Traffic analysis attacks on a continuously-observable steganographic file system

Carmela Troncoso; Claudia Diaz; Orr Dunkelman; Bart Preneel

doi:10.1007/978-3-540-77370-2_15

Traffic analysis attacks on a continuously-observable steganographic file system

Carmela Troncoso, Claudia Diaz, Orr Dunkelman, Bart Preneel

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

A continuously-observable steganographic file system allows to remotely store user files on a raw storage device; the security goal is to offer plausible deniability even when the raw storage device is continuously monitored by an attacker. Zhou, Pang and Tan have proposed such a system in [7] with a claim of provable security against traffic analysis. In this paper, we disprove their claims by presenting traffic analysis attacks on the file update algorithm of Zhou et al. Our attacks are highly effective in detecting file updates and revealing the existence and location of files. For multi-block files, we show that two updates are sufficient to discover the file. One-block files accessed a sufficient number of times can also be revealed. Our results suggest that simple randomization techniques are not sufficient to protect steganographic file systems from traffic analysis attacks.

Original language	English
Title of host publication	Information Hiding - 9th International Workshop, IH 2007, Revised Selected Papers
Pages	220-236
Number of pages	17
DOIs	https://doi.org/10.1007/978-3-540-77370-2_15
State	Published - 2007
Externally published	Yes
Event	9th International Workshop on Information Hiding, IH 2007 - Saint Malo, France Duration: 11 Jun 2007 → 13 Jun 2007

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	4567 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	9th International Workshop on Information Hiding, IH 2007
Country/Territory	France
City	Saint Malo
Period	11/06/07 → 13/06/07

ASJC Scopus subject areas

Theoretical Computer Science
General Computer Science

Access to Document

10.1007/978-3-540-77370-2_15

Cite this

Troncoso, C., Diaz, C., Dunkelman, O., & Preneel, B. (2007). Traffic analysis attacks on a continuously-observable steganographic file system. In Information Hiding - 9th International Workshop, IH 2007, Revised Selected Papers (pp. 220-236). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 4567 LNCS). https://doi.org/10.1007/978-3-540-77370-2_15

Troncoso, Carmela ; Diaz, Claudia ; Dunkelman, Orr et al. / Traffic analysis attacks on a continuously-observable steganographic file system. Information Hiding - 9th International Workshop, IH 2007, Revised Selected Papers. 2007. pp. 220-236 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{5ae1b01173304882991da4096db212dd,

title = "Traffic analysis attacks on a continuously-observable steganographic file system",

abstract = "A continuously-observable steganographic file system allows to remotely store user files on a raw storage device; the security goal is to offer plausible deniability even when the raw storage device is continuously monitored by an attacker. Zhou, Pang and Tan have proposed such a system in [7] with a claim of provable security against traffic analysis. In this paper, we disprove their claims by presenting traffic analysis attacks on the file update algorithm of Zhou et al. Our attacks are highly effective in detecting file updates and revealing the existence and location of files. For multi-block files, we show that two updates are sufficient to discover the file. One-block files accessed a sufficient number of times can also be revealed. Our results suggest that simple randomization techniques are not sufficient to protect steganographic file systems from traffic analysis attacks.",

author = "Carmela Troncoso and Claudia Diaz and Orr Dunkelman and Bart Preneel",

year = "2007",

doi = "10.1007/978-3-540-77370-2_15",

language = "English",

isbn = "354077369X",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

pages = "220--236",

booktitle = "Information Hiding - 9th International Workshop, IH 2007, Revised Selected Papers",

note = "9th International Workshop on Information Hiding, IH 2007 ; Conference date: 11-06-2007 Through 13-06-2007",

}

Troncoso, C, Diaz, C, Dunkelman, O & Preneel, B 2007, Traffic analysis attacks on a continuously-observable steganographic file system. in Information Hiding - 9th International Workshop, IH 2007, Revised Selected Papers. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 4567 LNCS, pp. 220-236, 9th International Workshop on Information Hiding, IH 2007, Saint Malo, France, 11/06/07. https://doi.org/10.1007/978-3-540-77370-2_15

Traffic analysis attacks on a continuously-observable steganographic file system. / Troncoso, Carmela; Diaz, Claudia; Dunkelman, Orr et al.
Information Hiding - 9th International Workshop, IH 2007, Revised Selected Papers. 2007. p. 220-236 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 4567 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Traffic analysis attacks on a continuously-observable steganographic file system

AU - Troncoso, Carmela

AU - Diaz, Claudia

AU - Dunkelman, Orr

AU - Preneel, Bart

PY - 2007

Y1 - 2007

N2 - A continuously-observable steganographic file system allows to remotely store user files on a raw storage device; the security goal is to offer plausible deniability even when the raw storage device is continuously monitored by an attacker. Zhou, Pang and Tan have proposed such a system in [7] with a claim of provable security against traffic analysis. In this paper, we disprove their claims by presenting traffic analysis attacks on the file update algorithm of Zhou et al. Our attacks are highly effective in detecting file updates and revealing the existence and location of files. For multi-block files, we show that two updates are sufficient to discover the file. One-block files accessed a sufficient number of times can also be revealed. Our results suggest that simple randomization techniques are not sufficient to protect steganographic file systems from traffic analysis attacks.

AB - A continuously-observable steganographic file system allows to remotely store user files on a raw storage device; the security goal is to offer plausible deniability even when the raw storage device is continuously monitored by an attacker. Zhou, Pang and Tan have proposed such a system in [7] with a claim of provable security against traffic analysis. In this paper, we disprove their claims by presenting traffic analysis attacks on the file update algorithm of Zhou et al. Our attacks are highly effective in detecting file updates and revealing the existence and location of files. For multi-block files, we show that two updates are sufficient to discover the file. One-block files accessed a sufficient number of times can also be revealed. Our results suggest that simple randomization techniques are not sufficient to protect steganographic file systems from traffic analysis attacks.

UR - http://www.scopus.com/inward/record.url?scp=49949108041&partnerID=8YFLogxK

U2 - 10.1007/978-3-540-77370-2_15

DO - 10.1007/978-3-540-77370-2_15

M3 - Conference contribution

AN - SCOPUS:49949108041

SN - 354077369X

SN - 9783540773696

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 220

EP - 236

BT - Information Hiding - 9th International Workshop, IH 2007, Revised Selected Papers

T2 - 9th International Workshop on Information Hiding, IH 2007

Y2 - 11 June 2007 through 13 June 2007

ER -

Troncoso C, Diaz C, Dunkelman O, Preneel B. Traffic analysis attacks on a continuously-observable steganographic file system. In Information Hiding - 9th International Workshop, IH 2007, Revised Selected Papers. 2007. p. 220-236. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-540-77370-2_15

Traffic analysis attacks on a continuously-observable steganographic file system

Abstract

Publication series

Conference

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this