Knockoff Drive: A Portable Data Storage System

Nicholas Clark, Thomas Evangelista, John Scarfo, Garrett Stonis, Chen-Hsiang Yu and Mira Yun
Department of Computer Science and Networking
Wentworth Institute of Technology
Boston, MA 02115, USA
{clarkn3, evangelistat1, scarfoj, stonisg, yuj6, yunm}@wit.edu

Abstract – Network-based data storage is popular, In this paper, we present a primitive result of this
but the privacy and portability involved in using such experimental learning, named Knockoff Drive, which is a
services raise a serious concern to the public secure, portable data storage server built with a small,
nowadays. To remedy these issues, we propose to single-board computer, named Raspberry Pi. The system
design and create a private and portable storage not only contains a Web server to provide web interface
solution on a mobile device. Due to the fact that for data access, but it also has a FTP server to support
micro computers are more portable and affordable, upload and download service for the data. When a file is
we chose Raspberry Pi as an example to demonstrate chosen to upload or download, the Web server will
communicate with the FTP server to place the file in a
the idea. Knockoff Drive is a system that provides
special folder on a mobile device. To demonstrate the
private and portable data storage service for the
idea, we chose Raspberry Pi 3 model B as an
users. The system consists of a HTTP server, FTP experimental device.
server and Web interface for data access. It is not
only an affordable and alternative solution to file In the following, we will refine the research question,
transferring on the go, but it also increases data present the current design and summarize our findings.
security and privacy. At the end of the paper, we will conclude our work with
some suggestions.
Keywords – HTTP server; FTP server; Web interface;
Raspberry Pi
II. PROBLEM AND PROPOSED IDEA
I. INTRODUCTION Security breaches and risks of using third-party
In the U.S., the Internet penetration has reached services raise a concern in today’s computing world. In
84.2% and 39% of online adults use online cloud storage addition, there is a lack of a free, personalized, unlimited
services [1, 2]. However, security concerns and risks of cloud storage system. The main research question is:
using this kind of services were raised, either enterprises What is the solution that not only addresses security
or individual users [3, 4]. concern, but it also provides a free, personized and
unlimited cloud storage?
Instead of compromising the safety in data, we came
up with an idea to bypass these third-party servers and We propose to combine an FTP server with a Web
create a user-oriented solution that might be easy-to- server on a personal mobile device. Knockoff Drive is
carry for an individual, i.e. fit into the palm of the user’s the system we propose to demonstrate the idea, which
hand. Because of the advance of Internet of Things (IoT) uses Raspberry Pi 3 model B as a personal mobile device
research and applications, the cost of computing devices to host an FTP and HTTP servers. The system can be
has reached to an affordable price, we believe it is an used to download files from the Raspberry Pi to the
opportunity to use this kind of computing device as a computer requesting the file. The system can be
personalized replacement for existing internet services. expanded to hold multiple users on a single Raspberry Pi
and have the files in a single folder. As for the storage,
Based on above consideration, we propose to use a since MicroSD and external hard drives are becoming
tiny, single-board computer to create a portable data cheaper, Knockoff Drive can expand the internal or
storage server. The main research question we want to external storage easily depending on the amount of data
address is: how do we design a portable data storage they need. This capability removes the need to rely on a
server for an individual user? The design must be third-party storage system and allows a personalized
affordable for the public and customizable for different alternative for customization and reliability.
users.

978-1-5386-9374-2/18/$31.00 ©2018 IEEE

Authorized licensed use limited to: MANIPAL INSTITUTE OF TECHNOLOGY. Downloaded on October 22,2024 at 22:26:51 UTC from IEEE Xplore. Restrictions apply.
 III. KNOCKOFF DRIVE CSS is used to style the webpage. This is performed
The system consists of two parts: Web Service, FTP by selecting HTML tags and applying different colors
Service, HTTP Server and a single-board computer. In and effects to them. For example, paragraphs can have
this section, we would like to explain the detailed design their fonts, font color, backgrounds, or size changed. For
and implementation of the system. Knockoff Drive, we attempted to ensure readability and
simplicity. This was achieved by limiting the amount of
content per page and using a simple background with
white text. Basic syntax is as follows: Selector:
{property: value} [2].

Once the basic outline of the website was created, we

use JavaScript to add functionality to the webpage.
Luckily, Knockoff Drive did not require much JavaScript
to be written so we could focus on the PHP needed to
upload a file. Unlike HTML and CSS, JavaScript is a
fully-fledged programming language capable of event-
driven programming with texts, arrays, and dates [3]. For
Figure 1. The Web site for access on the mobile device
Knockoff Drive, we created a basic function to allow
A. Web Server and UI Interface users to login to the index of the website that have access
to the right username and password.
To begin with, we started from creating a web site in
the mobile device to provide interaction for the users.
The website is implemented by using HTML 5, CSS 3
and JavaScript as shown in Figure 1.
HTML is integrated first and is used to provide the
content of the webpage. Unlike traditional programming
languages, HTML is a markup language and uses tags to
add titles, headings, images, and links to websites. For
instance, creating a paragraph requires the use of a “p
tag” or the letter “p” enclosed in arrowed brackets,
which looks like this <p> [1]. These elements are all
enclosed further inside of a <body> tag, which is the
actual content the user will see and interact with. In the
title tags we link the CSS for the page. The HTML code
used for the index page of Knockoff Drive can be seen
below in Figure 2.

Figure 3. Upload data to the FTP server via a PHP script

Lastly, the PHP code was needed to post the selected

file to the FTP server. PHP is a server scripting language
that has its scripts executed on the server. For Knockoff
Drive, we used PHP to set up a connection and login to
the FTP server from the Web server. Then, after
connecting the servers, we needed to make sure both
connections were made through use of an error check.
After the check has been completed, the upload process
begins using the “ftp_put” function and it takes the
source file and uses “FTP_BINARY” file encoding type
Figure 2. HTML for the index page of Knockoff Drive

978-1-5386-9374-2/18/$31.00 ©2018 IEEE

Authorized licensed use limited to: MANIPAL INSTITUTE OF TECHNOLOGY. Downloaded on October 22,2024 at 22:26:51 UTC from IEEE Xplore. Restrictions apply.
to transfer the file to a destination folder [5] as shown in Once the system was operational, we tested it by
Figure 3. After one final error check is made to make connecting to our FTP server via the Mac Command
sure the file has been uploaded, the connection to the Line Interface (CLI) in the terminal program. As can be
server is closed. seen in Figure 5, the FTP server had full functionality,
allowing all manner of FTP commands, though the main
B. FTP Server focus was on the get (to download files) and put (to
One key feature of Knockoff Drive is to upload files upload files) commands. Once the FTP server’s
to the storage. To provide this feature, we set up an FTP functionality was verified through the CLI, we
server on the mobile device, i.e. Raspberry Pi, which connected to the server through a Web browser. As
runs Raspbian Linux on it. We used ProFTPD, which is expected, the browser had to first log in with the
a secure FTP server program that operates in the server required credentials before being able to access the files
side to host an FTP server on port 21 [6]. The software stored on the server. The login authentication may be
takes in its configuration settings from a file created in seen in Figure 6, while the browser’s user-interface for
the /etc/proftpd directory, named proftpd.conf. [7]. interacting with the file system may be seen in Figure 7.

Figure 4. The Linux commands to create a new user

We started by creating a new user on the Raspberry

Pi, named “temporary” with the password “Thia&Ugg”
that expires on a certain time [8]. The process is Figure 6. The FTP server login authentication
illustrated as Figure 4. After the creation of a new user
account for the Pi, the new account was added into the
FTP’s proftpd.conf file to allow the user to access the
server. We allowed the new user “temporary” access to
his own home directory (/home/temp) but nowhere else,
maximizing the security of our FTP server [7].

Figure 7. User-interface of browser

C. HTTP Server
With a web page ready for deployment as a user-
friendly interface to the functional FTP server, and PHP
code on deck to handle uploads to the FTP through the
browser itself, we created our own HTTP server from
scratch in Java using socket programming.

The Original design behind the Java code was to

create a library with as much ease for the user as
possible, while maintaining most, if not all, of the
functionality. The user of the library needs only to
implement a main() method with the same, or similar,
functionality as seen in Figure 8.
Figure 5. The FTP server accessed through the CLI

978-1-5386-9374-2/18/$31.00 ©2018 IEEE

Authorized licensed use limited to: MANIPAL INSTITUTE OF TECHNOLOGY. Downloaded on October 22,2024 at 22:26:51 UTC from IEEE Xplore. Restrictions apply.
 Many companies tend to offer “secure, fast, and
responsive” cloud servers, but news of big companies
being hacked and data being compromised has only
increased over the past few years. Knock-Off Drive
provides a solution to this issue by allowing a user to
create their own customized cloud server in the pocket.
Our research approach starts from investigating the
issues in cloud storage, surveying affordable hardware
and software and implementing an engineering solution.
Although the current implementation is not necessarily
as secure as known-companies at this moment, it
demonstrates the idea of providing encrypted files and
Figure 8. An example of the created HTTP library sending messages over HTTPS protocol. For the future
work, we are working on modularizing the system to
HTTP server provides different services via different make it easier to build and setup such that more and
methods. For example, the interpretMessage() method more users can easily build private and customized
interprets the message read from the client and forms a personal data storage.
reasonably correct response message to return back to
the client. The HTTP class uses many other helper
classes and enums, such as the Message class (contains REFERENCES
and maintains an HTTP message), to more easily [1] Internet World Stats – Internet Penetration Rates.
structure and organize the server into pieces that don’t https://www.internetworldstats.com/top25.htm
often change. [2] Statista: Cloud storage usage of online adults in the U.S.
https://www.statista.com/statistics/710964/us-cloud-
Creating a fully-functioning HTTP server from computing-consumer-usage/
scratch was not trivial. All HTTP interactions involve an [3] 6 security risks of enterprises using cloud storage and file
HTTP message, including a start-line, optional header sharing apps.
https://digitalguardian.com/blog/6-security-risks-
lines, and a data field (which could be empty). Much of
enterprises-using-cloud-storage-and-file-sharing-apps
the interaction between a Web browser and server occur [4] Safety Concerns with Cloud Storage & Their Possible
through the optional header lines in each message, which Solutions.
allows the server and client to communicate how the https://smidcloud.com/en/safety-concerns-with-cloud-
other is operating as well as useful information about the storage-their-possible-solutions/
data field [9]. [5] HTML Element Reference, W3schools, February 2017.
https://www.w3schools.com/tags/default.asp
With the HTTP server code written, tested, and [6] CSS Reference, W3schools, February 2017.
debugged, we deployed both the HTTP and the FTP https://www.w3schools.com/cssref/default.asp
server applications onto the Raspberry Pi to host the web [7] JavaScript and HTML DOM Reference, W3schools,
page and the files respectively, and, with the aid of the February 2017.
PHP code, wove them together to create a seamless user https://www.w3schools.com/jsref/default.asp
[8] PHP 5 FTP Functions, W3schools, February 2017.
experience.
https://www.w3schools.com/php/php_ref_ftp.asp
[9] How To Host A Website With Raspberry Pi, ReadWrite,
IV. CONCLUSION AND FUTURE WORK June 2017.
https://readwrite.com/2014/06/27/raspberry-pi-web-
Knock-Off Drive was an attempt as a solution to the server-website-hosting/
issue of oversaturation in cloud-based data storage.

978-1-5386-9374-2/18/$31.00 ©2018 IEEE

Authorized licensed use limited to: MANIPAL INSTITUTE OF TECHNOLOGY. Downloaded on October 22,2024 at 22:26:51 UTC from IEEE Xplore. Restrictions apply.