Journal of Ubiquitous Systems and Pervasive Networks Volume 1, No. 1 (2010) pp. 9-17 * Corresponding author. Tel.: +61 403 673 352 Fax: +61 8 8303 4366; E-mail: talal.noor@adelaide.edu.au © 2010 International Association for Sharing Knowledge and Sustainability. DOI: 10.5383/juspn.01.01.002 9 Stenog-Shell Framework for Anonymous File Exchange Talal H. Noor a * , Mohammad Hweidi b , Ahmed Mohiuddin c , Damith Ranasinghe a a School of Computer Science, The University of Adelaide, SA 5005, Australia b Faculty of Computer Science & Information Technology, University of Malaya, KL 50603, Malaysia c Department of Computer Science, International Islamic University Malaysia, KL 53100, Malaysia Abstract Email systems and removable storage devices are the two most popular and user-friendly mechanisms of file exchange that provide privacy preserving and security for data communication. Most previous work has focused on mitigating external attacks on data communication by improving data encryption and integrity techniques. In this paper, we present a novel anonymization-based framework (Stenog-Shell) that focuses on internal attacks on breached emails and stolen removable storage devices (i.e., the attacks from the insiders of an organization who have full awareness and even access to the targeted data). We also propose a novel scheme to disguise the file's identity based on stenography. To evaluate our approach, we implemented our Stenog-Shell prototype and tested it with a realistic application in both emails and removable storage devices environments. Our results indicate that our Stenog-Shell prototype can effectively support several file formats with low memory usage and high performance. Keywords: Privacy, Security, Anonymization, Stenography. 1. Introduction The number of internet users is growing significantly. For example, nearly 1.6 billion people worldwide used the Internet in the year 2008 [1]. Consequently the amount of exchanged data is increasing exponentially. The data is usually exchanged in various file formats (e.g., document, picture, audio, video, etc.) and often contains valuable and confidential information (e.g., government information, organization information, user personal information, etc.) which greatly increases the risk of security threats such as modification, unauthorized access, destruction, disclosure, or disruption [2, 3]. Furthermore, according to the Australian Bureau of Statistics [4], 94% of the Australian businesses use internet and web as their main communication medium where 43% of these businesses place orders through the internet or web. These online orders are for goods or services which are valued at 81$ billion AUD. On the other hand, 15% of the Australian businesses that use internet and web as their main communication medium have Information Technology (IT) related incidents including security and privacy attacks. In attempt to address the issues, several techniques have been proposed to mitigate such external attacks (i.e., the attacks from outside the organization) by improving the data encryption and integrity techniques used in securing the communication channels between the service providers and the service requesters. Such techniques aim to maximize the security for the transferred data [5, 6] by preventing it from external attacks such as Man in Middle attack (MIM) [7] and chosen ciphertext attack (CCA) [8, 9]. However, none of the techniques has the intention to mitigate internal attacks (i.e., the attacks from the insiders of an organization who have full awareness and even access to the targeted data). To illustrate, securing the communication channel does not necessarily mean that the data is protected after leaving the secured channel. In other words, the data could be breached before entering and after leaving this secured channel [10]. For example, on January 18, 2010 the New York Times reported that Gmail accounts were breached in China [11]. Such breaching violates the user privacy policy and poses threat to the concerned individual, organization and nation. Another example is about lost or stolen Removable Storage Devices (RSD). On January 2009, BBC news reported that a RSD was lost which contains 6,000 prisoners' medical records from HMP Preston [12]. A further concern is that even if all the files were deleted before it was lost or stolen, the attackers could still easily retrieve the deleted data by common data recovery tools [13]. The last but not least internal threat comes from the common practice in many organizations that depend on humans to protect the data [14]. To address the shortage of such internal attack prevention techniques, we have designed and implemented a novel anonymization-based framework Stenog-Shell which focuses on disguising the file's identity based on stenography to prevent