skip to main content
10.1145/2070425.2070447acmotherconferencesArticle/Chapter ViewAbstractPublication PagessinConference Proceedingsconference-collections
research-article

A HTTP cookie covert channel

Published: 14 November 2011 Publication History

Abstract

This paper presents a new covert channel based on Google Analytic web cookies in HTTP protocol. The new covert channel is difficult to disrupt and is capable of reasonably high bandwidths. The Google Analytic framework is used by over half of the most popular web sites currently on the Internet; its ubiquitousness across the web implies a great impact of this covert.

References

[1]
P. Biondi. Scapy. http://www.secdev.org/projects/scapy/, Apr. 2010.
[2]
E. Brown, B. Yuan, D. Johnson, and P. Lutz. Covert channels in the HTTP network protocol: Channel characterization and detecting Man-in-the-Middle attacks. The Journal of Information Warfare, 9(3), Dec. 2010.
[3]
BuiltWith Trends: Google analytics usage statistics, 2011. http://trends.builtwith.com/analytics/Google-Analytics.
[4]
R. Fielding, J. Gettys, J. Mogul, H. Frystyk, L. Masinter, P. Leach, and T. Berners-Lee. Hypertext Transfer Protocol - HTTP/1.1., RFC 2616. 1999. Published: Internet Engineering Task Force.
[5]
T. P. S. Foundation. urllib2 extensible library for opening URL. http://docs.python.org/library/urllib2.html, May 2011.
[6]
Google. Cookies & google analytics. https://code.google.com/apis/analytics/ docs/concepts/gaConceptsCookies.html, 2011.
[7]
H. Huang, X. Sun, Z. Li, and G. Sun. Detection of hidden information in webpage. In Fourth International Conference on Fuzzy Systems and Knowledge Discovery (FSKD 2007), pages 317--321, Haikou, China, 2007.
[8]
B. W. Lampson. A note on the confinement problem. Communications of the ACM, 16(10):613--615, 1973.
[9]
M. Meiss, J. Duncan, B. Gonçalves, J. J. Ramasco, and F. Menczer. What's in a session. In Proceedings of the 20th ACM conference on Hypertext and hypermedia - HT '09, page 173, Torino, Italy, 2009.
[10]
P. Melliar-Smith and L. Moser. Protection against covert storage and timing channels. In Proceedings Computer Security Foundations Workshop IV, pages 209--214, Franconia, NH, USA, 1991.
[11]
R. C. Newman. Covert computer and network communications. In Proceedings of the 4th annual conference on Information security curriculum development - InfoSecCD '07, page 1, Kennesaw, Georgia, 2007.
[12]
D. Shen and H. Zhao. A novel scheme of webpage information hiding based on attributes. In 2010 IEEE International Conference on Information Theory and Information Security, pages 1147--1150, Beijing, China, Dec. 2010.
[13]
S. Zander, G. Armitage, and P. Branch. A survey of covert channels and countermeasures in computer network protocols. IEEE Communications Surveys & Tutorials, 9(3):44--57, 2007.
[14]
S. Zander, P. Branch, and G. Armitage. Error probability analysis of IP time to live covert channels. In 2007 International Symposium on Communications and Information Technologies, pages 562--567, Sydney, Australia, Oct. 2007.

Cited By

View all
  • (2018)Link Us if You Can: Enabling Unlinkable Communication on the Internet2018 15th Annual IEEE International Conference on Sensing, Communication, and Networking (SECON)10.1109/SAHCN.2018.8397144(1-9)Online publication date: Jun-2018
  • (2016)Covert Channel Using Man-in-the-Middle over HTTPS2016 International Conference on Computational Science and Computational Intelligence (CSCI)10.1109/CSCI.2016.0177(917-922)Online publication date: Dec-2016
  • (2014)A novel distributed covert channel in HTTPSecurity and Communication Networks10.1002/sec.8227:6(1031-1041)Online publication date: 1-Jun-2014
  • Show More Cited By

Index Terms

  1. A HTTP cookie covert channel

      Recommendations

      Comments

      Information & Contributors

      Information

      Published In

      cover image ACM Other conferences
      SIN '11: Proceedings of the 4th international conference on Security of information and networks
      November 2011
      276 pages
      ISBN:9781450310208
      DOI:10.1145/2070425
      Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

      In-Cooperation

      • SDU: Suleyman Demirel University
      • AOARD: Asian Office of Aerospace Research and Development
      • RDECOM: U.S. Army Research, Development and Engineering Command
      • US Army ITC-PAC Asian Research Office
      • AFOSR: AFOSR
      • ONRGlobal: U.S. Office of Naval Research Global
      • Macquarie University-Sydney

      Publisher

      Association for Computing Machinery

      New York, NY, United States

      Publication History

      Published: 14 November 2011

      Permissions

      Request permissions for this article.

      Check for updates

      Author Tags

      1. covert channels
      2. google analytic
      3. http protocol

      Qualifiers

      • Research-article

      Conference

      SIN 2011

      Acceptance Rates

      Overall Acceptance Rate 102 of 289 submissions, 35%

      Contributors

      Other Metrics

      Bibliometrics & Citations

      Bibliometrics

      Article Metrics

      • Downloads (Last 12 months)0
      • Downloads (Last 6 weeks)0
      Reflects downloads up to 17 Feb 2025

      Other Metrics

      Citations

      Cited By

      View all
      • (2018)Link Us if You Can: Enabling Unlinkable Communication on the Internet2018 15th Annual IEEE International Conference on Sensing, Communication, and Networking (SECON)10.1109/SAHCN.2018.8397144(1-9)Online publication date: Jun-2018
      • (2016)Covert Channel Using Man-in-the-Middle over HTTPS2016 International Conference on Computational Science and Computational Intelligence (CSCI)10.1109/CSCI.2016.0177(917-922)Online publication date: Dec-2016
      • (2014)A novel distributed covert channel in HTTPSecurity and Communication Networks10.1002/sec.8227:6(1031-1041)Online publication date: 1-Jun-2014
      • (2013)Make Your Webpage Carry Abundant Secret Information Unawarely2013 IEEE 10th International Conference on High Performance Computing and Communications & 2013 IEEE International Conference on Embedded and Ubiquitous Computing10.1109/HPCC.and.EUC.2013.83(541-548)Online publication date: Nov-2013

      View Options

      Login options

      View options

      PDF

      View or Download as a PDF file.

      PDF

      eReader

      View online with eReader.

      eReader

      Figures

      Tables

      Media

      Share

      Share

      Share this Publication link

      Share on social media