International Journal of Open Information Technologies

Stream watermarks are a key tool in information security, enabling the tracking and identification of data in network streams. This article discusses various methods of stream watermarking, including technologies based on traffic flow speed, packet synchronization, packet numbers, transmission intervals, interval centroids, packet length, and their order of sequence. It also analyzes hybrid methods, Flow Fingerprinting technology, and the Patch-based Flow Marking method, which combines the advantages of various approaches. The article examines the advantages and disadvantages of each method, as well as their applicability in modern network environments.

Yuan Y., Ge J., Cheng G. DeMarking: A defense for network flow watermarking in real-time //Computers & Security. – 2025. – С. 104355.

Feng W. et al. Ip-pealing: a robust network flow watermarking method based on ip packet sequence //Chinese Journal of Electronics. – 2024. – Т. 33. – №. 3. – С. 694-707.

Li T. et al. HeteroTiC: A robust network flow watermarking based on heterogeneous time channels //Computer Networks. – 2022. – Т. 219. – С. 109424.

Wang X. et al. Sleepy watermark tracing: An active network-based intrusion response framework //IFIP International Information Security Conference. – Boston, MA : Springer US, 2001. – С. 369-384.

Feng W. et al. HSTW: A robust network flow watermarking method based on hybrid packet sequence-timing //Computers & Security. – 2024. – Т. 139. – С. 103701.

Fu X. et al. On flow marking attacks in wireless anonymous communication networks //Journal of Ubiquitous Computing and Intelligence. – 2007. – Т. 1. – №. 1. – С. 42-53.

Yu W. et al. DSSS-based flow marking technique for invisible traceback //2007 IEEE Symposium on Security and Privacy (SP'07). – IEEE, 2007. – С. 18-32.

Karnani S., Agrawal N., Kumar R. A comprehensive survey on low-rate and high-rate DDoS defense approaches in SDN: taxonomy, research challenges, and opportunities //Multimedia Tools and applications. – 2024. – Т. 83. – №. 12. – С. 35253-35306.

Pan X. et al. Long PN code based traceback in wireless networks //International Journal of Performability Engineering. – 2012. – Т. 8. – №. 2. – С. 173.

Park Y. H., Reeves D. S. Adaptive timing-based active watermarking for attack attribution through stepping stones //Proc. Second Int. Workshop on Security in Distributed Computing Systems, Washington, DC, USA. – 2005. – С. 107-113.

Wang X., Chen S., Jajodia S. Tracking anonymous peer-to-peer voip calls on the internet //Proceedings of the 12th ACM conference on Computer and communications security. – 2005. – С. 81-91.

Houmansadr A., Kiyavash N., Borisov N. Non-blind watermarking of network flows //IEEE/ACM Transactions on Networking. – 2013. – Т. 22. – №. 4. – С. 1232-1244.

Gong X., Rodrigues M., Kiyavash N. Invisible flow watermarks for channels with dependent substitution, deletion, and bursty insertion errors //IEEE transactions on information forensics and security. – 2013. – Т. 8. – №. 11. – С. 1850-1859.

Zhang L. et al. Synchronization in inter-packet delay based flow correlation techniques //J. Comput. Res. Dev. – 2011. – Т. 48. – №. 9. – С. 1643-1651.

Iacovazzi A. et al. DropWat: An invisible network flow watermark for data exfiltration traceback //IEEE Transactions on Information Forensics and Security. – 2017. – Т. 13. – №. 5. – С. 1139-1154.

Pyun Y. J. et al. Interval-based flow watermarking for tracing interactive traffic //Computer Networks. – 2012. – Т. 56. – №. 5. – С. 1646-1665.

Houmansadr A., Borisov N. SWIRL: A Scalable Watermark to Detect Correlated Network Flows //NDSS. – 2011.

Wang X., Yang M., Luo J. A novel sequential watermark detection model for efficient traceback of secret network attack flows //Journal of network and computer applications. – 2013. – Т. 36. – №. 6. – С. 1660-1670.

Yu L. et al. Dynamic interval-based watermarking for tracking down network attacks //2021 IEEE 21st International Conference on Software Quality, Reliability and Security (QRS). – IEEE, 2021. – С. 52-61.

Houmansadr A., Borisov N. BotMosaic: Collaborative network watermark for the detection of IRC-based botnets //Journal of Systems and Software. – 2013. – Т. 86. – №. 3. – С. 707-715.

Wang X., Chen S., Jajodia S. Network flow watermarking attack on low-latency anonymous communication systems //2007 IEEE Symposium on Security and Privacy (SP'07). – IEEE, 2007. – С. 116-130.

Lin M. et al. Network flow watermarking method based on centroid matching of interval group //2015 IEEE International Conference on Progress in Informatics and Computing (PIC). – IEEE, 2015. – С. 628-632.

Ramsbrock D., Wang X., Jiang X. A first step towards live botmaster traceback //International Workshop on Recent Advances in Intrusion Detection. – Berlin, Heidelberg : Springer Berlin Heidelberg, 2008. – С. 59-77.

Ling Z. et al. Novel packet size-based covert channel attacks against anonymizer //IEEE Transactions on Computers. – 2012. – Т. 62. – №. 12. – С. 2411-2426.

Zhang L. et al. Survey on network flow watermarking: model, interferences, applications, technologies and security //IET Communications. – 2018. – Т. 12. – №. 14. – С. 1639-1648.

Elices J. A., Pérez-González F. Fingerprinting a flow of messages to an anonymous server //2012 IEEE International Workshop on Information Forensics and Security (WIFS). – IEEE, 2012. – С. 97-102.

Houmansadr A., Borisov N. The need for flow fingerprints to link correlated network flows //Privacy Enhancing Technologies: 13th International Symposium, PETS 2013, Bloomington, IN, USA, July 10-12, 2013. Proceedings 13. – Springer Berlin Heidelberg, 2013. – С. 205-224.

Lei C. et al. Net-flow fingerprint model based on optimization theory //Arabian Journal for Science and Engineering. – 2016. – Т. 41. – С. 3081-3088.

Rezaei F., Houmansadr A. Tagit: Tagging network flows using blind fingerprints //Proceedings on Privacy Enhancing Technologies. – 2017.