A subliminal covert channel establishes a nearly undetectable communication session within a pre-established data stream between two separate entities.This document explains how HTTP can be utilized to facilitate a covert channel over both local and wide area networks. The Hypertext Transfer Protocol (HTTP) accounts for a majority of the Internet’s daily web traffic and is permitted within almost all network topologies. Therefore, HTTP is a prime medium for hiding messages and information communicated between separate parties. This paper illustrates a new approach to covertly encoding messages in the an HTTP message through use of the User-Agent and referer strings in the HTTP Request Header.
[1]
Butler W. Lampson,et al.
A note on the confinement problem
,
1973,
CACM.
[2]
Charles Kozierok,et al.
The TCP/IP Guide: A Comprehensive, Illustrated Internet Protocols Reference
,
2005
.
[3]
Daryl Johnson,et al.
Behavior-Based Covert Channel in Cyberspace
,
2009
.
[4]
Pabak Indu,et al.
Hiding Data in Text using ASCII Mapping Technology (AMT)
,
2013
.
[5]
Bo Yuan,et al.
Covert channels in the HTTP network protocol: Channel characterization and detecting man-in-the-middle attacks
,
2010
.
[6]
Roy T. Fielding,et al.
Hypertext Transfer Protocol - HTTP/1.0
,
1996,
RFC.