StegFS: a steganographic file system

Pang, HweeHwa; Tan, Kian-Lee; Zhou, Xuan

doi:10.1109/icde.2003.1260829

Cited by 49 publications

(69 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…[6], [14], [52]) use only unauthenticated block Minimizing Data Loss: Data loss occurs when hidden data (unrevealed data at a high deniability level) is overwritten because the file system is mounted at a lower level-an unfortunate, but unavoidable characteristic of any deniable file system. One strategy to prevent overwriting is to maintain a global list of memory blocks that are free for writing (not in use by any higher or lower levels); a strategy similar to this is employed by Pang et al [33]. Alone, this strategy undermines plausible deniability: a single-view adversary learns which blocks are in-use across the system, revealing if hidden levels exist.…”

Section: Design Requirementsmentioning

confidence: 99%

“…Pang, Tan, and Zhou describe a different implementation, also called StegFS [33]. Their implementation uses an unencrypted global bitmap to ensure blocks are not accidentally overwritten.…”

Section: Related Workmentioning

confidence: 99%

“…Deniability Levels: The concept of a deniability level was introduced in previous deniable file systems implementations [9], [28], [33]. A deniability level is a collection of files that form a sensitivity equivalence class (e.g., love letters vs. trade secrets).…”

Section: Design Requirementsmentioning

confidence: 99%

“…Typical arguments for security against single-view adversaries [9], [28], [33] require demonstrating that three classes of blocks-unallocated blocks, formerly allocated (deleted) blocks, and unrevealed blocks-are indistinguishable to an adversary. In prior systems, this property stems from the indistinguishability of ciphertexts, but those cryptographic arguments are, alone, not sufficient proof.…”

Section: Security Analysismentioning

confidence: 99%

See 3 more Smart Citations

DEFY: A Deniable, Encrypted File System for Log-Structured Storage

Peters¹,

Gondree²,

Peterson³

2015

Proceedings 2015 Network and Distributed System Security Symposium

View full text Add to dashboard Cite

Abstract-While solutions for file system encryption can prevent an adversary from determining the contents of files, in situations where a user wishes to hide the existence of data, encryption alone is not sufficient. Indeed, encryption may draw attention to those files, as they may likely contain information the user wishes to keep secret. Consequently, adversarial coercion may motivate the owner to surrender their encryption keys, under duress. This paper presents DEFY, a deniable file system following a log-structured design. Maintaining a log-structure is motivated by the technical constraints imposed by solid-state drives, such as those found in mobile devices. These devices have consequential properties that previous work largely ignores. Further, DEFY provides features not offered by prior work, including: authenticated encryption, fast secure deletion, and support for multiple layers of deniability. We consider security against a snapshot adversary, the strongest deniable filesystem adversary considered by prior literature. We have implemented a prototype based on YAFFS and an evaluation shows DEFY exhibits performance degradation comparable to the encrypted file system for flash, WhisperYAFFS.

show abstract

Section: Design Requirementsmentioning

confidence: 99%

“…Pang, Tan, and Zhou describe a different implementation, also called StegFS [33]. Their implementation uses an unencrypted global bitmap to ensure blocks are not accidentally overwritten.…”

Section: Related Workmentioning

confidence: 99%

Section: Design Requirementsmentioning

confidence: 99%

Section: Security Analysismentioning

confidence: 99%

See 2 more Smart Citations

DEFY: A Deniable, Encrypted File System for Log-Structured Storage

Peters¹,

Gondree²,

Peterson³

2015

Proceedings 2015 Network and Distributed System Security Symposium

View full text Add to dashboard Cite

show abstract

“…According to Pang et al (2003), while user access control and encryption can protect valuable data from passive observers, those techniques leave visible ciphertexts that are likely to alert an active adversary to the existence of the data, who can then compel an authorised user to disclose it. To address this problem, they propose StegFS, a steganographic file system that aims to overcome that weakness by offering plausible deniability to owners of protected files.…”

Section: Related Workmentioning

confidence: 99%

Steganographic information hiding that exploits a novel file system vulnerability

Srinivasan

Kolli

2013

IJSN

View full text Add to dashboard Cite

Abstract:In this paper, we present DupeFile, a simple yet critical security vulnerability in numerous file systems. By exploiting DupeFile, adversary can store two or more files with the same name/path, with different contents, inside the same volume. Consequently, data-exfiltration exploiting DupeFile vulnerability, hereafter called DupeFile Hiding, becomes simple and easy to execute. In DupeFile Hiding, a known good file is chosen, whose name serves as the cover for hiding the malicious file. Hence we classify DupeFile Hiding as a steganography technique. This vulnerability can also be exploited for legitimate applications-hiding product license, DRM, etc. DupeFile was first uncovered on a FAT12-formatted disk on Win-98 VM. Nonetheless, the vulnerability exists in numerous file systems, including NTFS, HFS+, and HFS+ Journaled. We have developed two tools: DupeFile Detector and DupeFile Extractor for detecting and recovering hidden files respectively. We have also developed DupeFile Creator for hiding files in legitimate applications.Keywords: data hiding; file systems; integrity; security; steganography; vulnerability.Reference to this paper should be made as follows: Srinivasan, A., Kolli, S. and Wu, J. (2013) 'Steganographic information hiding that exploits a novel file system vulnerability', Int.

show abstract

Authenticating Multi-dimensional Query Results in Data Publishing

Wang

Pang

Tan

2006

Data and Applications Security XX

View full text Add to dashboard Cite

Abstract. In data publishing, the owner delegates the role of satisfying user queries to a third-party publisher. As the publisher may be untrusted or susceptible to attacks, it could produce incorrect query results. This paper introduces a mechanism for users to verify that their query answers on a multi-dimensional dataset are correct, in the sense of being complete (i.e., no qualifying data points are omitted) and authentic (i.e., all the result values originated from the owner). Our approach is to add authentication information into a spatial data structure, by constructing certified chains on the points within each partition, as well as on all the partitions in the data space. Given a query, we generate proof that every data point within those intervals of the certified chains that overlap the query window either is returned as a result value, or fails to meet some query condition. We study two instantiations of the approach: Verifiable KD-tree (VKDtree) that is based on space partitioning, and Verifiable R-tree (VRtree) that is based on data partitioning. The schemes are evaluated on window queries, and results show that VRtree is highly precise, meaning that few data points outside of a query result are disclosed in the course of proving its correctness.

show abstract

StegFS: a steganographic file system

Abstract: Abstract

Cited by 49 publications

References 8 publications

DEFY: A Deniable, Encrypted File System for Log-Structured Storage

DEFY: A Deniable, Encrypted File System for Log-Structured Storage

Steganographic information hiding that exploits a novel file system vulnerability

Authenticating Multi-dimensional Query Results in Data Publishing

Contact Info

Product

Resources

About