FROST: Anti-Forensics Digital-Dead-DROp Information Hiding RobuST to Detection & Data Loss with Fault tolerance
ARES '17: Proceedings of the 12th International Conference on Availability, Reliability and Security
Article No.: 82, Pages 1 - 8
Abstract
Covert operations involving clandestine dealings and communication through cryptic and hidden messages have existed since time immemorial. While these do have a negative connotation, they have had their fair share of use in situations and applications beneficial to society in general. A "Dead Drop" is one such method of espionage trade craft used to physically exchange items or information between two individuals using a secret rendezvous point. With a "Dead Drop", to maintain operational security, the exchange itself is asynchronous. Information hiding in the slack space is one modern technique that has been used extensively. Slack space is the unused space within the last block allocated to a stored file. However, hiding in slack space operates under significant constraints with little resilience and fault tolerance.
In this paper, we propose FROST -- a novel asynchronous "Digital Dead Drop" robust to detection and data loss with tunable fault tolerance. Fault tolerance is a critical attribute of a secure and robust system design. Through extensive validation of FROST prototype implementation on Ubuntu Linux, we confirm the performance and robustness of the proposed digital dead drop to detection and data loss. We verify the recoverability of the secret message under various operating conditions ranging from block corruption and drive de-fragmentation to growing existing files on the target drive.
References
[1]
Michael Ben-Or, Shaft Goldwasser, and Avi Wigderson. 1988. Completeness theorems for non-cryptographic fault-tolerant distributed computation. In Proceedings of the twentieth annual ACM symposium on Theory of computing. ACM, 1--10.
[2]
Ronald Cramer, Matthew Franklin, Berry Schoenmakers, and Moti Yung. 1996. Multi-authority secret-ballot elections with linear work. In Advances in Cryptology -- EUROCRYPT-96. Springer, 72--83.
[3]
Knut Eckstein and Marko Jahnke. Data Hiding in Journaling File Systems. In Digital forensic research workshop (DFRWS). 1--8.
[4]
Grugq. 2005. The Art of Defiling. (2005). https://tinyurl.com/my7a896
[5]
Amir Herzberg, Stanis law Jarecki, Hugo Krawczyk, and Moti Yung. 1995. Proactive secret sharing or: How to cope with perpetual leakage. In Advances in Cryptology -- CRYPT0-95. Springer, 339--352.
[6]
Liu and Brown. 2006. Bleeding-Edge Anti-Forensics. Infosec World Conference & Expo (2006).
[7]
Michael A Marsh and Fred B Schneider. 2004. CODEX: A robust and secure secret distribution system. Dependable and Secure Computing, IEEE Transactions on 1, 1 (2004), 34--47.
[8]
Andrew D McDonald and Markus G Kuhn. 1999. StegFS: A steganographic file system for Linux. In International Workshop on Information Hiding. Springer, 463--477.
[9]
Jeffrey Medsger and Avinash Srinivasan. 2012. ERASE- entropy-based sanitization of sensitive data for privacy preservation {Best Paper Award}. In 7th International Conference for Internet Technology and Secured Transactions, ICITST 2012, London, United Kingdom, December 10-12, 2012. 427--432. http://ieeexplore.ieee.org/xpl/freeabs_all.jsp?arnumber=6470844
[10]
Jeffrey Medsger, Avinash Srinivasan, and Jie Wu. 2015. Information Theoretic and Statistical Drive Sanitization Models. Journal of Information Privacy and Security 11, 2 (2015), 97--117.
[11]
Torben Pryds Pedersen. 1991. A threshold cryptosystem without a trusted party. In Advances in Cryptology -- EUROCRYPT-91. Springer, 522--526.
[12]
Tal Rabin and Michael Ben-Or. 1989. Verifiable secret sharing and multiparty protocols with honest majority. In Proceedings of the twenty-first annual ACM symposium on Theory of computing. ACM, 73--85.
[13]
Marcus Rogers. 2005. Anti-forensics - Presentation made at Lockheed Martin. (2005). www.cyberforensics.purdue.edu
[14]
Adi Shamir. 1979. How to share a secret. Commun. ACM 22, 11 (1979), 612--613.
[15]
Avinash Srinivasan, Satish Kolli, and Jie Wu. 2013. Steganographic information hiding that exploits a novel file system vulnerability. International Journal of Security and Networks 8, 2 (2013), 82--93.
[16]
Avinash Srinivasan, Srinath Thirthahalli Nagaraj, and Angelos Stavrou. 2013. HIDEINSIDE -- A novel randomized & encrypted antiforensic information hiding. In Computing, Networking and Communications (ICNC), 2013 International Conference on. IEEE, 626--631.
[17]
Irby Thompson and Mathew Monroe. 2006. FragFS: An Advanced Data Hiding Technique. DEFCON 2006 Presentation (2006).
[18]
Ron G Van Schyndel, Andrew Z Tirkel, and Charles F Osborne. 1994. A digital watermark. In Image Processing, 1994. Proceedings. ICIP-94., IEEE International Conference, Vol. 2. IEEE, 86--90.
Index Terms
- FROST: Anti-Forensics Digital-Dead-DROp Information Hiding RobuST to Detection & Data Loss with Fault tolerance
Recommendations
HIDEINSIDE — A novel randomized & encrypted antiforensic information hiding
ICNC '13: Proceedings of the 2013 International Conference on Computing, Networking and Communications (ICNC)Several techniques have been proposed for information hiding including hiding in slack space, which is the focus of this paper. However, current techniques of hiding in slack space depend on utilizing exiting slack space on the disk, which can be ...
An adaptive steganographic method based on the measurement of just noticeable distortion profile
This paper presents an adaptive steganographic method based on just noticeable distortion (JND) profile measurement. According to the input requirements, our method can produce a higher quality or higher embedding capacity stego-image. In the embedding ...
LSB steganographic method based on reversible histogram transformation function for resisting statistical steganalysis
Statistical steganalysis schemes detect the existence of secret information embedded by steganography. The x^2-detection and Regular-Singular (RS)-attack methods are two well-known statistical steganalysis schemes used against LSB (least significant bit)...
Comments
Information & Contributors
Information
Published In
August 2017
853 pages
ISBN:9781450352574
DOI:10.1145/3098954
Copyright © 2017 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 29 August 2017
Check for updates
Author Tags
Qualifiers
- Research-article
- Research
- Refereed limited
Conference
ARES '17
ARES '17: International Conference on Availability, Reliability and Security
August 29 - September 1, 2017
Reggio Calabria, Italy
Acceptance Rates
ARES '17 Paper Acceptance Rate 100 of 191 submissions, 52%;
Overall Acceptance Rate 228 of 451 submissions, 51%
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 110Total Downloads
- Downloads (Last 12 months)7
- Downloads (Last 6 weeks)0
Reflects downloads up to 05 Mar 2025
Other Metrics
Citations
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in