Extensive use of computer networks is associated with the development of various effective methods that are suitable for hiding information in the contents transferred over the network. These methods are described as network steganography. Since web applications use HTTP protocol to transmit the requests to the server and send the answers to the final recipient, specifically HTTP protocol is ideal for hiding information. For example, there are several methods that can be used to transmit the additional content in the HTTP header. In this paper, we present authors’ evaluation method for network steganography using HTTP specific properties and evaluate the effectiveness of some techniques, providing experimental results.

This article describes security mechanisms used by 3rd-7th layers in OSI/ISO network model. Many of commonly used protocols by these layers were designed with assumption that there are nointruders. Such assumption was true many years ago. The network situation has been changed for last few years and we should realize that some properties of existing protocols may be abused. Moreover, we should exchange some of them or create new versions. There are some methods and guidelines concerning secure programming, but there is also lack of guidelines about creating secure protocols. Authors see the necessity of such guideline and this article is an attempt at analysing existing solutions and selecting some universal and important patterns.