Software protection and simulation on oblivious RAMs
Journal of the ACM (JACM)
StegFS: A Steganographic File System for Linux
IH '99 Proceedings of the Third International Workshop on Information Hiding
Mnemosyne: Peer-to-Peer Steganographic Storage
IPTPS '01 Revised Papers from the First International Workshop on Peer-to-Peer Systems
Hiding Data Accesses in Steganographic File System
ICDE '04 Proceedings of the 20th International Conference on Data Engineering
A Framework for the Analysis of Mix-Based Steganographic File Systems
ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security
A multi-user steganographic file system on untrusted shared storage
Proceedings of the 26th Annual Computer Security Applications Conference
A light-weight solution to preservation of access pattern privacy in un-trusted clouds
ESORICS'11 Proceedings of the 16th European conference on Research in computer security
Shroud: ensuring private access to large-scale data in the data center
FAST'13 Proceedings of the 11th USENIX conference on File and Storage Technologies
| Hi-index | 0.00 |
A continuously-observable steganographic file system allows to remotely store user files on a raw storage device; the security goal is to offer plausible deniability even when the raw storage device is continuously monitored by an attacker. Zhou, Pang and Tan have proposed such a system in [7] with a claim of provable security against traffic analysis. In this paper, we disprove their claims by presenting traffic analysis attacks on the file update algorithm of Zhou et al. Our attacks are highly effective in detecting file updates and revealing the existence and location of files. For multi-block files, we show that two updates are sufficient to discover the file. One-block files accessed a sufficient number of times can also be revealed. Our results suggest that simple randomization techniques are not sufficient to protect steganographic file systems from traffic analysis attacks.