Presentation is loading. Please wait.

Presentation is loading. Please wait.

FESA (Framework for Enterprise StegAnalysis) Charles D. George, Jr. Masters Project Fall Semester 2012.

Published byShon Holt Modified over 8 years ago

Similar presentations

Presentation on theme: "FESA (Framework for Enterprise StegAnalysis) Charles D. George, Jr. Masters Project Fall Semester 2012."— Presentation transcript:

1 FESA (Framework for Enterprise StegAnalysis) Charles D. George, Jr. Masters Project Fall Semester 2012

2 Background Steganography – art of hiding messages such that only the sender and recipient are aware Steganalysis – art of detecting messages hidden with steganography The relationship between steganography and steganalysis is similar to that of cryptography and cryptanalysis.

3 Steganography Digital steganography (1985) Media files images, audio, video, ect Images are the most popular – JPEG – TIFF – PNG – GIF – BMP Thousands of tools exist

4 Steganalysis Statistical analysis – Spectrum – Inconsistencies with compression Signatures – Specific bit patterns – Identifiable header information, ect Most tools are one-off and try to detect specific algorithms Cat and mouse game as new steg algorithms emerge

5 FESA Utilize existing research on steganography detection Modular, extensible, robust Plugin framework for steganography detection algorithms Suitable for an Enterprise Scalable

6 Enterprise Technologies Enterprise JavaBeans (EJBs) JavaServer Faces (JSF) Java DB (Derby) RESTful WS (JAX-RS) CDI (Web Beans) Java Persistence (JPA) Java Web Start (JavaWS)

7 Design

8 Design :: Plugin Framework Rolled my own plugin framework Reuses parts of Java ServiceProvider mechanism Dynamically adds/removes plugins at runtime Plugins represented as third-party jars – Implement a service provider interface Each plugin loaded into it’s own classloader Internal map tracks current plugins

9 Design :: Business Logic Encapsulates all the functionality of the system Plugin management Invoking plugins for steganography detection Database communication Security

10 Design :: PluginsBean Singleton JavaBean (One instance) – There should only be one view of the plugins Loads plugins from plugins directory Listens on that directory for files being created/deleted Manages adding, removing, and querying plugins Processes a PluginRequest and responds with a PluginResponse. Has defined roles “PluginAdmin” – Only users of this group can modify plugins

11 PluginBean :: PluginRequest

12 PluginBean :: PluginResponse

13 PluginBean :: Security PluginBean is annotated with @DeclaredRoles and @RolesAllowed Security enforced by GlassFish Users are created and placed in groups Groups are mapped to roles Only users in group “PluginAdmin” have access to modify plugins

14 Design :: DetectionBean Stateless bean – New instance per request (detection request) – Automatically thread for performance ect Computes mime type and hash Database interaction for previous results Invokes all plugins that match the file’s mime type Processes DetectionRequest and responds with a DetectionResponse

15 DetectionBean :: DetectionRequest

16 DetectionBean :: DetectionResponse

17 Design :: REST Web Services Two web service methods are available – Handle plugin and detection requests Produce/Consume XML Use contexts and dependency inject to call a bean to process the request (Plugin/Detection) – @EJB annotation is used for CDI XML requests/responses are automaticalled converted into objects with JAXB – Java classes (POJOs) are annotated with JAXB annotations These objects are passed to the beans

18 Design :: Database Used to store results of files that have been processed Efficient since duplicate files don’t need to be reprocessed Dirty flag is enabled when plugins change which will require reprocessing DetectionResponse class is annotated as an Entity that maps to the database schema – Allows for injection of persistence context and easily persist/retrieve results

19 Database :: Detection Response

20 Database :: Detection Technique Result

21 Code Walk Through

22 Demonstration

23 Questions?

Download ppt "FESA (Framework for Enterprise StegAnalysis) Charles D. George, Jr. Masters Project Fall Semester 2012."

Similar presentations

J0 1 Marco Ronchetti - Basi di Dati Web e Distribuite – Laurea Specialistica in Informatica – Università di Trento.

J0 1 Marco Ronchetti - Basi di Dati Web e Distribuite – Laurea Specialistica in Informatica – Università di Trento.
11 Copyright © 2005, Oracle. All rights reserved. Creating the Business Tier: Enterprise JavaBeans.

11 Copyright © 2005, Oracle. All rights reserved. Creating the Business Tier: Enterprise JavaBeans.
ISE 390 Dynamic Web Development Java EE Web Applications.

ISE 390 Dynamic Web Development Java EE Web Applications.
My First Building Block Presented By Tracy Engwirda 28 September, 2005.

My First Building Block Presented By Tracy Engwirda 28 September, 2005.
Integrating SOA and the Application Development Framework Shaun O’Brien Principal Product Manager – Oracle JDeveloper / ADF.

Integrating SOA and the Application Development Framework Shaun O’Brien Principal Product Manager – Oracle JDeveloper / ADF.
Introduction to Java 2 Enterprise Edition About myself –Neutrinos, Cancer Research, IT Applications Today’s topic: J2EE –Context –Advantages –Components.

Introduction to Java 2 Enterprise Edition About myself –Neutrinos, Cancer Research, IT Applications Today’s topic: J2EE –Context –Advantages –Components.
 Java  Python  Bigtable(Bt) is a distributed storage system for managing structured data that is designed to scale to a very large size.  Query Language.

 Java  Python  Bigtable(Bt) is a distributed storage system for managing structured data that is designed to scale to a very large size.  Query Language.
JBoss Seam: Contextual Components Jason Bechtel

JBoss Seam: Contextual Components Jason Bechtel
EJB Design. Server-side components Perform –complex algorithms –high volume transactions Run in –highly available environment (365 days/year) –fault tolerant.

EJB Design. Server-side components Perform –complex algorithms –high volume transactions Run in –highly available environment (365 days/year) –fault tolerant.
© 2005, Cornell University. Rapid Application Development using the Kuali Architecture (Struts, Spring and OJB) A Case Study Bryan Hutchinson

© 2005, Cornell University. Rapid Application Development using the Kuali Architecture (Struts, Spring and OJB) A Case Study Bryan Hutchinson
Technion – Israel Institute of Technology Department of Electrical Engineering Software Lab Grades Server on J2EE Technology Edo Yichie Sagee Rosen Supervisor:

Technion – Israel Institute of Technology Department of Electrical Engineering Software Lab Grades Server on J2EE Technology Edo Yichie Sagee Rosen Supervisor:
Structure of a web application1 Dr Jim Briggs. MVC Structure of a web application2.

Structure of a web application1 Dr Jim Briggs. MVC Structure of a web application2.
Emmanuel Cecchet et al.  Performance Scalability of J2EE application servers.  Test effect of: ◦ Application Implementation Methods ◦ Container Design.

Emmanuel Cecchet et al.  Performance Scalability of J2EE application servers.  Test effect of: ◦ Application Implementation Methods ◦ Container Design.
Spring Roo CS476 Aleksey Bukin Peter Lew. What is Roo? Productivity tool Allows for easy creation of Enterprise Java applications Runs alongside existing.

Spring Roo CS476 Aleksey Bukin Peter Lew. What is Roo? Productivity tool Allows for easy creation of Enterprise Java applications Runs alongside existing.
Chapter 10 EJB Concepts of EJB Three Components in Creating an EJB Starting/Stopping J2EE Server and Deployment Tool Installation and Configuration of.

Chapter 10 EJB Concepts of EJB Three Components in Creating an EJB Starting/Stopping J2EE Server and Deployment Tool Installation and Configuration of.
CSCI 6962: Server-side Design and Programming Course Introduction and Overview.

CSCI 6962: Server-side Design and Programming Course Introduction and Overview.
 Introduction Introduction  Purpose of Database SystemsPurpose of Database Systems  Levels of Abstraction Levels of Abstraction  Instances and Schemas.

 Introduction Introduction  Purpose of Database SystemsPurpose of Database Systems  Levels of Abstraction Levels of Abstraction  Instances and Schemas.
S TEGANOGRAPHY The Art of Message Hiding. Cryptography: Securing Information in the Digital Age Part 1: Introduction to Steganography Part 2: Hands-on.

S TEGANOGRAPHY The Art of Message Hiding. Cryptography: Securing Information in the Digital Age Part 1: Introduction to Steganography Part 2: Hands-on.
Enterprise Java Bean Matt. 2 J2EE 3 J2EE Overview.

Enterprise Java Bean Matt. 2 J2EE 3 J2EE Overview.
Enterprise JavaBeans. What is EJB? l An EJB is a specialized, non-visual JavaBean that runs on a server. l EJB technology supports application development.

Enterprise JavaBeans. What is EJB? l An EJB is a specialized, non-visual JavaBean that runs on a server. l EJB technology supports application development.

Similar presentations

Ads by Google