SSL协议隐蔽通道的研究与实现

为提升隐蔽通道的网络穿透能力及抗分析性能，提出了一种基于SSL安全协议的新型隐蔽通道。通过SSL握手报文的随机数字段建立隐蔽域，利用SSL握手协商构建消息通道，采用一包一密进行流量变形伪装，通过访问HTTPS服务实现网络隐蔽通道传输。在多种不同HTTPS环境下的实验验证了该方法的可行性，测试结果表明，相比传统存储型隐蔽通道，该隐蔽信道的容量有大幅度提高，单个报文可携带28 Byte信息，且具有更高的抗隐蔽域估计及抗统计画像能力。

Research and Implementation of Covert Channel of SSL Protocol

In order to improve the network penetration capability and anti-analytic performance of the covert channel, a new covert channel based on SSL security protocol is proposed. The covert field is established through the random number field of the SSL handshake packet, and a message channel is constructed using SSL handshake negotiation. One packet uses one secret key to implement traffic deformation camouflage. The network covert channel transmission is realized by accessing the HTTPS service. Experiments in a variety of different HTTPS environments verify the feasibility of the proposed method. The experimental results show that the capacity of the covert channel is greatly improved compared with the traditional storage covert channel, and a single packet can carry 28 Byte of information. The SSL covert channel has higher anti-hidden domain estimation and anti-statistical image ability.