SURE-FIT – SecURE and Adaptive Framework for Information Hiding with Fault-Tolerance
DOI:
https://doi.org/10.13052/2245-1439.643Keywords:
Anti-forensics, Detection, Fault Tolerance, File Systems, Hashing, Information Hiding, Robust, Security, Slack Space, Steganography, Threshold Secret SharingAbstract
Historically, Information Hiding has primarily been associated with malicious intentions. However, it also has beneficial applications such digital rights management and passport control. A “DeadDrop” is one such method of espionage trade craft used to physically exchange items or information using a secret rendezvous point. Hiding information in digital file slack space is one such technique that has been used extensively in the modern day, which operates under significant constraints. More importantly, none of the existing work offer robust hiding in slack space with fault tolerance that guarantee recovery of the hidden secret. In this paper, we propose SURE-FIT – a novel asynchronous “Digital Dead Drop” robust to detection and data loss. Our proposed technique offers fault tolerance as a tunable parameter leveraging the Shamir’s classic threshold secret sharing scheme n, k [21]. Through a working prototype implemented on a 64-bit Ubuntu Linux system, we confirm the performance and robustness of SURE-FIT We implement a simple hash-based message integrity verification into SURE-FIT framework to validate secret shares upon their retrieval, which results in significant performance improvement. SURE-FIT is also verified through secret message survivability under various operating conditions including block corruption and defragmentation. Finally, we present results confirming the performance improvement of SURE-FIT over two state-of-the-art IH techniques.
Downloads
References
Metasploit slacker.
Ben-Or, M., Goldwasser, S., and Wigderson, A. (1988). Completeness theorems for non-cryptographic fault-tolerant distributed computation. In Proceedings of the twentieth annual ACM symposium on Theory of computing, 1–10. ACM.
Cramer, R., Franklin, M., Schoenmakers, B., and Yung, M. (1996). Multi-authority secret-ballot elections with linear work. In International Conference on the Theory and Applications of Cryptographic Techniques, 72–83, Springer, Berlin, Heidelberg.
Eckstein, K., and Jahnke, M. (2005). Data Hiding in Journaling File Systems. In Digital forensic research workshop (DFRWS), 1–8.
Fu, S., and Xu, C. Z. (2007). Exploring event correlation for failure prediction in coalitions of clusters. In Proceedings of the 2007 ACM/IEEE conference on Supercomputing (p. 41). ACM.
Grugq. (2005). The art of defiling.
Herzberg, A., Jarecki, S., Krawczyk, H., and Yung, M. (1995). Proactive secret sharing or: How to cope with perpetual leakage. In Annual International Cryptology Conference, 339–352. Springer, Berlin, Heidelberg.
Liu, V., and Brown, F. (2006). Bleeding-Edge Anti-Forensics. Presentation at InfoSec World Conference and Expo.
Marsh, M. A., and Schneider, F. B. (2004). CODEX: A robust and secure secret distribution system. IEEE Transactions on Dependable and secure Computing, 1, 34–47.
McDonald, A. D., and Kuhn, M. G. (1999). StegFS: A steganographic file system for Linux. In International Workshop on Information Hiding, 463–477. Springer, Berlin, Heidelberg.
Medsger, J., and Srinivasan, A. (2012). ERASE-entropy-based sanitization of sensitive data for privacy preservation. In International Conference Internet Technology and Secured Transactions,427–432. IEEE.
Medsger, J., Srinivasan, A., and Wu, J. (2015). Information Theoretic and Statistical Drive Sanitization Models. J. Info. Privacy and Sec., 11, 97–117.
Pedersen, T. P. (1991). A threshold cryptosystem without a trusted party. In Workshop on the Theory and Application of Cryptographic Techniques, 522–526. Springer, Berlin, Heidelberg.
Petitcolas, F. A., Anderson, R. J., and Kuhn, M. G. (1999). Information hiding-a survey. In Proceedings of the IEEE, 87, 1062–1078.
Pinheiro, E., Weber, W. D., and Barroso, L. A. (2007). Failure Trends in a Large Disk Drive Population. In FAST (Vol. 7, No. 1, pp. 17–23).
Rabin, T., and Ben-Or, M. (1989). Verifiable secret sharing and multiparty protocols with honest majority. In Proceedings of the twenty-first annual ACM symposium on Theory of computing, 73–85. ACM.
Rogers, M., and Lockheed, M. (2005). Anti-forensics. Lockheed martin. San Diego, California. Available at: http://cyberforensics.purdue.edu/documents/AntiForensics∖LockheedMartin09152005.pdf
Schroeder, B., and Gibson, G. (2010). A large-scale study of failures in high-performance computing systems. In IEEE Transactions on Dependable and Secure Computing, 7, 337–350.
Schroeder, B., and Gibson, G. A. (2007). Disk failures in the real world: What does an mttf of 1, 000, 000 hours mean to you? In FAST, 7, 1–16.
Schroeder, B., and Gibson, G. A. (2007). Understanding failures in petascale computers. In Journal of Physics: Conference Series (Vol. 78, No. 1, p. 012022). IOP Publishing.
Shamir, A. (1979). How to share a secret. Communications of the ACM, 22(11), 612–613.
Srinivasan, A., Dong, H., and Stavrou, A. (2017). FROST: Anti-Forensics Digital-Dead-DROp Information Hiding RobuST to Detection & Data Loss with Fault tolerance. In Proceedings of the 12th International Conference on Availability, Reliability and Security, 1–82. ACM.
Srinivasan, A., Kolli, S., and Wu, J. (2013). Steganographic information hiding that exploits a novel file system vulnerability. Int. J. Sec. Net., 8, 82–93.
Srinivasan, A., Nazaraj, S. T., and Stavrou, A. (2013). HIDEINSIDE—A novel randomized & encrypted antiforensic information hiding. In International Conference on Computing, Networking and Communications (ICNC), 626–631. IEEE.
Thompson, I., and Monroe, M. (2006). FragFS: An advanced data hiding technique. BlackHat Federal. Available at: http://www. blackhat.com/presentations/bh-federal-06/BH-Fed-06-Thompson/BH-Fed-06-Thompson-up.pdf
Wikipedia. Dead drop. https://en.wikipedia.org/wiki/Dead_drop
