Journal of Electrical and Computer Engineering (Jan 2022)
Covert Channel Construction Method Based on HTTP Composite Protocols
Abstract
Aiming at the problems of low concealment of existing storage-type covert channels, high bit error rate, and low transmission rate of time-type covert channels, this paper proposes a method of constructing covert channels based on HTTP protocol combination. The method simulates browser application to send HTTP requests, dynamically distributes HTTP requests to different browsers, embeds hidden information by mathematical combination, and dynamically adjusts access objects, data packet time interval, and data packet length, thus improving the concealment of the channel. At the same time, the channel is based on the reliable transmission inside TCP protocol so that it is not affected by network jitter, thus ensuring the reliability of the channel. Experimental results show that this method can resist the detection method based on application signature, protocol fingerprint detection method, and combination model detection method, and has strong concealment. It can adjust the concealment and channel capacity according to the application scenario.
