Sina Kamali (University of Waterloo), Diogo Barradas (University of Waterloo)

As Internet censorship grows pervasive, users often rely on covert channels to evade surveillance and access restricted content. Web protocol tunneling tools use websites as proxies, encapsulating covert data within web protocols to blend with legitimate traffic to avoid detection. However, existing tools are prone to detection via traffic analysis, enabling censors to identify the use of such tools via fingerprinting attacks or due to the generation of abnormal browsing patterns.

We present Huma, a new web protocol tunneling tool that addresses existing detection concerns. By deferring covert data transmissions, Huma allows a website participating in circumvention to first respond with unmodified content, while responses embedding covert data are prepared in the background and delivered during the client's next request, thus avoiding timing anomalies that facilitate fingerprinting. By relying on an overt user simulator modeled after realistic browsing activity, Huma also follows users' expected browsing behaviors. Lastly, Huma prevents adversary-controlled websites from tying communication endpoints together, enabling straightforward extensions to enable covert communications in Intranet censorship scenarios.

View More Papers

CoT-DPG: A Co-Training based Dynamic Password Guessing Method

Chenyang Wang (National University of Defense Technology), Fan Shi (National University of Defense Technology), Min Zhang (National University of Defense Technology), Chengxi Xu (National University of Defense Technology), Miao Hu (National University of Defense Technology), Pengfei Xue (National University of Defense Technology), Shasha Guo (National University of Defense Technology), jinghua zheng (National University of Defense…

Read More

Unveiling BYOVD Threats: Malware's Use and Abuse of Kernel...

Andrea Monzani (University of Milan), Antonio Parata (University of Milan), Andrea Oliveri (EURECOM), Simone Aonzo (EURECOM), Davide Balzarotti (EURECOM), Andrea Lanzi (University of Milan)

Read More