covert fs presenttion
TRANSCRIPT
-
8/13/2019 Covert Fs Presenttion
1/15
Web Based Covert File System
-
8/13/2019 Covert Fs Presenttion
2/15
The use of social media is growing exponentially.
Personal information is exposed at mass media scale.
Mass media and personal communication roles are hard to
separate.
Need of Legitimate and covert communication.
The Internet:Personal and Mass Media
-
8/13/2019 Covert Fs Presenttion
3/15
-
8/13/2019 Covert Fs Presenttion
4/15
Covert FS: A High Level View
1. Motivated by two applications-
Store personal data anywhere ,anytime access.
Covert communication through media sharing.
2. Plausible deniability-
Intent of hiding secret information .
Intent of sharing hidden content with other users.
Share as well as access it anytime.
3. Undetectable by service provider-
Steganalysis.
Access traffic analysis.
-
8/13/2019 Covert Fs Presenttion
5/15
Covert FS: A Closer View
File blocks are mapped to photos one to one.
I-node blocks stored in photos .
Photo names are user defined .Unlimited name space
Safe hiding capacity is about 10% of actual photo size.
-
8/13/2019 Covert Fs Presenttion
6/15
Mounting the File System
User account verification .
Mounting of Hidden File system on the local file system.
Photos containing hidden file system are maintained on local
image cache.
-
8/13/2019 Covert Fs Presenttion
7/15
Simple Mapping
I-nodes and data blocks identified by photo names.
Name of the photo containing root i-node maps to
special value when hashed with stegokey.
-
8/13/2019 Covert Fs Presenttion
8/15
Locating the Latest Allocation Map
Embed forward pointers in the
allocation mapThe name of the photo to carry the
next version of allocation map
next name
Follow the chain to retrieve the latest
allocation map.
If next name not found, current photo
contains the latest allocation map
Photos are garbage-collected in
FIFO order.
-
8/13/2019 Covert Fs Presenttion
9/15
Covert FS -example -
-
8/13/2019 Covert Fs Presenttion
10/15
Suspicious Hotspot Patterns
File access patterns may generate photo access patterns unusual to
photo sharing.
Problem: photos containing metadata are repeatedly accessed create
common photo access prefixes.
Solution: local cache for previously accessed photos
-
8/13/2019 Covert Fs Presenttion
11/15
Diffusing Hotspot Patterns
Introduce forward pointers for i-nodes and directories. Retrieve the most recent file and parent directory i-
nodes .
Using forward pointers if possible
Starting from the latest allocation map when
chains are lost.
-
8/13/2019 Covert Fs Presenttion
12/15
File Sharing and allocation Map
Selective sharing enabled by the user.
A share is subtree with a separate stego key and allocation map.
Stego keys are stored in the directory i-node of the share or
inherited from the parent i-node.
-
8/13/2019 Covert Fs Presenttion
13/15
Media Service Adversary Action-
Transforming Photos
Media service can apply transformations to photos
Renaming PhotosMedia service can provide its own names when photos are
uploaded
Limiting Network TrafficMedia Service can limit the number of photos that can
be uploaded or downloaded in a given window of time
-
8/13/2019 Covert Fs Presenttion
14/15
-
8/13/2019 Covert Fs Presenttion
15/15