提出了一种基于图像云数据去重的高性能隐蔽通信方案。首先,以图像作为消息载体,利用图像区域的灰度均值差异实现一个文件同时映射到多个比特的效果,增强了通信的隐蔽性;然后,设计了一套基于分组的基础图像库,库内图像按指定顺序排列,通过动态确定库内区间实现消息载体的随机化选择,并采用最低有效位算法嵌入与消息内容无关的辅助标记信息,保证了通信的安全性与可靠性;最后,提出了基于时间戳对齐区间的同步化机制,并引入多轮遍历策略和空数据分组概念对图像库进行高效利用,提高了通信的传输效率。实验结果证明,对比其他基于跨用户去重实现秘密信息隐蔽传输的研究,所提方案优化了文件上传次数与消息长度的关联性,有效提升了综合传输速率,进一步增强了通信的安全性和隐蔽性。
This paper proposes a high-performance covert communication scheme based on image cloud data deduplication. Firstly, it uses images as the carrier of messages and proposes to map a file to more than one bit at a time based on the difference of the mean gray value of image regions, which enhances the covertness of the communication. Then, a set of basic image library based on grouping is designed, in which the images are arranged in a specified order. The dynamic interval determination mechanism is used to achieve the randomized selection of the message carrier, and the least significant bit algorithm is used to embed auxiliary marking information unrelated to the content of the message, ensuring communication security and reliability. Finally, a synchronization mechanism based on timestamp-aligned intervals is proposed. A multi-round traversal strategy and the concept of empty data grouping are introduced to effectively use the image library, which improve the transmission efficiency of communication. Comparative analysis with research utilizing cross-user deduplication for covert transmission reveals that the proposed scheme optimizes the correlation between the number of file uploads and the message length. Futhermore, it effectively improves the comprehensive transmission rate and enhances the security and the covertness of communication.
[1] Chen X Y, An J P, Xiong Z H, et al. Covert communications: a comprehensive survey [J]. IEEE Communications Surveys & Tutorials, 2023, 25(2): 1173-1198.
[2] Meyer D T, Bolosky W J. A study of practical deduplication [J]. ACM Transactions on Storage, 2012, 7(4): 1-20.
[3] 唐鑫, 周琳娜, 单伟杰, 等. 基于阈值重加密的抗边信道攻击云数据安全去重方法[J]. 通信学报, 2020, 41(6): 98-111. Tang X, Zhou L N, Shan W J, et al. Threshold re-encryption based secure deduplication method for cloud data with resistance against side channel attack [J]. Journal on Communications, 2020, 41(6): 98-111. (in Chinese)
[4] Tang X, Chen X, Zhou R, et al. Marking based obfuscation strategy to resist side channel attack in cross-user deduplication for cloud storage [C]//IEEE International Conference on Trust, Security and Privacy in Computing and Communications, 2022: 547-555.
[5] Tang X, Zhang Y, Zhou L N, et al. Request merging based cross-user deduplication for cloud storage with resistance against appending chunks attack [J]. Chinese Journal of Electronics, 2021, 30(2): 199-209.
[6] 唐鑫, 周琳娜. 基于响应模糊化的抗附加块攻击云数据安全去重方法[J]. 计算机应用, 2020, 40(4): 1085-1090. Tang X, Zhou L N. Response obfuscation based secure deduplication method for cloud data with resistance against appending chunk attack [J]. Journal of Computer Applications, 2020, 40(4): 1085-1090. (in Chinese)
[7] Ha G X, Chen H, Jia C F, et al. Threat model and defense scheme for side-channel attacks in client-side deduplication [J]. Tsinghua Science and Technology, 2023, 28(1): 1-12.
[8] Pietro D R, Sorniotti A. Boosting efficiency and security in proof of ownership for deduplication [C]//Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security, 2012: 81-82.
[9] Ouyang J, Zhang H R, Hu H Q, et al. Enhanced deduplication protocol for side channel in cloud storages [J]. International Journal of Network Security, 2021, 23(2): 270-277.
[10] Harnik D, Pinkas B, Shulman-Peleg A. Side channels in cloud services: deduplication in cloud storage [J]. IEEE Security & Privacy, 2010, 8(6): 40-47.
[11] Hovhannisyan H, Lu K J, Yang R W, et al. A novel deduplication-based covert channel in cloud storage service [C]//2015 IEEE Global Communications Conference (GLOBECOM), 2015: 1-6.
[12] Hovhannisyan H, Qi W, Lu K J, et al. Whispers in the cloud storage: a novel cross-user deduplication-based covert channel design [J]. Peer-to-Peer Networking and Applications, 2018, 11(2): 277-286.
[13] Chan C K, Cheng L M. Hiding data in images by simple LSB substitution [J]. Pattern Recognition, 2004, 37(3): 469-474.
[14] Tang X, Liu Z, Shao Y, et al. Side channel attack resistant cross-user generalized deduplication for cloud storage [C]//IEEE International Conference on Communications, 2022: 998-1003.
[15] Caviglione L, Podolski M, Mazurczyk W, et al. Covert channels in personal cloud storage services: the case of dropbox [J]. IEEE Transactions on Industrial Informatics, 2017, 13(4): 1921-1931.
[16] Yu C M, Chen C Y, Chao H C. Proof of ownership in deduplicated cloud storage with mobile device efficiency [J]. IEEE Network, 2015, 29(2): 51-55.
