A Web Based Covert File System


Published on

My presentation on CovertFS paper by Baliga et al.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

A Web Based Covert File System

  1. 1. A Web based Covert File System By: Baliga, Kilian and Iftode Presenter: Chris Sosa
  2. 2. At a Glance <ul><li>Lays out the design of a Web-Based File System that provides: </li></ul><ul><ul><li>plausible deniability </li></ul></ul><ul><ul><li>sharing </li></ul></ul><ul><ul><li>confidentiality </li></ul></ul><ul><li>Novel meld of OS and Steganography </li></ul>
  3. 3. Motivation <ul><li>There exists a need to keep data confidential </li></ul><ul><li>The Web is a great medium for sharing but has issues </li></ul><ul><ul><li>Service Providers are not inherently trustworthy </li></ul></ul><ul><ul><li>Service Providers are susceptible to law enforcement </li></ul></ul><ul><li>However … </li></ul><ul><li>Knowing of the existence of confidential data is bad enough </li></ul><ul><ul><li>A Hacker can attempt to break the encryption </li></ul></ul><ul><ul><li>Big Brother can make you release your keys </li></ul></ul>
  4. 4. What “we” really want <ul><li>Plausible Deniability –Presence of data cannot be determined with certainty </li></ul><ul><li>Sharing – Ability to share data with authorized users </li></ul><ul><li>Confidentiality – Hidden data cannot be uncovered </li></ul>
  5. 5. Overview <ul><li>Preliminaries </li></ul><ul><ul><li>Definitions </li></ul></ul><ul><ul><li>Discussion of Steganography </li></ul></ul><ul><ul><li>Introduction to FUSE </li></ul></ul><ul><li>The Design </li></ul><ul><ul><li>The Design </li></ul></ul><ul><ul><li>Avoiding Hot Spots </li></ul></ul><ul><ul><li>Additional Features </li></ul></ul><ul><li>Issues </li></ul><ul><li>Related Work </li></ul><ul><li>Conclusion </li></ul>
  6. 6. Definitions <ul><li>Quantizer – A function that compresses a range of values to one value </li></ul><ul><li>Installable File System – A file system that is added to the kernel of an Operating System </li></ul>
  7. 7. Steganography <ul><li>Our goal : </li></ul><ul><li> + = </li></ul>
  8. 8. Quantization Index Modulation <ul><li>Basic Idea: </li></ul><ul><ul><li>Every hidden message m indexes a Quantizer that is used to encode the input file </li></ul></ul><ul><ul><li>Quantizer functions designed s.t they do not overlap and s.t. their minimum distance is maximized (perturbation) </li></ul></ul><ul><li>For more information refer to “Quantization Index Modulation: A Class of Provably Good Methods for Digital Watermarking and Information Embedding” by Chen et al. </li></ul><ul><li>The method that CovertFS will use is QIM with Statistical Restoration (repairing the Frequency Map from the DCT) </li></ul>
  9. 9. F ilesystem in U ser S pac e <ul><li>Possibility to implement a file system in User Space </li></ul><ul><li>Has Simple API to interact with FUSE Library </li></ul>
  10. 10. The Design <ul><li>Mount requires authentication to Flickr </li></ul><ul><li>Can find root node and allocation map with account password </li></ul><ul><li>Metadata and data (blocks) are encoded into JPEG images in a 1-1 method </li></ul><ul><li>Writes execute as in a Log-structured File system </li></ul>
  11. 11. The Design (cnt’d) <ul><li>More about the allocation Map </li></ul><ul><ul><li>Keep track of allocation map by chaining together images </li></ul></ul><ul><ul><li>Have names mapped to same hash value (hard?) </li></ul></ul><ul><li>Sharing is done with each share having its own password </li></ul><ul><li>Why is it so complicated? </li></ul>
  12. 12. ¡We Want to Avoid Hot Spots! <ul><li>File System accesses and Online Image accesses “have” different patterns </li></ul><ul><ul><li>FS’s tend to use the same files often </li></ul></ul><ul><ul><li>FS’s tend to modify files </li></ul></ul><ul><li>Onlookers will be suspicious if they notice hot spots </li></ul>
  13. 13. Avoiding Hot Spots <ul><li>Local caching of inodes and file metadata </li></ul><ul><li>Chained inodes </li></ul><ul><li>Log-structured File System </li></ul><ul><li>Psuedo Random Dummy Image Fetches </li></ul><ul><li>Is this enough? </li></ul>
  14. 14. Additional Features <ul><li>CovertFS will provide Hidden Levels </li></ul><ul><ul><li>Protect confidential data if existence of the File System is uncovered </li></ul></ul><ul><ul><li>User can disclose only certain levels </li></ul></ul><ul><ul><li>How can this be useful besides evading Big Brother? </li></ul></ul><ul><ul><li>How does this affect Plausible Deniability? </li></ul></ul><ul><li>Replication </li></ul><ul><ul><li>Why is this in the paper? </li></ul></ul><ul><li>This leads to … </li></ul>
  15. 15. Issues <ul><li>No Implementation </li></ul><ul><li>Assumptions about Online Image Accesses without any study </li></ul><ul><li>Cache Coherence and Data Consistency not addressed </li></ul>
  16. 16. Related Work <ul><li>StegFS by McDonald et al (in unused disk blocks) </li></ul><ul><li>Statistical Restoration by Solanki, Sullivan and Chandrasekaran (used) </li></ul>
  17. 17. Future Work <ul><li>Implement the system </li></ul><ul><li>Peer 2 Peer Meets CovertFS </li></ul><ul><li>How can we address some of the issues? </li></ul><ul><ul><li>Cache Consistency </li></ul></ul><ul><ul><li>Cache Coherence </li></ul></ul><ul><ul><li>Hotspots </li></ul></ul><ul><li>“ Generating” Real Images </li></ul>
  18. 18. Conclusion <ul><li>Novel way of combining the concepts of a Log-structured File System, Steganograpy, and Distributed System concepts </li></ul><ul><li>However, has issues such as cache coherency and consistency that has yet to be addressed </li></ul><ul><li>No implementation to date </li></ul>
  19. 19. Questions