# A Covert Data Transport Protocol

**Authors:** Yu Fu, Zhe Jia, Lu Yu, Xingsi Zhong, Richard Brooks

arXiv: 1703.02201 · 2017-04-04

## TL;DR

This paper introduces a covert data transport protocol that encodes encrypted data into domain names using a DGA, enabling undetectable data transfer through firewalls and DPI evasion.

## Contribution

It presents a novel method of encoding encrypted data into domain names via DGA, enhancing covert communication capabilities against firewalls and DPI.

## Key findings

- Effective evasion of DPI and firewall filtering.
- Undetectable data transfer using domain generation algorithms.
- Utilizes free dynamic DNS services for registration.

## Abstract

Both enterprise and national firewalls filter network connections. For data forensics and botnet removal applications, it is important to establish the information source. In this paper, we describe a data transport layer which allows a client to transfer encrypted data that provides no discernible information regarding the data source. We use a domain generation algorithm (DGA) to encode AES encrypted data into domain names that current tools are unable to reliably differentiate from valid domain names. The domain names are registered using (free) dynamic DNS services. The data transmission format is not vulnerable to Deep Packet Inspection (DPI).

## Full text

_Full body text omitted from this summary view._ Fetch the complete paper as Markdown: https://tomesphere.com/paper/1703.02201/full.md

## Figures

8 figures with captions in the complete paper: https://tomesphere.com/paper/1703.02201/full.md

## References

45 references — full list in the complete paper: https://tomesphere.com/paper/1703.02201/full.md

---
Source: https://tomesphere.com/paper/1703.02201