Towards the Design of a Covert Channel by Using Web Tracking Technologies

  • Aniello Castiglione
  • Michele Nappi
  • Chiara PeroEmail author
Conference paper
Part of the Communications in Computer and Information Science book series (CCIS, volume 1123)


Browser Fingerprinting is the process in which the device and browser-related properties (or attributes) are collected through the browser for various reasons, especially, for user identification. The user is monitored through the tracking and collection of technical information, also detecting intrinsic properties of the device being analyzed. In particular, the collected results provide, if properly combined, sufficient information to profile and even identify a device. Those attributes include system information, such as screen dimensions, software versions and plugins, user-installed system fonts list, time zone, language and browser configuration. Browser profiling techniques are activities that typically invade user privacy. The objective of this work is to use those technologies underlying profiling systems for a purpose opposite to the one just indicated, i.e., to provide a mechanism for protecting user privacy by creating hidden communication channels. Usually, privacy protection is achieved by using cryptographic techniques. The main limitation of those techniques consists in exposing not the content of the communication but the communication itself. In this paper, the use of Steganography is motivated by this. Considering the wide use of the web technologies, in addition to the increased attention to the privacy of users connected to the Network, the aim is to analyze and design a steganographic system in order to create a covert channel between two communicating peers through the HTTP protocol.


Browser fingerprinting Covert channel Stegosystem Network steganography User profiling Web tracking 



This work has been partially supported by Italian National Research Project PRIN 2015 (201548C5NT) entitled “COntactlesS Multibiometric mObile System in the wild: COSMOS”.


  1. 1.
    Acar, G., et al.: FPDetective: dusting the web for fingerprinters. In: Proceedings of the 2013 ACM SIGSAC CCS 2013, pp. 1129–1140 (2013)Google Scholar
  2. 2.
    Aggarwal, G., Bursztein, E., Jackson, C., Boneh, D.: An analysis of private browsing modes in modern browsers. In: USENIX Security Symposium, pp. 79–94 (2010)Google Scholar
  3. 3.
    Alepis, E., Patsakis, C.: The all seeing eye: web to app intercommunication for session fingerprinting in android. In: Wang, G., Atiquzzaman, M., Yan, Z., Choo, K.-K.R. (eds.) SpaCCS 2017. LNCS, vol. 10656, pp. 93–107. Springer, Cham (2017). Scholar
  4. 4.
    Bauer, M.: New covert channels in HTTP: adding unwitting web browsers to anonymity sets. In: Proceedings of the 2003 ACM Workshop on Privacy in the Electronic Society, WPES 2003, pp. 72–78. ACM, New York (2003)Google Scholar
  5. 5.
    Boda, K., Földes, Á.M., Gulyás, G.G., Imre, S.: User tracking on the web via cross-browser fingerprinting. In: Laud, P. (ed.) NordSec 2011. LNCS, vol. 7161, pp. 31–46. Springer, Heidelberg (2012). Scholar
  6. 6.
    Bowyer, L.: Firewall bypass via protocol stenography, December 2002Google Scholar
  7. 7.
    Castiglione, A., D’Alessio, B., De Santis, A.: Steganography and secure communication on online social networks and online photo sharing. In: 2011 International Conference on Broadband and Wireless Computing, Communication and Applications, pp. 363–368, October 2011Google Scholar
  8. 8.
    Castiglione, A., De Santis, A., Fiore, U., Palmieri, F.: E-mail-based covert channels for asynchronous message steganography. In: 2011 Fifth International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, pp. 503–508, June 2011Google Scholar
  9. 9.
    Castiglione, A., D’Alessio, B., De Santis, A., Palmieri, F.: New steganographic techniques for the OOXML file format. In: Tjoa, A.M., Quirchmayr, G., You, I., Xu, L. (eds.) CD-ARES 2011. LNCS, vol. 6908, pp. 344–358. Springer, Heidelberg (2011). Scholar
  10. 10.
    Castiglione, A., De Santis, A., Fiore, U., Palmieri, F.: An asynchronous covert channel using spam. Comput. Math. Appl. 63(2), 437–447 (2012). Advances in context, cognitive, and secure computingCrossRefGoogle Scholar
  11. 11.
    Caviglione, L., Podolski, M., Mazurczyk, W., Ianigro, M.: Covert channels in personal cloud storage services: the case of Dropbox. IEEE Trans. Industr. Inf. 13(4), 1921–1931 (2016)CrossRefGoogle Scholar
  12. 12.
    Duncan, R., Martina, J.E.: Steganographic message broadcasting using web protocols. In: proceedings of: Simposio Brasilerio de Seguranca (SBSeg 2010), Fortaleza, Brasil, pp. 61–70. Sociedade Brasileira de Computação (2010)Google Scholar
  13. 13.
    Dyatlov, A., Castro, S.: Exploitation of data streams authorized by a network access control system for arbitrary data transfers: tunneling and covert channels over the http protocol. Grayworld, USA (2003).
  14. 14.
    Eckersley, P.: How unique is your web browser? In: Atallah, M.J., Hopper, N.J. (eds.) PETS 2010. LNCS, vol. 6205, pp. 1–18. Springer, Heidelberg (2010). Scholar
  15. 15.
    El-Atawy, A., Duan, Q., Al-Shaer, E.: A novel class of robust covert channels using out-of-order packets. IEEE Trans. Dependable Secure Comput. 14(2), 116–129 (2015)CrossRefGoogle Scholar
  16. 16.
    Eßer, H.G., Freiling, F.C.: Kapazitätsmessung eines verdeckten Zeitkanalsüber HTTP. Technical report, Universität Mannheim, Praktische Informatik, November 1993. reihe Informatik, TR-2005-10 (in German language)Google Scholar
  17. 17.
    Fielding, R.T.: Hypertext transfer protocol - HTTP/1.1., RFC 2616. Technical report, The Internet Society, June 1999Google Scholar
  18. 18.
    Gligor, V.D.: A guide to understanding covert channel analysis of trusted systems. Technical report, National Computer Security Center, November 1993. Technical Report NCSC-TG-030, Library No. S-240,572, version 1Google Scholar
  19. 19.
    Krishnamurthy, B., Naryshkin, K., Wills, C.: Privacy leakage vs. protection measures: the growing disconnect. In: Proceedings of Web 2.0 Workshop on Security and Privacy, vol. 2, pp. 1–10 (2011)Google Scholar
  20. 20.
    Kwecka, Z.: Application layer covert channel analysis and detection. Undergraduate Project Dissertation, Napier University (2006)Google Scholar
  21. 21.
    Laperdrix, P., Bielova, N., Baudry, B., Avoine, G.: Browser fingerprinting: a survey (2019)Google Scholar
  22. 22.
    Laperdrix, P., Rudametkin, W., Baudry, B.: Beauty and the beast: diverting modern web browsers to build unique browser fingerprints. In: 2016 IEEE Symposium on Security and Privacy (SP), pp. 878–894. IEEE (2016)Google Scholar
  23. 23.
    Lehner, F., Mazurczyk, W., Keller, J., Wendzel, S.: Inter-protocol steganography for real-time services and its detection using traffic coloring approach. In: 2017 IEEE 42nd Conference on Local Computer Networks (LCN), pp. 78–85, October 2017Google Scholar
  24. 24.
    Mayer, J.R.: Any person... a pamphleteer: internet anonymity in the age of web 2.0. Master’s thesis, Princeton University, April 2009.
  25. 25.
    Mayer, J.R., Mitchell, J.C.: Third-party web tracking: policy and technology. In: 2012 IEEE Symposium on Security and Privacy, pp. 413–427, May 2012Google Scholar
  26. 26.
    Mazurczyk, W., Caviglione, L.: Steganography in modern smartphones and mitigation techniques. IEEE Commun. Surv. Tutor. 17(1), 334–357 (2015)CrossRefGoogle Scholar
  27. 27.
    Mazurczyk, W., Karaś, M., Szczypiorski, K., Janicki, A.: YouSkyde: information hiding for Skype video traffic. Multimedia Tools Appl. 75(21), 13521–13540 (2016)CrossRefGoogle Scholar
  28. 28.
    Mazurczyk, W., Wendzel, S.: Information hiding: challenges for forensic experts. Commun. ACM 61(1), 86–94 (2017)CrossRefGoogle Scholar
  29. 29.
    Mileva, A., Panajotov, B.: Covert channels in TCP/IP protocol stack - extended version. Cent. Eur. J. Comput. Sci. 4(2), 45–66 (2014)Google Scholar
  30. 30.
    Mohammed, Y.F., Thompson, D.R.: Visualization of DNS tunneling attacks using parallel coordinates technique. In: Wang, G., Feng, J., Bhuiyan, M.Z.A., Lu, R. (eds.) SpaCCS 2019. LNCS, vol. 11611, pp. 89–101. Springer, Cham (2019). Scholar
  31. 31.
    Mulazzani, M., et al.: Fast and reliable browser identification with Javascript engine fingerprinting. In: Web 2.0 Workshop on Security and Privacy (W2SP), vol. 5 (2013)Google Scholar
  32. 32.
    Müller, T.: On detecting web-tracking. Master’s thesis, Ludwig-Maximilians-Universität München, July 2015.
  33. 33.
    Rampe, D., Wolf, K.: Device fingerprinting and fraud protection whitepaper. Technical report, ThreatMetrix, July 2014Google Scholar
  34. 34.
    Schmidt, S., Mazurczyk, W., Kulesza, R., Keller, J., Caviglione, L.: Exploiting IP telephony with silence suppression for hidden data transfers. Comput. Secur. 79, 17–32 (2018)CrossRefGoogle Scholar
  35. 35.
    Schmidt, S.S., Mazurczyk, W., Keller, J., Caviglione, L.: A new data-hiding approach for IP telephony applications with silence suppression. In: Proceedings of the 12th ARES 2017, pp. 83:1–83:6 (2017)Google Scholar
  36. 36.
    Shen, Y., Yang, W., Huang, L.: Concealed in web surfing: behavior-based covert channels in HTTP. J. Netw. Comput. Appl. 101, 83–95 (2018)CrossRefGoogle Scholar
  37. 37.
    Yen, T.F., Xie, Y., Yu, F., Yu, R.P., Abadi, M.: Host fingerprinting and tracking on the web: privacy and security implications. In: The 19th Annual Network and Distributed System Security Symposium (NDSS). Internet Society, February 2012Google Scholar

Copyright information

© Springer Nature Singapore Pte Ltd. 2019

Authors and Affiliations

  1. 1.Department of Science and TechnologyUniversity of Naples ParthenopeNaplesItaly
  2. 2.Department of Computer ScienceUniversity of SalernoFiscianoItaly

Personalised recommendations