for splicing and verification. Among them, the steganographic component sequence is dynamically selected during the sending/receiving process to determine the sending space of each secret carrier.

It should be noted that the embodiment of the present invention is a duplex communication protocol, and two independent processes perform sending and receiving respectively without interfering with each other. The steganographic vector used when sending/receiving information is determined by the sending/receiving pointer. After the session is initialized, the sending/receiving pointer is first reset to zero. Each time the pointer is sent, the steganographic vector pointed to by the pointer is selected to execute the information sending process. After the sending is completed, the pointer is +1 and points to the next vector in the vector ring. The receiving process uses a sliding window mechanism, taking the steganographic vector that should appear in the other party's next message as the starting point, setting a sliding window with a length of 3, and crawling all steganographic vectors in the sliding window each time. Once new information appears in a steganographic vector, it is received and processed. After the reception is completed, the receiving pointer is calibrated, the unprocessed steganographic vectors skipped during the calibration process are marked, and only one crawling process is performed during the next receiving process to avoid missing important information. After one cycle of repetition in the vector ring, the later-sent cryptographic carriers are distinguished from the earlier-sent cryptographic carriers with timestamps.

Further, in one embodiment of the present invention, each session corresponds to a steganographic vector ring, each element in each steganographic vector ring is a steganographic vector, and each steganographic vector utilizes multi-dimensional orthogonal steganographic features. Realize the transmission of unit privacy information.

Specifically, based on the network state multi-dimensional steganography theory, each steganographic vector It can be understood as a combination of orthogonal steganographic features in various dimensions. Each steganographic feature corresponds to a steganographic component. A steganographic component is a method of embedding and extracting a frame of private information in secret information by using a certain steganographic feature (for example, a feature of a social text or image), a specific steganographic algorithm and a network account. Steganographic vector/> It can be regarded as an ordered combination of 8 steganographic components, each of which is represented by/> To represent, they together form a steganalysis component ring. Each steganalysis component/> The sending channel of a Frame is the result of the interaction of the information transmission account, information transmission address, and steganography algorithm. These three factors are respectively used Indicates that the network account used to transmit a Frame, the network space address for sending/receiving a Frame, and the steganographic algorithm used to embed the information of a Frame into the privacy carrier are determined respectively. The components realize the concurrent transmission of information by multiple virtual users, and through a more complete steganographic algorithm (i.e. Components) generate stego carriers that conform to the statistical laws of normal carriers, and achieve anti-correlation of covert communication behavior while ensuring the security of the secret carrier content. /> The steganographic capacity is the sum of the capacities of all available steganographic components. When sending private information, the available steganographic components will be dynamically selected to construct the steganographic vector according to the steganographic capacity required to transmit all frames corresponding to a message. If an unavailable part is detected, it will be automatically skipped and the next item will be selected. When the sum of the available steganographic component capacities in the steganographic component ring cannot meet the needs of sending a message, the problem will be solved by recycling the components in the ring. The components of a steganographic vector are shown in the following table:

When sending and receiving for a certain Stego queue, as shown in Figure 3, on the sender side, Stego is dequeued in turn, and it is sent to the available components in the order of the linked list starting from the first available component of the stego component ring that constitutes the stego vector. If an unavailable component appears, it is skipped and the next stego component is accessed in a loop. On the receiver side, each component in the circular linked list is crawled in turn. After a cycle in the circular linked list, the timestamp can be used to distinguish the order of the secret carriers (Stego) received from the stego components.

As shown in Figure 4, at time one, the sender waits and the receiver waits; at time two, the sender sends and the receiver waits; at time three, the sender points to the next steganographic vector and waits while the receiver crawls; at time four, The receiver finishes processing and points to the next steganographic vector to resume the waiting state.

The embodiments of the present invention will be further described below with software constructed with a back-to-back covert communication architecture oriented to a public social network platform.

Step S1: Before running the software, select an appropriate social platform based on actual needs, prepare a preset number of available accounts, and collect information about normal users on the corresponding social platform. The available accounts will be used to send/ Receive steganographic text, i.e. part; and the posts sent by normal users will be used as the information sending address of the Frame, that is/> For this part, normal users will be referred to as “intermediate users” in the following text. Configure the account file and normal user information into the software.

Step S2: Select an appropriate steganography algorithm based on actual needs and configure it into the software. This software is configured with a carrier-generative steganography algorithm based on RNN that uses text as the steganographic carrier.

It should be noted that steps S1 to S2 are preparations before using the software, and then covert communication can begin.

Step S3: The user starts the session through the user layer and configures the required parameters of the Session into the software, including the session key K, session start time T and session duration ΔT;

When new parameters are entered, the sending pointer and receiving pointer are cleared, and the software divides the available accounts prepared in advance into two parts, one part is used as the sending account of the confidential carrier, and the other part is used as the receiving account of the confidential carrier; the software is based on the secret The key K and the available account set inside the software and the intermediate user information construct a steganographic vector set. The specific construction method is: using K as a random number, generate a number of random numbers, each group of 8, as a steganographic selection of the sending account Component; again, K is used as a random number to generate a number of random numbers, each group of 8, as the steganographic component that specifies the Stego sending position. The above factors together form a steganographic component ring. The input session start time T and session duration △T will determine the range of information that the software can receive at the time level. The software will only receive information sent after the session start time; both the sender and the receiver need to ensure that the account database and secret key K are consistent.

Step S4: The sender and the receiver select an account library. It is necessary to ensure that the account libraries selected by the sender and the receiver are different. For example, if the sender selects account library 1, the receiver should select account library 2, that is, the two account libraries are used as the sending account library and the receiving account library respectively.

Step S5: The user inputs a message and clicks the "Generate" button. The message is converted into a bit stream and encapsulated into a packet through the adaptation layer.

Step S6: The software divides the Packet into Frames (each Frame is up to 128 bits) by calling the steganographic layer interface, embeds the Frame into the text through the steganographic algorithm to generate steganographic text (Stego), and displays the generated Stego. to the UI interface;

When Stego is generated, a pop-up message will be returned based on the number of Frames. If the number of Frames is ≤8, the pop-up message will display "OK to send" and you can proceed to the next step. Otherwise, if the pop-up message displays other content, such as "the content is too long", you need to delete some information and repeat steps S5 and S6 until the pop-up message displays "OK to send".

Step S7: The user clicks the "Send" button, and the software passes the steganographic text to the stego layer, extracts the steganographic vector of the corresponding index according to the value of the sending pointer, and sends the Stego generated according to each Frame to the steganographic component of the corresponding steganographic component ring in the steganographic vector. The sender sends the pointer +1.

Step S8: The receiver receives the steganographic text through the stego layer, adopts a sliding window mechanism, takes the steganographic vector corresponding to the current receiving pointer as the starting point, sets a sliding window of length 3, and crawls all the steganographic vectors in the sliding window. Once there is secret information in a certain steganographic vector, all the secret carriers Stego in the steganographic vector are received and the next step is entered.

Step S9: The receiver software restores the received Stego to Frame through the steganographic layer, and splices the Frame into a Packet and sends it to the adaptation layer for subsequent processing.

Step S10: The receiver software decapsulates the Packet through the adaptation layer and obtains the type, payload and CRC check code.

Step S11: If type is "00" (or "01"), verify the integrity of the information through CRC, and if the verification is successful, decode the payload part of the Packet to obtain the Message, and add it to the historical information (or Update the original historical information record according to the retransmitted Message), the receiver receives the pointer + 1, and enters S12; if the verification fails, use the receiving pointer value corresponding to the current message as a new Message to construct a NAK Packet, and pass the steganographic vector Feed it back to the sender and record the historical information of reception failure. The receiver's sending and receiving pointers are both +1, and enter step S13;

Step S12: If the message with type "00" (or "01") in S11 is successfully verified, the user can click the "Receive" button, and the software will use the receiving pointer value corresponding to the current message as a new Message to construct an ACK Packet , and feed it back to the sender through the steganographic vector, and the receiver sends pointer +1.

Step S13: The sender also receives the feedback information from the receiver through steps S8 to S10, obtains the Packet, decapsulates it, and obtains the type and payload.

Step S14: If type is "10" (or "11"), verify the correctness of the ACK (or NAK) format. If the format is correct, modify the corresponding historical information based on the value of the pointer index in the ACK (or NAK). The receiving status is "reception successful" (or the Message and pointer count in the corresponding historical information are re-extracted and repackaged into a Packet and the error is retransmitted), and the sender's receiving pointer is +1 (if there is an error retransmission, the sender's sending pointer is also +1), complete the entire information sending and receiving process;

If a format error occurs, the receive pointer value corresponding to the current message is used as a new Message to construct a NAK Packet and feed it back to the receiver through the steganographic vector, and record the historical information of reception failure. The sender's sending and receiving pointers are both +1. .

The back-to-back covert communication architecture for public social network platforms proposed according to the embodiment of the present invention can be applied to any mainstream social network platform on the current Internet, can achieve anti-correlation of covert communication behaviors, effectively improve the concealment of covert communication transceivers, and can This further ensures the effective transmission of information; and the software built based on this communication structure has concise and clear code, low cost, and is easy to deploy and use.

Embodiments of the present invention also provide a covert communication system based on a back-to-back covert communication architecture, including: a back-to-back covert communication architecture for a public social network platform as in the above embodiment.

Specifically, as shown in Figure 5, the covert communication system 50 based on the back-to-back covert communication architecture includes: user layer module 501, adaptation layer module 502, steganographic layer module 503 and other auxiliary modules 504.

The user layer module 501 is a logical module outside the system, including a UI interface for user operation. It can call the adaptation layer and the steganographic layer, initiate a session, and control the sending and receiving of private messages.

The adaptation layer module 502 is the communication control module in the system. It is used to receive private messages from the user layer, convert them into Packets, pass the Packets to the steganographic layer to obtain the steganographic text and return it to the user layer; it is also used to obtain the hidden text from the user layer. The steganographic layer receives the steganographic text, returns it to a Packet through the module in the steganographic layer and verifies it, and performs corresponding processing based on the verification results to ensure reliable transmission.

The steganographic layer module 503 is the communication module in the system. It is used to segment the Packet obtained from the adaptation layer to obtain the Frame, encode it to obtain the steganographic text, and wait for instructions from the user layer to send the steganographic text to in the corresponding steganographic vector; it is also used to regularly crawl information from the corresponding steganographic vector according to the instructions of the user layer. If the crawling is successful, the obtained steganographic text will be decoded and restored into a Frame and spliced to obtain a Packet and handed over to the appropriate Layer for subsequent processing.

Other auxiliary modules 504 are used to assist the normal operation of the software and are mainly responsible for managing various data files in the system, such as session key K, session start time T and session duration ΔT, steganographic vectors, historical information, etc.

The covert communication system based on the back-to-back covert communication architecture proposed according to the embodiment of the present invention can be applied to any mainstream social network platform on the current Internet, can realize anti-correlation of covert communication behaviors, effectively improve the concealment of covert communication transceivers, and can further Ensure the effective transmission of information. The invented software has concise and clear code, low cost, and is easy to deploy and use.

In the description of this specification, the description with reference to the terms "one embodiment", "some embodiments", "example", "specific example", or "some examples" etc. means that the specific features, structures, materials or characteristics described in conjunction with the embodiment or example are included in at least one embodiment or example of the present invention. In this specification, the schematic representations of the above terms do not necessarily refer to the same embodiment or example. Moreover, the specific features, structures, materials or characteristics described may be combined in any one or N embodiments or examples in a suitable manner. In addition, those skilled in the art may combine and combine the different embodiments or examples described in this specification and the features of the different embodiments or examples, without contradiction.

In addition, the terms "first" and "second" are used for descriptive purposes only and should not be understood as indicating or implying relative importance or implicitly indicating the number of the indicated technical features. Therefore, the features defined as "first" and "second" may explicitly or implicitly include at least one of the features. In the description of the present invention, the meaning of "N" is at least two, such as two, three, etc., unless otherwise clearly and specifically defined.

Claims (10)

1. A back-to-back covert communication architecture for a public social network platform, comprising:

a user layer for managing sessions and controlling the sending of private messages and the receiving of new private messages;

an adaptation layer for encapsulating the privacy message into formatted information;

or unpacking and checking the new formatted information, and performing preset processing on the new formatted information according to a checking result to obtain the new privacy message;

the steganography layer is used for carrying out slicing and steganography processing on the formatted information to obtain a steganography carrier, and sending the steganography carrier to a target social network medium in a preset mode;

or receiving a new steganography carrier in the target social network media, extracting and combining the new steganography carrier to obtain the new formatting information, and transmitting the new formatting information to the adaptation layer.

2. The public social network platform-oriented back-to-back covert communication architecture of claim 1, further comprising:

the data preparation layer is used for collecting preset quantity of user information as a preselected sending address of the steganography carrier according to the target social network media, and preparing preset quantity of available accounts as a medium for sending the steganography carrier or receiving the new steganography carrier;

and the construction algorithm layer is used for constructing the preset steganography algorithm so as to embed a frame queue into the privacy message and generate the steganography carrier.

3. The public social network platform-oriented back-to-back covert communication architecture of claim 1, wherein the user layer is further configured to invoke a message wrapper interface provided by the adaptation layer to format the privacy information and obtain the steganographic carrier through a UI component;

the user layer is further used for calling a sending interface provided by the steganography layer to transfer the steganography carrier or calling an information receiving interface provided by the steganography layer to start a receiving thread of a new steganography carrier in the target social network media.

4. The public social network platform-oriented back-to-back covert communication architecture of claim 1, wherein,

the adaptation layer is further used for providing a service for reliably sending the privacy message to the user layer, checking the new steganography carrier according to a steganography carrier processing interface, and feeding back the checking result to the user layer correspondingly so as to ensure the reliable transmission of the privacy message;

the adaptation layer is further used for calling a sending interface provided by the steganography layer to transfer the new steganography carrier;

the adaptation layer is further used for calling an embedding interface provided by the steganography layer to realize segmentation of the formatting information and embedding of a frame queue;

the steganography layer is further used for calling a steganography carrier processing interface provided by the adaptation layer to finish the frame queue splicing or the new steganography carrier extracting, the formatting information packaging, the new formatting information decapsulating and the verification processing.

5. The public social network platform-oriented back-to-back covert communication architecture of claim 1, wherein said user layer comprises:

a session initialization sub-layer, configured to construct a plurality of sessions according to a session key, a session start time, a session duration, a predefined maximum message number and the privacy message input by a user, generate a steganography vector set, and zero a sending or receiving pointer;

a session starting or terminating sub-layer for synchronously starting and terminating a session according to the session starting time and the session duration;

and the privacy message transmission sub-layer is used for formatting the privacy information, feeding back the steganography carrier to a user through a UI component, transmitting the steganography carrier and starting a receiving thread of a new steganography carrier in the target social network media.

6. The public social network platform-oriented back-to-back covert communication architecture of claim 5, wherein each session corresponds to a steganographic vector ring, wherein each element in each steganographic vector ring is a steganographic vector, and each steganographic vector utilizes a multidimensional orthogonal steganographic feature to realize unit privacy information transmission.

7. The public social network platform-oriented back-to-back covert communication architecture of claim 1, wherein said adaptation layer comprises:

the encapsulation or decapsulation sub-layer is used for converting the privacy information into binary codes through formatting treatment, adding head and tail verification into the binary codes to encapsulate the binary codes into the formatting information, or decapsulating the new formatting information to obtain the new privacy information;

and the error retransmission sub-layer is used for checking the format correctness of the new formatted information, verifying the integrity of the new privacy information according to the CRC check code, if the check is successful, constructing the formatted information of the acknowledgement character ACK, if the check is failed, constructing the formatted information of the negative acknowledgement NAK, calling an embedding interface and a sending interface provided by the steganography layer to steganographically embed the formatted information of the negative acknowledgement NAK, and judging whether the new privacy information is subjected to error control.

8. The public social network platform-oriented back-to-back covert communication architecture of claim 1, wherein the format of the formatting information and the new formatting information is: type, payload, and CRC check code, wherein,

the types include Message, the privacy information 00, retransmission privacy information 01, acknowledgement character ACK10, and negative acknowledgement NAK11;

the payload comprises private information content or an index of a steganography vector corresponding to the formatting information;

the CRC check code includes a cyclic redundancy check code or null of the payload.

9. The public social network platform-oriented back-to-back covert communication architecture of claim 1, wherein the steganography layer comprises:

a slicing or combining sub-layer, configured to slice the formatting information of the adaptation layer into a frame queue with a preset length, or combine a new frame queue to obtain the new formatting information;

a steganography or extraction sublayer, configured to steganographically the frame queue by using the preset steganography algorithm to obtain the steganography carrier, or extract the new steganography carrier to obtain the new frame queue;

and the sending or receiving sub-layer is used for sending the steganography carrier to the target social network media in a form of a reply comment according to the instruction information of the user layer or the adaptation layer, or receiving the new steganography carrier from the target social network media, and calling an interface provided by the adaptation layer to deliver the new steganography carrier to the adaptation layer for verification processing.

10. A covert communication system based on a back-to-back covert communication architecture, comprising: the public social network platform-oriented back-to-back covert communication architecture of any of claims 1-9.