Improved threat models for the security of encrypted and deniable file systems

Abstract

This paper analyzes current widely used threat models, against which Deniable File Systems (DFSs) can potentially be secured. We contend that previously presented models are no longer adequate due to the integration of mobile and cloud computing in today’s devices and operating systems, as what this implies is a shift in forensic analysis paradigms and new forensic techniques to detect and analyze Deniable File Systems. We propose improved threat models against which DFS hidden volumes and hidden operating systems can potentially be secured, this includes One-Time Access, Multiple Access and Live Response Access. We also merge currently known attack vectors and propose new ones which were previously ignored in the increasingly outdated threat models. It is vital to develop new contemporary threat models for forensic analysis that cater for the current computing environment that incorporates the increasing use of mobile and cloud technology.