Traffic analysis attacks on a continuously-observable steganographic file system

Carmela Troncoso, Claudia Diaz, Orr Dunkelman, Bart Preneel

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review


A continuously-observable steganographic file system allows to remotely store user files on a raw storage device; the security goal is to offer plausible deniability even when the raw storage device is continuously monitored by an attacker. Zhou, Pang and Tan have proposed such a system in [7] with a claim of provable security against traffic analysis. In this paper, we disprove their claims by presenting traffic analysis attacks on the file update algorithm of Zhou et al. Our attacks are highly effective in detecting file updates and revealing the existence and location of files. For multi-block files, we show that two updates are sufficient to discover the file. One-block files accessed a sufficient number of times can also be revealed. Our results suggest that simple randomization techniques are not sufficient to protect steganographic file systems from traffic analysis attacks.

Original languageEnglish
Title of host publicationInformation Hiding - 9th International Workshop, IH 2007, Revised Selected Papers
Number of pages17
StatePublished - 2007
Externally publishedYes
Event9th International Workshop on Information Hiding, IH 2007 - Saint Malo, France
Duration: 11 Jun 200713 Jun 2007

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume4567 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349


Conference9th International Workshop on Information Hiding, IH 2007
CitySaint Malo

ASJC Scopus subject areas

  • Theoretical Computer Science
  • General Computer Science


Dive into the research topics of 'Traffic analysis attacks on a continuously-observable steganographic file system'. Together they form a unique fingerprint.

Cite this