Description

A subliminal covert channel establishes a nearly undetectable communication session within a pre-established data stream between two separate entities. This document explains how HTTP can be utilized to facilitate a covert channel over both local and wide area networks. The Hypertext Transfer Protocol (HTTP) accounts for a majority of the Internet’s daily web trafﬁc and is permitted within almost all network topologies. Therefore, HTTP is a prime medium for hiding messages and information communicated between separate parties. This paper illustrates a new approach to covertly encoding messages in the an HTTP message through use of the User-Agent and referrer strings in the HTTP Request Header.

Date of creation, presentation, or exhibit

6-2016

Document Type

Conference Paper

Department, Program, or Center

Department of Computing Security (GCCIS)

Recommended Citation

S. Heilman, J. Williams, and D. Johnson, "Covert Channel in HTTP User-Agents," 11th Annual Symposium on Information Assurance (ASIA’16), Albany, NY, 2016, pp. 68-73.

Campus

RIT – Main Campus

Download

COinS

Presentations and other scholarship

Covert Channel in HTTP User-Agents

Description

Date of creation, presentation, or exhibit

Document Type

Department, Program, or Center

Recommended Citation

Campus

Search

Browse

Author Corner

RIT Links

Presentations and other scholarship

Covert Channel in HTTP User-Agents

Authors

Description

Date of creation, presentation, or exhibit

Document Type

Department, Program, or Center

Recommended Citation

Campus

Share

Search

Browse

Author Corner

RIT Links