An Introduction to Steganography

Slides:



Advertisements
Similar presentations
Copyright 2003, Marchany Hiding Text in MP3 Files Randy Marchany VA Tech Computing Center Blacksburg, VA
Advertisements

Steganography University of Palestine Eng. Wisam Zaqoot April 2011 ITSS 4201 Internet Insurance and Information Hiding.
Steganograp hy By : Uday Deep Singh (IT-2 / 7 th Sem) “The Art Of Hiding Content In Images” 1.
F5 A Steganographic Algorithm
Computers Talk Binary. nd/Binary_Conversion/Binary_to_Text.asp Send me a polite or write me a polite coded.
Introduction to Watermarking Anna Ukovich Image Processing Laboratory (IPL)
Information Hiding: Watermarking and Steganography
An Introduction Steganography with A Case Study of Steganalysis
Khan, Mohammed Minhajuddin
1 Adnan Gutub Computer Engineering King Fahd University of Petroleum & Minerals Saudi Arabia A Novel Arabic Text Steganography Method Using Letter Points.
Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Validation and Recovering Graphic Files and Steganography September 19, 2014.
“The Art of Hiding Data”
Security 3 Distributed Systems Lecture # 16. Overview Steganography Digital Watermarking.
-Archana Sapkota -Deepti Reddy Steganography 1 CS691 Summer 2009.
Overview of Digital Stenography
Cryptography (continued). Enabling Alice and Bob to Communicate Securely m m m Alice Eve Bob m.
Survey on Information Assurance TEL 581 Presented by Viswesh Prabhu Subramanian Gregory Michel Lincoln Jean Louis Steganography.
Digital Watermarking. Introduction Relation to Cryptography –Cryptography is Reversibility (no evidence) Established –Watermarking (1990s) Non-reversible.
Steganography Detection Brittnee Morgan December 22, 2004 HPR 108B.
Steganography Rayan Ghamri.
Steganography and Digital Watermarking Jonathan Cummins, Patrick Diskin, Samuel Lau, Robert Parlett, Mark Ryan.
STEGANOGRAPHY. C ONTENTS Defination Steganography History Steganalysis Steganography v/s Cryptography Steganography Under Various Media Steganographic.
CS 5888C5 8S A PRODUCTION JONATHAN ERDMANHEAD TROJAN MANN WARM PILL SNOTPORTMAN WILLS ETHNIC URCHINSERIC HUTCHINS STEPHEN LIANGA PENIS LENGTH.
Exploring Steganography: Seeing the Unseen Neil F. Johnson Sushil Jajodia George Mason University.
Reza Mohammadi Shiraz University Of Technology
Steganography detection Roland Cmorik, Martin Šumák.
Steganography Ben Lee III Long Truong ECE Spring 2002.
Steganography.
Steganography Steganography refers to any methodology used to hide a message (including text, sound, or picture) in a separate file. Most commonly text.
Watermarking University of Palestine Eng. Wisam Zaqoot May 2010.
Robert Krenn January 21, 2004 Steganography Implementation & Detection.
S TEGANOGRAPHY The Art of Message Hiding. Cryptography: Securing Information in the Digital Age Part 1: Introduction to Steganography Part 2: Hands-on.
Digital Steganography
Steganography. Outline What is Steganography? History Steganography used nowadays? Terms Steganography methods Steganography Available Software Steganalysis.
Have you ever wanted to hide something from: Your friends? Your family? The Government?
Steganography Paul Gretes Gangster pay ho Dennis Pattersonno sniper DNA test A lepers gut.
December 4, 2007 Steganography By: Brittany Bugg and Makenzie Young.
Submitted By: Varun Singh Roll no.: MRT09UGBCS036.
Digital image processing is the use of computer algorithms to perform image processing on digital images which is a subfield of digital signal processing.
Information Hiding Nattawat Laksanawisit At National Chi Nan University.
Steganography Kati Reiland CS 419 April 7, What is Steganography? Technically meaning “covered writing” Anything that hides information in another.
Steganography Ed Norris ECE /4/03. Introduction  Undetectable information hiding  Why undetectable?  The message and the communication itself.
STEGANOGRAPHY AND DIGITAL WATERMARKING KAKATIYA INSTITUTE OF TECHNOLOGY AND SCIENCES,WARANGAL.
Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Validation and Recovering Graphic Files and Steganography October 5, 2011.
By, Harshada Mangesh Kshirsagar. TE Computer Bhatati Vidyapeeth’s College of Engg For Women,Pune-43.
Topic 10a Introduction to Steganography 454 NOTE: some of the enclosed information was adapted from slides created by Professor Gary C. Kessler of Champlain.
Class 9 LBSC 690 Information Technology Multimedia.
Steganography Leo Lee CS 265, Section 2 Dr. Stamp April 5, 2004.
Cryptographic Anonymity Project Alan Le
 Image based Steganography  Previous Work  Message Concealment Techniques  Using Punctuation Marks  Using modified Scytale Cipher  S-Tools Software.
Steganography Ryan Albright.
MANAGEMENT OF STEGANOGRAPHY OLALEKAN A. ALABI COSC 454.
Digital Steganography Jared Schmidt. In This Presentation… Digital Steganography Common Methods in Images Network Steganography Uses Steganalysis o Detecting.
FOOTPRINTING STEGANOGRAPHY.
By Colton Delman COSC 316. Greek roots –Steganos : covered –Graphie: writting Hidden communication The hiding of data, information, or messages in many.
Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Validation and Recovering Graphic Files and Steganography September 10, 2010.
STEGANOGRAPHY Sibaka Mahapatra Computer Science 3rd Year, Sec-E
By: U.Aruna M.Shanthi Priya Allows users to embed special pattern or some data into digital contents without changing its perceptual quality. When data.
Introduction to Computer Security ©2004 Matt Bishop Information Security Principles Assistant Professor Dr. Sana’a Wafa Al-Sayegh 1 st Semester
Text File Hiding in Audio (WAV) File using Least Significant Bit Encoding Steganography A mini software project demonstration on By Satish Bhalshankar.
Digital Steganography
Introduction to Steganography
Welcome
Computers Talk Binary.
Steganography.
Visit for more Learning Resources
Steganography with Digital Images
Khan, Mohammed Minhajuddin
Digital Forensics Dr. Bhavani Thuraisingham
STEGANOGRAPHY IN IMAGES
Presentation transcript:

An Introduction to Steganography Chao-Hsien Chu, Ph.D. College of Information Sciences and Technology The Pennsylvania State University University Park, PA 16802 chu@ist.psu.edu Theory  Practice Learning by Doing

Thanks! This presentation was adapted from the slides created by Professor Gary C. Kessler of Champlain College.

Overview Different Ways of Hiding Data The role of steganography Null ciphers and grammar-based stego Color and sound encoding LSB substitution Examples with GIF, JPEG, and WAV

Ways of Hiding Data Deleted and recovered Change file extension – File signatures Hide data in file property (Drive slack). Data carving / salvaging Layered graphic files Hiding data in executable Files Cryptography Steganography Differences ?

Hiding Data in Executable Files - Hydan Hides data in a Windows or Linux binary file. Takes advantage of redundancies in i386 assembler. E.g., A + B vs. A - (-B) Can hide one byte in ~110 instruction bytes Maintains size of carrier file

Problem Scenario Alice and Bob are in male/female prisons and want to communicate to make an escape plan. Willie warden would let them communicate but would monitor the communication. A solution needs to be found out such that the communication would seem to be innocent to person who is not aware that “something lies beneath it”.

Steganography Covered writing Embedding information in given media without making any visible changes to it. Poor cousin of cryptography till recently. stego_medium = cover_medium + hidden_data + stego_key

Steganography Uses in History Dates back several millennium: Wax tablets Messages tattooed on scalps. Dots on top of ‘i’ and ‘j’ Deliberate misspellings or Error Microdots, invisible ink, microfilm. Could hide an image under another image in a PPT file or text in same color as background Digital steganography can hide information in image, video, or audio files -- or just about any binary file. Primary legitimate use is "digital watermarking"

Modern Day Applications Avoid third party snooping Security reinforcement layer to cryptography Hiding copyright info: digital watermarks and fingerprinting (growing due to web piracy) Data encapsulation : data and still images

Digital Watermarking Digital watermarking is a subset of stego: Used to protect ownership of intellectual property Characteristics: Usually involves a small amount of repetitive data Watermark not necessarily hidden Watermark can be removed without disrupting integrity of original file

The Process of Steganoggraphy Carrier + Steganography medium Hidden Message = + Steganography key

Stego Inverse Function fE-1 Steganographic Model Stego Key (K) Stego Key (K) Stego Function fE Stego Inverse Function fE-1 Cover C Embedded (E) Embedded (E) Stego S Sender Recipient The Stegosystem

Stego-system Criteria Cover data should not be significantly modified i.e. perceptible to human perception system. The embedded data should be directly encoded in the cover & not in wrapper or header. Embedded data should be immune to modifications to cover. Distortion cannot be eliminated so error-correcting codes need to be included whenever required.

Classification of Steganography Techniques

Classification of Steganography Techniques

Steganography Methods and Tools LSB Encoding » S-Tools Grammar selection » spammimic, hydan Covert Channels » Covert TCP Data Appending » Camouflage Color Palette Modification (8-bit) » E.g., S-Tools, Gif-It-Up Format Modification » Invisible Secrets Encoding Algorithm Modification » J-Steg, JP Hide-&-Seek, MP3 Steno

8-bit vs. 24-bit Color 24-bit color is True Color 1 pixel requires three bytes, each representing level of red/green/blue (RGB) color. Color of this line is denoted 0xbf-1d-98 [i.e., Red=191 (0xbf), Green=29 (0x1d), Blue=152 (0x98)] 16,777,216 (224) possible colors/image 8-bit color is alsoTrue Color, but... Image contains a palette with up to 256 (28) unique colors, each of which is denoted by a 24-bit RGB value Each pixel requires 1 byte to point to palette entry

Encoding Voice Pulse Code Modulation Human ear detects 20-20,000 Hz; sampling rate is twice highest frequency Voice uses 28 quantization levels; music uses 216 levels Voice samples 8 kHz, music up to 44.1 kHz

LSB Substitution LSB substitution overwrites the least significant bit of target bytes Example: Hide "G" (01000111) in 3 pixels Original data 10010101 00001101 11001001 10010110 00001111 11001011 10011111 00010000 11001011 Stego data 10010100 00001101 11001000 10010110 00001110 11001011 10011111 00010001 11001011 Note that only 50% of the stego bits actually change!

Example of Null Ciphers Null cipher hides message in the text of another message. E.g., messages sent by Germans during WW I PRESIDENT'S EMBARGO RULING SHOULD HAVE IMMEDIATE NOTICE. GRAVE SITUATION AFFECTING INTERNATIONAL LAW. STATEMENT FORESHADOWS RUIN OF MANY NEUTRALS. YELLOW JOURNALS UNIFYING NATIONAL EXCITEMENT IMMENSELY. APPARENTLY NEUTRAL'S PROTEST IS THOROUGHLY DISCOUNTED AND IGNORED. ISMAN HARD HIT. BLOCKADE ISSUE AFFECTS PRETEXT FOR EMBARGO ON BYPRODUCTS, EJECTING SUETS AND VEGETABLE OILS.

Answer of Null Ciphers PRESIDENT'S EMBARGO RULING SHOULD HAVE IMMEDIATE NOTICE. GRAVESITUATION AFFECTING INTERNATIONAL LAW. STATEMENT FORESHADOWS RUIN OF MANY NEUTRALS. YELLOW JOURNALS UNIFYING NATIONAL EXCITEMENT IMMENSELY. APPARENTLY NEUTRAL'S PROTEST IS THOROUGHLY DISCOUNTED AND IGNORED. ISMAN HARD HIT. BLOCKADE ISSUE AFFECTS PRETEXT FOR EMBARGO ON BYPRODUCTS, EJECTING SUETS AND VEGTABLE OILS PERSHING SAILS FROM N.Y. JUNE 1

Spam as a Stego Medium Dear Friend , This letter was specially selected to be sent to you ! We will comply with all removal requests ! This mail is being sent in compliance with Senate bill 1621 ; Title 5 ; Section 303 ! Do NOT confuse us with Internet scam artists . Why work for somebody else when you can become rich within 38 days ! Have you ever noticed the baby boomers are more demanding than their parents & more people than ever are surfing the web ! Well, now is your chance to capitalize on this ! WE will help YOU sell more & SELL MORE . You can begin at absolutely no cost to you ! But don't believe us ! Ms Anderson who resides in Missouri tried us and says "My only problem now is where to park all my cars" . This offer is 100% legal . You will blame yourself forever if you don't order now ! Sign up a friend and your friend will be rich too . Cheers ! Dear Salaryman , Especially for you -this amazing news . If you are not interested in our publications and wish to be removed from our lists, simply do NOT respond and ignore this mail ! This mail is being sent in compliance with Senate bill 2116 , Title 3 ; Section 306 ! This is a ligitimate business proposal ! Why work for somebody else when you can become rich within 68 months ! Have you ever noticed more people than ever are surfing the web and nobody is getting any younger ! Well, now is your chance to capitalize on this . We will help you decrease perceived waiting time by 180% and SELL MORE . The best thing about our system is that it is absolutely risk free for you ! But don't believe us ! Mrs Ames of Alabama tried us and says "My only problem now is where to park all my cars" . We are licensed to operate in all states ! You will blame yourself forever if you don't order now ! Sign up a friend and you'll get a discount of 20% ! Thanks ! Dear Salaryman , Your email address has been submitted to us indicating your interest in our briefing ! If you no longer wish to receive our publications simply reply with a Subject: of "REMOVE" and you will immediately be removed from our mailing list . This mail is being sent in compliance with Senate bill 1618 , Title 6 , Section 307 . THIS IS NOT A GET RICH SCHEME . Why work for somebody else when you can become rich within 17 DAYS ! Have you ever noticed more people than ever are surfing the web and more people than ever are surfing the web ! Well, now is your chance to capitalize on this ! WE will help YOU turn your business into an E-BUSINESS and deliver goods right to the customer's doorstep ! You are guaranteed to succeed because we take all the risk ! But don't believe us . Ms Simpson of Wyoming tried us and says "Now I'm rich, Rich, RICH" ! We assure you that we operate within all applicable laws . We implore you -act now ! Sign up a friend and you'll get a discount of 50% . Thank-you for your serious consideration of our offer .

Spam Mimic Meet at Main and Willard at 8:30 * http://www.spammimic.com/

Masking and Filtering Hide information by marking an image in a manner similar to paper watermarks. Watermarking techniques integrate a data in image Faint but perceptible signal is covered by another one that makes the first non-perceptible to human eye. No destruction of data with image compression. Used widely for digital watermarking and fingerprinting. Used for hiding a image within another.

Masking and Filtering Cover pixel : 01011100 Secret image pixel: 11101010 Resultant pixel: 01011101 (3+5) The contribution of each pixel can be varied to achieve desired effect.

Sending a Steganographic Message

= + TOP SECRET Example: Copyright Fabian A.P. Petitcolas, Computer Laboratory, University of Cambridge http://www.cl.cam.ac.uk/~fapp2/steganography/image_downgrading/

Sacrificing 2 bits of cover to carry 2 bits of secret image Original Image Extracted Image

Sacrificing 5 bits of cover to carry 5 bits of secret image Original Image Extracted Image

Where Stego Works Best Steganography works best in cover files with high energy: Bright colors High volume

Sample Stego Tools There are over 300 free and commercial stego tools: Primary carrier files are image and audio formats Any type of binary file can be hidden Examples S-Tools: Designed for lossless compression; hides information inside BMP,GIF, or WAV files using LSB overwriting (password used for LSB randomization and encryption) Gif-It-Up: Designed for lossless compression; hides information inside GIF files using LSB overwriting JP Hide-&-Seek: Designed for lossy compression; hides information inside JPEG files using LSB overwriting of DCT coefficients Camouflage: Append hidden file to carrier file

Examples Hide map in: GIF file (Gif-It-Up) JPEG file (JP Hide-&-Seek) WAV file (S-Tools) JPEG file (Camouflage)

Steganography Tools S-Tools: Gif-It-Up: JP Hide-&-Seek: Stegdetect: Gif , BMP, WAV files LSB Substitution Encryption – DES, IDEA Password Gif-It-Up: Gif files LSB Substitution Encryption JP Hide-&-Seek: JPEG files LSB Overwriting Blowfish Crypto Stegdetect: JPEG files Camouflage: JPEG files

Example 1 -GIF File (Gif-It-Up)

Example 1 -GIF File Properties

Example 1 - GIF File Palettes

Example 2 - JPEG File (JPHS)

Example 2 - JPEG File Properties

Example 3 -WAV File (S-Tools)

Example 3 -WAV Spectrum Analysis

Example 4 - JPEG File (Camouflage)

Example 4 - Binary Analysis

Combating Stego WetStone Technologies' (Commercial): Gargoyle (née StegoDetect): Finds remnants of stego (or other malware) software Stego Suite (Stego Analyst, Stego Break, Stego Watch): Applies statistical methods on suspect files to determine probability that stego was employed, a guess as to the algorithm employed, and attempts to break the password Neils Provo (Outguess.org): stegdetect: Detects stego in JPEG images using several algorithms

stegdetect

Stego Watch Session setup for examining files on a local drive

Stego Watch: Display after examining files on local drive

Stego Watch - File details

Additional References Arnold, Schmucker, & Wolthusen, Techniques and Applications of Digital Watermarking and Content Protection, Artech House Publishers, July 2003. Johnson, Duric, & Jajodia, Information Hiding: Steganography and Watermarking -Attacks and Countermeasures, Springer, July 11, 2006. Wayner, Disappearing Cryptography, 2/e, Morgan Kaufmann, April 2002. Neil Johnson, Steganography & Digital Watermarking page (http://www.jjtc.com/Steganography/) GCK, stego links (www.garykessler.net/library/ securityurl.html#crypto) Stego Archive (http://www.stegoarchive.com/)