A framework for avoiding steganography usage over HTTP

Blasco Alis, Jorge and Hernandez-Castro, Julio C. and de Fuentes, Jose Maria and Ramos, Benjamin (2012) A framework for avoiding steganography usage over HTTP. Journal of Network and Computer Applications, 35 (1). pp. 491-501. ISSN 1084-8045. (Access to this publication is restricted)

PDF
Restricted to Repository staff only
Contact us about this Publication Download (1MB)
[img]
Official URL
http://dx.doi.org/10.1016/j.jnca.2011.10.003

Abstract

Steganographic techniques allow users to covertly transmit information, hiding the existence of the communication itself. These can be used in several scenarios ranging from evading censorship to discreetly extracting sensitive information from an organization. In this paper, we consider the problem of using steganography through a widely used network protocol (i.e. HTTP). We analyze the steganographic possibilities of HTTP, and propose an active warden model to hinder the usage of covert communication channels. Our framework is meant to be useful in many scenarios. It could be employed to ensure that malicious insiders are not able to use steganography to leak information outside an organization. Furthermore, our model could be used by web servers administrators to ensure that their services are not being abused, for example, as anonymous steganographic mailboxes. Our experiments show that steganographic contents can be successfully eliminated, but that dealing with high payload carriers such as large images may introduce notable delays in the communication process.

Item Type: Article
Uncontrolled keywords: Active warden; Covert channels; HTTP; Sanitization; Steganography
Subjects: Q Science > QA Mathematics (inc Computing science) > QA 75 Electronic computers. Computer science
Divisions: Faculties > Science Technology and Medical Studies > School of Computing > Security Group
Depositing User: Julio Hernandez-Castro
Date Deposited: 24 Oct 2012 12:43
Last Modified: 18 Mar 2013 15:25
Resource URI: http://kar.kent.ac.uk/id/eprint/31941 (The current URI for this page, for reference purposes)
  • Depositors only (login required):

Downloads

Downloads per month over past year