Publication Type

Conference Proceeding Article

Version

publishedVersion

Publication Date

12-2010

Abstract

Existing steganographic file systems enable a user to hide the existence of his secret data by claiming that they are (static) dummy data created during disk initialization. Such a claim is plausible if the adversary only sees the disk content at the point of attack. In a multi-user computing environment that employs untrusted shared storage, however, the adversary could have taken multiple snapshots of the disk content over time. Since the dummy data are static, the differences across snapshots thus disclose the locations of user data, and could even reveal the user passwords. In this paper, we introduce a Dummy-Relocatable Steganographic (DRSteg) file system to provide deniability in multi-user environments where the adversary may have multiple snapshots of the disk content. With its novel techniques for sharing and relocating dummy data during runtime, DRSteg allows a data owner to surrender only some data and attribute the unexplained changes across snapshots to the dummy operations. The level of deniability offered by DRSteg is configurable by the users, to balance against the resulting performance overhead. Additionally, DRSteg guarantees the integrity of the protected data, except where users voluntarily overwrite data under duress.

Discipline

Databases and Information Systems | Information Security

Publication

ACSAC '10: Proceedings of the 26th Annual Computer Security Applications Conference, December 6-10, 2010, Austin, Texas, USA

First Page

317

Last Page

326

ISBN

9781450301336

Identifier

10.1145/1920261.1920309

Publisher

ACM

City or Country

New York

Additional URL

http://doi.org/10.1145/1920261.1920309

Download

Share

COinS