A Framework for Avoiding Steganography Usage Over HTTP
Source: University of Portsmouth
Steganographic techniques allow users to covertly transmit information, hiding the existence of the communication itself. These can be used in several scenarios ranging from evading censorship to discreetly extracting sensitive information from an organization. In this paper, the authors consider the problem of using steganography through a widely used network protocol (i.e., HTTP). They analyze the steganographic possibilities of HTTP, and propose an active warden model to eliminate any covert communication channel. Their framework is meant to be useful in many scenarios. It could be employed to ensure that malicious insiders are not able to use steganography to leak information outside an organization.