Steganography in the QUIC Communication Protocol

Network steganography has existed for several decades and it uses network traffic and network protocols as carriers for embedding secret messages in a stealthy manner. Quick UDP Internet Connections (QUIC) is a novel secure and reliable transport layer network protocol that is encapsulated in the User Datagram Protocol (UDP) and utilizes the Transport Layer Security Version 1.3 (TLSv1.3) standard. In addition, Hypertext Transfer Protocol Version 3 (HTTP/3) employs QUIC. In this paper, we present a systematic analysis of the covert channels that can be found in QUIC. Twenty novel covert channels are identified by applying the latest covert channel pattern based taxonomy, and an analysis of their transmission rate, undetectability, and robustness is presented, together with suggested countermeasures. A single covert channel is implemented as a proof of concept tool and is appropriately evaluated.