nach oben

Peer-to-Peer Networking and Applications

Erschienen in:

03.08.2016

Whispers in the cloud storage: A novel cross-user deduplication-based covert channel design

verfasst von: Hermine Hovhannisyan, Wen Qi, Kejie Lu, Rongwei Yang, Jianping Wang

Erschienen in: Peer-to-Peer Networking and Applications | Ausgabe 2/2018

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

To efficiently provide cloud storage services, most providers implement data deduplication schemes so as to reduce storage and network bandwidth consumption. Due to its broad application, many security issues about data deduplication have been investigated, such as data security, user privacy, etc. Nevertheless, we note that the threat of establishing covert channel over cloud storage has not been fully investigated. In particular, existing studies only demonstrate the potential of a single-bit channel, in which a sender can upload one of the two predefined files for a receiver to infer the information of “0” and “1”. In this paper, we design a more powerful deduplication-based covert channel that can be used to transmit a complete message. Specifically, the key features of our design include: (1) a synchronization scheme that can establish a covert channel between a sender and a receiver, and (2) a novel coding scheme that allows each file to represent multiple bits in the message. To evaluate the proposed design, we implement the covert channel and conduct extensive experiments in different cloud storage systems. Our work highlights a more severe security threat in cloud storage services.

Vorheriger Artikel Resource allocation in cooperative cognitive radio networks towards secure communications for maritime big data systems

Nächster Artikel VMKDO: Verifiable multi-keyword search over encrypted cloud data for dynamic data-owner

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Juniper Research: Cloud Services To Be Adopted By 3.6bn Consumers Globally By 2018. www.juniperresearch.com/press-release/cloud-computing-pr1 (2014)

Leesakul W, Townend P, Jie X (2014) Dynamic data deduplication in cloud storage. In: Proceedings of IEEE service oriented system engineering (SOSE). Oxford, pp 320–325

Paulo J, Pereira J (2014) A survey and classification of storage deduplication systems. ACM Comput Surv (CSUR) 47(1):11CrossRef

Dutch M, Freeman L (2009) Understanding data de-duplication ratios. SNIA

Heen O, Neumann C, Montalvo L, Defrance S (2012) Improving the resistance to side-channel attacks on cloud storage services. In: Proceedings of 5th international conference on new technologies, mobility and security (NTMS). Istanbul, pp 1–5

Lee S, Choi D (2012) Privacy-preserving cross-user source-based data deduplication in cloud storage. In: Proceedings of ICT convergence (ICTC). Jeju, pp 329–330

Dahshan M, Elkassass S (2014) Data security in cloud storage services. In: The 5th international conference on cloud computing, GRIDs and virtualization. Venice, pp 1–5

Van Der Laan W (2011) Dropship- dropbox api utilities. https://github.com/driverdan/dropship

Ju S, Song X (2004) On the formal characterization of covert channel. Content computing. Lecture Notes in Computer Science, vol 3309, pp 155–160

10.

Harnik D, Pinkas B, Shulman-Peleg A (2010) Side channels in cloud services: deduplication in cloud storage. IEEE Secur Priv 8(6):40–47CrossRef

11.

Mulazzani M, Schrittwieser S, Leithner M, Huber M, Weippl E (2011) Dark clouds on the horizon: using cloud storage as attack vector and online slack space. In: Proceedings of the 20th USENIX conference on security. San Francisco, pp 65–76

12.

Halevi S, Harnik D, Pinkas B, Shulman-Peleg A (2011) Proofs of ownership in remote storage systems. In: Proceedings of 18th ACM conference on computer and communications security (CCS). Chicago, pp 491–500

13.

Zheng Q, Xu S (2012) Secure and efficient proof of storage with deduplication. In: Proceedings of 2nd ACM conference on data and application security and privacy (CODASPY). San Antonio, pp 1–12

14.

Di Pietro R, Sorniotti A (2012) Boosting efficiency and security in proof of ownership for deduplication. Seoul, pp 81–82

15.

Pulls T (2012) (More) Side channels in cloud storage. Privacy and Identity Management for Life 375:102–115CrossRef

16.

Russell D (2010) Data deduplication will be even bigger in 2010. Gartner

17.

Neelaveni P, Vijayalakshmi M (2014) A survey on deduplication in cloud storage. Asian J Inf Technol 13 (6):320–330

Titel: Whispers in the cloud storage: A novel cross-user deduplication-based covert channel design
verfasst von: Hermine Hovhannisyan
Wen Qi
Kejie Lu
Rongwei Yang
Jianping Wang
Publikationsdatum: 03.08.2016
Verlag: Springer US
Erschienen in: Peer-to-Peer Networking and Applications / Ausgabe 2/2018
Print ISSN: 1936-6442
Elektronische ISSN: 1936-6450
DOI: https://doi.org/10.1007/s12083-016-0483-y

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Weitere Artikel der Ausgabe 2/2018

DFA-VMP: An efficient and secure virtual machine placement strategy under cloud environment

Efficient privacy-preserving online medical primary diagnosis scheme on naive bayesian classification

Identity based secure authentication scheme based on quantum key distribution for cloud computing

Privacy-aware electricity scheduling for home energy management system

A new randomized message-locked encryption in the standard model

Resource allocation in cooperative cognitive radio networks towards secure communications for maritime big data systems

Premium Partner