CovertCast

CovertCast is an platform designed to evade Internet censorship by tunneling web traffic through live-streaming videos services like YouTube Live. CovertCast is designed to modulate popular websites into videos that are then broadcast online. Clients with the CovertCast software can demodulate the videos back into their original web content.

Source Code

The CovertCast code can be downloaded from GitHub. It is still in early development and should not be used in production without further study and development. CovertCast does not hide that the client is watching a live-streaming video, though the exact video might be hidden depending upon the streaming service used.

Overview

CovertCast is a system that allows users to tunnel their web traffic through live-streaming services. It consists of two parts, a server and a client. The server, sitting outside of the censored region, crawls through websites, modulating their content into a video which is then streamed online. The client, which is inside of the censored region, watches the video, demodulates it back into the original web content, and serves it to a user's browser using a local proxy.

CovertCast does not stream videos of websites. It modulates the raw web content into images, which are used as the frames in live-streaming videos. Clients download and demodulate the content before caching it locally. Using a local proxy they can interact with the websites through their web browsers. Because the content is stored locally, a client can load CovertCast, wait for an entire website to be downloaded, and then browse the site without lag. Modulating the content before sending it also allows CovertCast to achieve a higher bandwidth.

A CovertCast frame.

Each CovertCast server decides which websites to crawl and how to crawl them. Because CovertCast is asynchronous, one server is able to make use of the live-streaming website to stream to any number of clients at once. However, this scaling comes at a cost: a client is not able to request sites through CovertCast or otherwise interact with a server.

CovertCast does not require any modifications to the streaming service and employs the same protocols, servers, and streaming software as any other user of the service. Therefore, CovertCast cannot be distinguished from other live streams by IP address filtering or protocol fingerprinting, raising the bar for censors.

Client Instructions

The CovertCast client is designed to run on Windows using Python 3 and C++ and expects the streams to be YouTube videos. It should be relatively simple to port to other OSes and streaming services.

1. Install CovertCast dependencies.
2. Compile the CovertCast screen scraping code (see screenscraper/).
3. Load the CovertCast live-stream in a normal web browser.
4. Load a second browser using the CovertCast as a proxy. You can change the IP address in h2clientweb.py.
5. Start client.py.
6. Run the screen scraping code on the client.
7. Browse the demodulated web content in your browser.

Server Instructions

The CovertCast server is designed to run on Linux. It sends RTMP streams to YouTube Live and currently only supports scraping of five news websites. It should be simple to port it to other streaming services and scrape other websites. Note that while YouTube streams are encrypted between YouTube and the clients, the RTMP feed is not. Other streaming sites may have different encryption deployment.

1. Install CovertCast dependencies.
2. Modify the the WebServer.guide variable in covertcast/web/h2serverweb.py to use one of our webscraping guides or write you own.
3. Start a live video stream.
4. Edit covertcast/broadcast-yt.sh to point to your live-stream.
5. Start server.py.

Paper

CovertCast was developed by researchers at UT Austin, UMass Amherst, and Cornell Tech. It was published at PETS 2016. A full description of the system, real-world bandwidth measures, and analysis of its security can be found in the paper.