A subliminal covert channel establishes a nearly undetectable communication session within a pre-established data stream between two separate entities. This document explains how HTTP can be utilized to facilitate a covert channel over both local and wide area networks. The Hypertext Transfer Protocol (HTTP) accounts for a majority of the Internet’s daily web traffic and is permitted within almost all network topologies. Therefore, HTTP is a prime medium for hiding messages and information communicated between separate parties. This paper illustrates a new approach to covertly encoding messages in the an HTTP message through use of the User-Agent and referrer strings in the HTTP Request Header.

Date of creation, presentation, or exhibit


Document Type

Conference Paper

Department, Program, or Center

Department of Computing Security (GCCIS)


RIT – Main Campus