Cryptologia
IBM Systems Journal
Hiding the Hidden: A software system for concealing ciphertext as innocuous text
ICICS '97 Proceedings of the First International Conference on Information and Communication Security
Infranet: Circumventing Web Censorship and Surveillance
Proceedings of the 11th USENIX Security Symposium
Eliminating Steganography in Internet Traffic with Active Wardens
IH '02 Revised Papers from the 5th International Workshop on Information Hiding
Reliable detection of LSB steganography in color and grayscale images
MM&Sec '01 Proceedings of the 2001 workshop on Multimedia and security: new challenges
SIDD: A Framework for Detecting Sensitive Data Exfiltration by an Insider Attack
HICSS '09 Proceedings of the 42nd Hawaii International Conference on System Sciences
Digital Watermarking and Steganography
Digital Watermarking and Steganography
A new approach to covert communication via PDF files
Signal Processing
e-Forensics steganography system for secret information retrieval
Advanced Engineering Informatics
IEEE Transactions on Information Forensics and Security
Steganographic communication in ordered channels
IH'06 Proceedings of the 8th international conference on Information hiding
A method for automatic identification of signatures of steganography software
IEEE Transactions on Information Forensics and Security
Social network-based botnet command-and-control: emerging threats and countermeasures
ACNS'10 Proceedings of the 8th international conference on Applied cryptography and network security
Chipping away at censorship firewalls with user-generated content
USENIX Security'10 Proceedings of the 19th USENIX conference on Security
Derivative-based audio steganalysis
ACM Transactions on Multimedia Computing, Communications, and Applications (TOMCCAP)
A Survey of Covert Channels and Countermeasures in Computer Network Protocols
IEEE Communications Surveys & Tutorials
Data concealment and detection in Microsoft Office 2007 files
Digital Investigation: The International Journal of Digital Forensics & Incident Response
FAUST: Forensic artifacts of uninstalled steganography tools
Digital Investigation: The International Journal of Digital Forensics & Incident Response
The history of subliminal channels
IEEE Journal on Selected Areas in Communications
| Hi-index | 0.00 |
Steganographic techniques allow users to covertly transmit information, hiding the existence of the communication itself. These can be used in several scenarios ranging from evading censorship to discreetly extracting sensitive information from an organization. In this paper, we consider the problem of using steganography through a widely used network protocol (i.e. HTTP). We analyze the steganographic possibilities of HTTP, and propose an active warden model to hinder the usage of covert communication channels. Our framework is meant to be useful in many scenarios. It could be employed to ensure that malicious insiders are not able to use steganography to leak information outside an organization. Furthermore, our model could be used by web servers administrators to ensure that their services are not being abused, for example, as anonymous steganographic mailboxes. Our experiments show that steganographic contents can be successfully eliminated, but that dealing with high payload carriers such as large images may introduce notable delays in the communication process.