Presentation is loading. Please wait.

Presentation is loading. Please wait.

IEEE-WVU, Anchorage - 2008  1 Steg in the Real World Two examples that move the work of steganalysis out of the lab –The massive data survey of Provos.

Published byDominick Lynch Modified over 9 years ago

Similar presentations

Presentation on theme: "IEEE-WVU, Anchorage - 2008  1 Steg in the Real World Two examples that move the work of steganalysis out of the lab –The massive data survey of Provos."— Presentation transcript:

1 IEEE-WVU, Anchorage - 2008  1 Steg in the Real World Two examples that move the work of steganalysis out of the lab –The massive data survey of Provos et al. 2003 –The Stegi@work distributed steganalysis framework

2 IEEE-WVU, Anchorage - 2008  2 Steg on the Web? Provos et al. 2003* 2 million JPEG images from 1 million JPEG images from Usenet –Images restricted in size between 20KB and 400KB stegdetect –Identified potential hidden content in 1% of the images *N. Provos and P. Honeyman, IEEE Security and Privacy Magazine, May/June 2003

3 IEEE-WVU, Anchorage - 2008  3 Steg on the Web? Percentage of (false) positives –JPHide “detected” most often TestEbayUsenet Jsteg0.0030.007 JPHide1.02.1 Outguess0.10.14

4 IEEE-WVU, Anchorage - 2008  4 Steg on the Web? Verifying hidden content –Stegbreak Dictionary attack against Jsteg, JPHide, and Outguess –Ebay: multi-lingual dictionary of 850,000 words –Usenet: short PIN numbers and pass phrases; 1.8 millions words

5 IEEE-WVU, Anchorage - 2008  5 Steg on the Web? Performance of Stegbreak SystemOne Image (words/second) Fifty Images (words/second) JPHide4,5008,700 Outguess 0.13b18,00034,000 Jsteg36,00047,000 1.2 GHz PIII JPHide: 10 days Outguess: ? Jsteg: 8 days

6 IEEE-WVU, Anchorage - 2008  6 Towards a larger steganalysis framework Disconcert - a distributed computing framework for loosely coupled workstations –Distribute indices into stegbreak’s dictionary Ebay: 60 nodes, 200,000 per second for JPHide Usenet: 230 nodes, 870,000 keys per second

7 IEEE-WVU, Anchorage - 2008  7 Is anything out there??? Conclusions of Provos et al. 2003 –All steganographic systems users carefully choose passwords that are not susceptible to dictionary attacks –Images from sources not analyzed carry steganographic content –Images carried content embedded by tools that stegdetect does not consider –Messages are too small for detection

8 IEEE-WVU, Anchorage - 2008  8 Distributed Steganalysis: Stegi@Work Objective –The development of an architecture for an extensible distributed application for steganalsyis User alerts Facility for content destruction of quarantine SOA to facilitate the inclusion of new and improved steganalysis algorithms

9 IEEE-WVU, Anchorage - 2008  9 Overall Architecture

10 IEEE-WVU, Anchorage - 2008  10 Stegi@Work Communications

11 IEEE-WVU, Anchorage - 2008  11 Flexible Network Architectures

12 IEEE-WVU, Anchorage - 2008  12 Flexible Network Architectures

13 IEEE-WVU, Anchorage - 2008  13 User Interface

14 IEEE-WVU, Anchorage - 2008  14 Steganalysis Support Publicly available wrapped tools –Stegdetect (JPEG) –Digital Invisible Ink Toolkit (BMP, PNG) Detects LSB methods –Custom “supertool” Detects via signatures: »In Plain View, S-Tools, Mandelsteg, Hide and Seek v.4 And v.5, Hide4PGP Statistical tests: »  2 and  2 histogram

15 IEEE-WVU, Anchorage - 2008  15 Steganalysis Tool Wrapping Support Full featured tool wrapping API –Tool wrapping support for C/C++, Java, and Matlab programs –Network communication with XML messages between worker clients and Stegi@Work server

16 IEEE-WVU, Anchorage - 2008  16 Implementation Details Entire framework written in Java 5 –Tool support in a variety of languages –JNI low-level system support for Linux and Windows –JBOSS backend server –EJB 3 Object Model

Download ppt "IEEE-WVU, Anchorage - 2008  1 Steg in the Real World Two examples that move the work of steganalysis out of the lab –The massive data survey of Provos."

Similar presentations

Kerberos 1 Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530–520 BC. From Italy (?).

Kerberos 1 Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530–520 BC. From Italy (?).
F5 A Steganographic Algorithm

F5 A Steganographic Algorithm
ARCHIMÈDE Presented by Guy Teasdale Directeur, Services soutien et développement Bibliothèque de l’Université Laval CARL Workshop on Institutional Repositories.

ARCHIMÈDE Presented by Guy Teasdale Directeur, Services soutien et développement Bibliothèque de l’Université Laval CARL Workshop on Institutional Repositories.
FIT3105 Smart card based authentication and identity management Lecture 4.

FIT3105 Smart card based authentication and identity management Lecture 4.
-Archana Sapkota -Deepti Reddy Steganography 1 CS691 Summer 2009.

-Archana Sapkota -Deepti Reddy Steganography 1 CS691 Summer 2009.
Steganography Part 2 – Detection and Research. Introduction to Steganalysis What is steganalysis?  The art of detecting messages hidden by steganography.

Steganography Part 2 – Detection and Research. Introduction to Steganalysis What is steganalysis?  The art of detecting messages hidden by steganography.
Steganography Greg Mitchell COS413 Computer Forensics Professor Tony Gauvin.

Steganography Greg Mitchell COS413 Computer Forensics Professor Tony Gauvin.
Module Nine - Steganography Highline Community College Seattle University University of Washington in conjunction with the National Science Foundation.

Module Nine - Steganography Highline Community College Seattle University University of Washington in conjunction with the National Science Foundation.
Steganography Detection Brittnee Morgan December 22, 2004 HPR 108B.

Steganography Detection Brittnee Morgan December 22, 2004 HPR 108B.
Chapter 9: The Client/Server Database Environment

Chapter 9: The Client/Server Database Environment
Security and Digital Recording System Students: Gadi Marcu, Tomer Alon Number:D1123 Supervisor: Erez Zilber Semester:Spring 2004 Final Presentation.

Security and Digital Recording System Students: Gadi Marcu, Tomer Alon Number:D1123 Supervisor: Erez Zilber Semester:Spring 2004 Final Presentation.
WISENET Wireless Sensor Network Project Team: J. Dunne D. Patnode Advisors: Dr. Malinowski Dr. Schertz.

WISENET Wireless Sensor Network Project Team: J. Dunne D. Patnode Advisors: Dr. Malinowski Dr. Schertz.
1 © Prentice Hall, 2002 The Client/Server Database Environment.

1 © Prentice Hall, 2002 The Client/Server Database Environment.
Lecture The Client/Server Database Environment

Lecture The Client/Server Database Environment
The Client/Server Database Environment

The Client/Server Database Environment
1 Integrating a Network IDS into an Open Source Cloud Computing Environment 1st International Workshop on Security and Performance in Emerging Distributed.

1 Integrating a Network IDS into an Open Source Cloud Computing Environment 1st International Workshop on Security and Performance in Emerging Distributed.
MBA 664 Database Management Systems Dave Salisbury ( )

MBA 664 Database Management Systems Dave Salisbury ( )
Protecting Web 2.0 Services from Botnet Exploitations Cybercrime and Trustworthy Computing Workshop (CTC), 2010 Second Nguyen H Vo, Josef Pieprzyk Department.

Protecting Web 2.0 Services from Botnet Exploitations Cybercrime and Trustworthy Computing Workshop (CTC), 2010 Second Nguyen H Vo, Josef Pieprzyk Department.
Center for Information Security Technologies, Korea University Digital Image Steganalysis Kwang-Soo Lee.

Center for Information Security Technologies, Korea University Digital Image Steganalysis Kwang-Soo Lee.
IEEE-WVU, Anchorage - 2008  1 The Unseen Challenge Data Sets Anderson Rocha Walter Scheirer Siome Goldenstein Terrance Boult.

IEEE-WVU, Anchorage  1 The Unseen Challenge Data Sets Anderson Rocha Walter Scheirer Siome Goldenstein Terrance Boult.

Similar presentations

Ads by Google