Review of covert channels over HTTP: Communication and countermeasures
Title | Review of covert channels over HTTP: Communication and countermeasures |
Publication Type | Conference Paper |
Year of Publication | 2017 |
Authors | Kogos, K. G., Seliverstova, E. I., Epishkina, A. V. |
Conference Name | 2017 IEEE Conference of Russian Young Researchers in Electrical and Electronic Engineering (EIConRus) |
Keywords | Browsers, capacity, compositionality, covert channel, covert channels, covert communication method, covert information container, cryptographic protocols, cryptography, data leakage, detection, HTTP, Internet, message content confidentiality, networks, Protocols, pubcrawl, Receivers, Resiliency, Scalability, Servers, Technological innovation, Timing, transport protocols, ubiquitous HTTP message, Uniform resource locators |
Abstract | Many innovations in the field of cryptography have been made in recent decades, ensuring the confidentiality of the message's content. However, sometimes it's not enough to secure the message, and communicating parties need to hide the fact of the presence of any communication. This problem is solved by covert channels. A huge number of ideas and implementations of different types of covert channels was proposed ever since the covert channels were mentioned for the first time. The spread of the Internet and networking technologies was the reason for the use of network protocols for the invention of new covert communication methods and has led to the emergence of a new class of threats related to the data leakage via network covert channels. In recent years, web applications, such as web browsers, email clients and web messengers have become indispensable elements in business and everyday life. That's why ubiquitous HTTP messages are so useful as a covert information containers. The use of HTTP for the implementation of covert channels may increase the capacity of covert channels due to HTTP's flexibility and wide distribution as well. We propose a detailed analysis of all known HTTP covert channels and techniques of their detection and capacity limitation. |
URL | http://ieeexplore.ieee.org/document/7910590/ |
DOI | 10.1109/EIConRus.2017.7910590 |
Citation Key | kogos_review_2017 |
- message content confidentiality
- Uniform resource locators
- ubiquitous HTTP message
- transport protocols
- timing
- Technological innovation
- Servers
- Scalability
- Resiliency
- Receivers
- pubcrawl
- Protocols
- networks
- Browsers
- internet
- HTTP
- detection
- data leakage
- Cryptography
- Cryptographic Protocols
- covert information container
- covert communication method
- covert channels
- covert channel
- Compositionality
- capacity