关键词: 安全套接层（SSL）, 隐蔽通道, 握手协商, 超文本安全传输协议（HTTPS）

Abstract:

In order to improve the network penetration capability and anti-analytic performance of the covert channel, a new covert channel based on SSL security protocol is proposed. The covert field is established through the random number field of the SSL handshake packet, and a message channel is constructed using SSL handshake negotiation. One packet uses one secret key to implement traffic deformation camouflage. The network covert channel transmission is realized by accessing the HTTPS service. Experiments in a variety of different HTTPS environments verify the feasibility of the proposed method. The experimental results show that the capacity of the covert channel is greatly improved compared with the traditional storage covert channel, and a single packet can carry 28 Byte of information. The SSL covert channel has higher anti-hidden domain estimation and anti-statistical image ability.

Key words: Secure Sockets Layer（SSL）, covert channel, handshake negotiation, Hypertext Transfer Protocol Secure（HTTPS）