Annual Symposium on Information Assurance (ASIA), 2016.
https://www.albany.edu/iasymposium/
A subliminal covert channel establishes a nearly undetectable communication session with a pre-established data stream between two separate entities. This document explains how HTTP can be utilized to facilitate a covert channel over both local and wide area networks. The Hypertext Transfer Protocol (HTTP) accounts for a majority of the Internet’s daily web traffic and is permitted within almost all network topologies. Therefore, HTTP is a prime medium for hiding messages and information communicated between separate parties. This paper illustrates a new approach to covertly encoding messages in the HTP message through use of the User-Agent and referer strings in the HTTP Request Header.
Index Terms – Covert, covert channel, HTTP, User-Agent, HTTP Request.
https://www.albany.edu/iasymposium/proceedings/2016/15_Heilman,_etal_ASIA2016.pdf