slackFS - resilient and persistent information hiding framework Online publication date: Thu, 01-Aug-2024
by Avinash Srinivasan; Christian Rose; Jie Wu
International Journal of Security and Networks (IJSN), Vol. 19, No. 2, 2024
Abstract: The ever-expanding cyberspace, driven by digital convergence, inadvertently broadens the attack surface. Savvy modern cybercriminals have embraced steganography as a key weapon. This paper introduces slackFS, a novel steganographic framework utilising file slack space for covert data concealment. Unlike prior methods focusing on individual files, slackFS hides entire filesystems, offering a structured means for data exfiltration. It ensures persistence across system reboots, robust detection resistance, portability, and minimal performance impact. Incorporating erasure-code-based fault-tolerance, slackFS enables recovery from partial loss due to accidental slack space overwriting. Prototype validation on Ubuntu 20.04 with ext4 filesystems as the cover medium and FAT16 as the hidden malicious filesystem is conducted. The study includes testing of three coding libraries and two Reed-Solomon erasure code implementations - VANDERMONDE and CAUCHY matrices - highlighting slackFS's resilience and effectiveness.
Existing subscribers:
Go to Inderscience Online Journals to access the Full Text of this article.
If you are not a subscriber and you just want to read the full contents of this article, buy online access here.Complimentary Subscribers, Editors or Members of the Editorial Board of the International Journal of Security and Networks (IJSN):
Login with your Inderscience username and password:
Want to subscribe?
A subscription gives you complete access to all articles in the current issue, as well as to all articles in the previous three years (where applicable). See our Orders page to subscribe.
If you still need assistance, please email subs@inderscience.com
Our Blog 
Follow us on Twitter 
Visit us on Facebook