Ensuring data confidentiality via plausibly deniable encryption and secure deletion – a survey

Ensuring confidentiality of sensitive data is of paramount importance, since data leakage may not only endanger dataowners’ privacy, but also ruin reputation of businesses as well as violate various regulations like HIPPA andSarbanes-Oxley Act. To provide confidentiality guarantee, the data should be protected when they are preserved inthe personal computing devices (i.e.,confidentiality duringtheirlifetime); and also, they should be rendered irrecoverableafter they are removed from the devices (i.e.,confidentiality after their lifetime). Encryption and secure deletion are usedto ensure data confidentiality during and after their lifetime, respectively.This work aims to perform a thorough literature review on the techniques being used to protect confidentiality of thedata in personal computing devices, including both encryption and secure deletion. Especially for encryption, wemainly focus on the novel plausibly deniable encryption (PDE), which can ensure data confidentiality against both acoercive (i.e., the attacker can coerce the data owner for the decryption key) and a non-coercive attacker

DESIGN AND IMPLEMENTATION OF EMBEDDED MEDIA PLAYER BASED ON S3C2440

This project proposes a method of understanding and implementing a light weighted media player using SDL based FFMPEG media player library on a SOC based board running on ARM9 hardware with LINUX as the target OS i.e., S3C2440 (also called as mini 2440) as core processor and select 1GB NandFlash as external memory. At the same time SD and USB interface are used for extending the storage. The most notable parts of FFMPEG are libavcodec, an audio/video codec, libavformat, an audio/video container mux and demux library, and the ffmpeg command line program for encoding and decoding multimedia files. In the software, initially the configured and optimized Linux operating system is transplanted to S3C2440, SDL library functions are used to design the player’s interface and use SDL_FFMPEG library to decode the video files. The proposed media player is reduced in the memory size to work for specific usage for given file formats and on predefined platform. Expected play effect of video and picture files can be achieved after software and hardware debugging. Results shows that this system has a lot of advantages of simple structure, small size, low power consumption, low cost and stable

iPhone forensics methodology and tools

iPhone mobile devices are rapidly overtaking the new generation of mobile phones market, especially among the young generation. It is also gaining a lot of popularity among security specialists and fancy gadgets for collectors. The device is considered as a “special” mobile phone due to its ability to perform multi-operations if not multitasking. It can therefore be used as a entertainment media device, a camera, a GPS, Internet surfing via Wi-Fi technology, Internet Mobile Edge Services, personal organizer, and finally performing as a cell phone with all the usual services including sms, and so forth. However, the difference between the iPhone and the other conventional phones vendors is its ability to store and process huge volume of data which is supported by decent computing capabilities of the iPhone processor. As part of every technology, such a device can be used for legal and illegal activities. Therefore the potential risks from such “special” technology are not limited to the possibility of containing illegal materials, such as audios and visuals, including explicit materials, images, documents and the possibility of propagating malicious activities rapidly. Such modification can breach or tamper with the telecommunications network authorities and regulations. The goal of this paper is to focus on both the logical and the physical extraction of the iPhone generation one through the extraction of the iPhone flash drive NAND memory chip and also the logical extraction of data onto the second generation of iPhone using various techniques and methods at our disposal

Selective Segment Initialization: Exploiting NVRAM to Reduce Device Startup Latency

Abstract-We propose Selective Segment Initialization (SSI) to exploit NVRAM to reduce the device startup latency. SSI locates a kernel binary image in byte-addressable NVRAM and boots the system using this image, eliminating the need to load it from storage. SSI also eliminates the process of decompressing and relocating the OS kernel image in embedded linux system. The key technical ingredients of SSI are precisely identifying the kernel segments where contents are updated in the course of booting and selectively reloading only these sections each time the system reboots. The fresh copy of the sections can be maintained in NVRAM, NAND flash, NOR flash, etc. SSI reduced the size of the kernel binary image loaded from storage into memory by 90% and reduced the overall device startup time by 54%. This approach can be used not only for cold boot (with NVRAM) but also for warm boot, in which the contents of DRAM persist across the system restart

Design of Swap Space in Virtual Memory Management System

Abstrac

HetFS: A heterogeneous file system for everyone

Storage devices have been getting more and more diverse during the last decade. The advent of SSDs made it painfully clear that rotating devices, such as HDDs or magnetic tapes, were lacking in regards to response time. However, SSDs currently have a limited number of write cycles and a significantly larger price per capacity, which has prevented rotational technologies from begin abandoned. Additionally, Non-Volatile Memories (NVMs) have been lately gaining traction, offering devices that typically outperform NAND-based SSDs but exhibit a full new set of idiosyncrasies. Therefore, in order to appropriately support this diversity, intelligent mechanisms will be needed in the near-future to balance the benefits and drawbacks of each storage technology available to a system. In this paper, we present a first step towards such a mechanism called HetFS, an extension to the ZFS file system that is capable of choosing the storage device a file should be kept in according to preprogrammed filters. We introduce the prototype and show some preliminary results of the effects obtained when placing specific files into different devices.The research leading to these results has received funding from the European Community under the BIGStorage ETN (Project 642963 of the H2020-MSCA-ITN-2014), by the Spanish Ministry of Economy and Competitiveness under the TIN2015-65316 grant and by the Catalan Government under the 2014-SGR- 1051 grant. To learn more about the BigStorage project, please visit http: //bigstorage-project.eu/.Peer ReviewedPostprint (author's final draft

Forensic Aspects of Various Flash Memory Devices

Flash memory devices provide high storage volume with low power consumption and faster read-write operations when compared to HDD. This makes FLASH memory devices to be considered as an efficient storage unit thus bringing huge demand for the usage of FLASH memory devices. One of the major problems faced by forensic investigators is extracting deleted data from flash memory devices, as some of the flash memory devices prevent extraction of deleted data using the standard forensic techniques. This paper focuses on exploring forensic opportunities for various flash-based memory devices. This is done by a thorough study of physics of flash memory, the development of flash transition layers, and the file systems that support these devices. It then conducts forensic experiments on various types of flash-based storage media and summarizes the results of each media. This paper also tries to explore various practices to be applied on flash storage media thus enabling them to retrieve deleted information with the use of standard forensic techniques

Forensic Research on Solid State Drives using Trim Analysis

There has been a tremendous change in the way we store data for the past decade. Hard Disk Drives, which were one of the major sources of storing data, are being replaced with Solid State Drives considering the higher efficiency and portability. Digital forensics has been very successful in recovering data from Hard Disk Drives in the past couple of years and has been very well established with Hard Disk Drives. The evolution of Solid State Drives over Hard Drive Drives is posing a lot of challenges to digital forensics as there are many crucial factors to be considering the architecture and the way data is stored in Solid State Drives. This paper gives a very detailed picture of the evolution of Solid State Drives over Hard Disk Drives. We understand the differences in their architecture and the ways to extract data from them. We further discuss in detail the various challenges Solid State Drives pose to the field of digital forensics, and we try to answer contradictory beliefs those are 1) Would data be permanently deleted in a Solid State Drives destroying the forensic evidence required to solve a case? 2) Can data be restored in a Solid State Drives by using proper techniques and still can be used as evidence in digital forensics? In this paper, we talk about the introduction of concepts such as the TRIM Command and Garbage collection, their importance, and we set up an experimental scenario where we implement the TRIM command and try extracting data from different types of Solid State Drives. We compare and evaluate the results obtained through the experiment and try to analyze the uses of the TRIM command and its performance over various Solid State Drives. The paper also discusses future work to make the role of Solid State Drives more efficient in digital forensics

Using Buildroot for building Embedded Linux Systems (BeagleBone Black)

This document describes the basic steps to develop and embedded Linux-based system using the BeagleBone Black (BBB). The document has been specifically written to use a BBB development system based on the AM335x Texas Instruments Sitara processor. All the software elements used to build the Linux distribution have a GPL licens

Enhanced Automated Heterogeneous Data Duplication Model Using Parallel Data Compression And Sorting Technique

A duplicator machine aims to improve the time taken for duplication or data transfer. The process of duplication is done by copying each data bit from the source (master) device to the slaves including the unused memory region. However, to duplicate a 64GB Embedded Multimedia Card (eMMC) memory is usually very time consuming which takes between 2 hours to 7 hours. In addition, the product speed specification promised by the vendor is different from what they claimed to be when it is tested in real life. Moreover, bigger data creates a transmission problem, causing delay during data duplication. Consequently, this will reduce duplication performance in terms of duration. Therefore, this study was proposed to enhance the duplication technique duration. This was achieved by adopting data storage and transmission concepts through sorting and compression techniques. Parallel technique was adopted to enhance data duplication process using multiple slaves. The impact of data type and data structure to the duplication performance was also studied. Four experiments were conducted by using the same size of heterogeneous digital data (i.e. document, picture, audio and movie). Overall, the results showed that data duplication process using different data type render a different duration. The proposed technique has reduced time consumption by 20% to 50% during data duplication depending on the technique and the environment of local and across devices