* Please note that the author of a pattern is not necessarily the inventor of a particular hiding technique. Instead he/she is the one who recognized the pattern within different hiding techniques. The authors of the particular hiding techniques are listed in the `Evidence' attribute of each pattern.
|Hierarchy of Hiding Patterns (from , as an extension of  and ).|
Protocol-agnostic Covert Timing Channel Patterns:
PT1. Inter-packet Times
PT2. Message Timing
Protocol-aware Covert Timing Channel Patterns:
PT10. Artificial Loss
PT11. Message (PDU) Order
PT13. Frame Collisions
Structure Modifying Covert Storage Channel Patterns:
PS1. Size Modulation
PS2. Sequence, incl. sub-patterns
PS3. Add Redundancy
Structure Preserving Covert Storage Channel Patterns:
PS10. Random Value
PS11. Value Modulation, incl. sub-patterns
User-data Agnostic Covert Storage Channel Patterns:
PS20. Payload Field Size Modulation (derived from PS1)
PS21. User-data Corruption
User-data Aware Covert Storage Channel Patterns:
PS30. Modify Redundancy
PS31. User-data Value Modulation and Reserved/Unused
Implementation: Most of these patterns, excluding the payload-specific patterns, can be created with the CCEAP tool.
Pattern-based Survey and Categorization of Network Covert Channel Techniques, ACM Computing Surveys, Vol. 47, Issue 3, pp. 50:1-26, ACM, 2015.
An early version of the article is available here: download.
 W. Mazurczyk, S. Wendzel, S. Zander, A. Houmansadr, K. Szczypiorski: Information Hiding in Communication Networks, Wiley, 2016. Chapters 3 and 8 contain discussions on hiding patterns, basically on the basis of  but with an extension of timing-based patterns.
 W. Mazurczyk, S. Wendzel, K. Cabaj: Towards Deriving Insights into Data Hiding Methods Using Pattern-based Approach, in Proc. Second International Workshop on Criminal Use of Information Hiding (CUING 2018) at ARES, pp. 10:1-10:10, ACM, 2018.