Efficient dispersal of information for security, load balancing, and fault tolerance
Journal of the ACM (JACM)
Effective erasure codes for reliable computer communication protocols
ACM SIGCOMM Computer Communication Review
Cryptographic solution to a problem of access control in a hierarchy
ACM Transactions on Computer Systems (TOCS)
Untraceable electronic mail, return addresses, and digital pseudonyms
Communications of the ACM
StegFS: A Steganographic File System for Linux
IH '99 Proceedings of the Third International Workshop on Information Hiding
Mnemosyne: Peer-to-Peer Steganographic Storage
IPTPS '01 Revised Papers from the First International Workshop on Peer-to-Peer Systems
Mixminion: Design of a Type III Anonymous Remailer Protocol
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
Hiding Data Accesses in Steganographic File System
ICDE '04 Proceedings of the 20th International Conference on Data Engineering
Traffic analysis attacks on a continuously-observablesteganographic file system
IH'07 Proceedings of the 9th international conference on Information hiding
Reasoning about the anonymity provided by pool mixes that generate dummy traffic
IH'04 Proceedings of the 6th international conference on Information Hiding
A multi-user steganographic file system on untrusted shared storage
Proceedings of the 26th Annual Computer Security Applications Conference
A light-weight solution to preservation of access pattern privacy in un-trusted clouds
ESORICS'11 Proceedings of the 16th European conference on Research in computer security
Hi-index | 0.00 |
The goal of Steganographic File Systems (SFSs) is to protect users from coercion attacks by providing plausible deniability on the existence of hidden files. We consider an adversary who can monitor changes in the file store and use this information to look for hidden files when coercing the user. We outline a high-level SFS architecture that uses a local mix to relocate files in the remote store, and thus prevent known attacks [TDDP07] that rely on low-entropy relocations. We define probabilistic metrics for unobservability and (plausible) deniability, present an analytical framework to extract evidence of hidden files from the adversary's observation (before and after coercion,) and show in a experimental setup how this evidence can be used to reduce deniability. This work is a first step towards understanding and addressing the security requirements of SFSs operating under the considered threat model, of relevance in scenarios such as remote stores managed by semi-trusted parties, or distributed peer-to-peer SFSs.