Académique Documents
Professionnel Documents
Culture Documents
SUBMITTED BY:
SHUBHI JAIN
ELECTRONICS AND COMMUNICATION
GYAN GANGA INSTITUTE OF TECHNOLOGY AND SCIENCES
JABALPUR
MADHYA PRADESH
CONTENTS:
1. INTRODUCTION
2. HISTORY
3. TERMINOLOGY
4. TYPES OF STEGANOGRAPHY
5. IMPLEMENTATION OF STEGANOGRAPHY
6. STEGANALYSIS
7. LIMITATIONS OF STEGANOGRAPHY
8. APPLICATIONS OF STEGANOGRAPHY
9. CONCLUSION
INTRODUCTION
Have you ever wanted to hide something from your friends, family or
government? If the answer is yes, then you need to learn about STEGANOGRAPHY.
Steganography, coming from the Greek words stegos, meaning roof or covered and
graphia which means writing, is the art and science of hiding the fact that communication is
taking place. To give a more formal definition, the Merriam Webster Dictionary defines
steganography as: The Art or practice of concealing a message, image, or file.
Steganography and cryptography are closely related. Cryptography
scrambles messages so they cannot be understood. Steganography on the other hand, will
hide the message so that they cannot be seen. Using steganography, you can embed a
secret message inside a piece of unsuspicious information and send it without anyone
knowing of the existence of the secret message.
As the field of stegonagraphy has progressed, people have become
increasingly interested in being able to detect these hidden messages inside media. The
field of steganalysis has emerged to meet this need. Steganalysis can be defined as, the
art and science of detecting steganography.The main goals of steganalysis are to detect
stegonagraphy and to detect what method (or piece of software) was used to hide the
information.
HISTORY
Throughout history, people always have aspired to more privacy and
security for their communications. One of the first documents describing Steganography
comes from Histories by Herodotus, the Father of History. The first known application dates
back to the ancient Greek times, when messengers tattooed messages on their shaved
heads and then let their hair grow so the message remained unseen. A different method
from that time used wax tables as a cover source. Text was written on the underlying wood
and the message was covered with a new wax layer. The tablets appeared to be blank so
they passed inspection without question until a woman named Gorgo guessed that maybe
the wax was hiding something. She removed the wax and became the first woman
cryptanalyst in History.
The Germans developed microdot technology during World War II
which was referred to as the enemys masterpiece of espionage. Microdots are
photographs, the size of a printed period having the clarity of standard-sized type-written
pages.The microdots where then printed in a letter or on an envelope and being so small,
they could be sent unnoticed.
Recently, the United States government claimed that Osama Bin
Laden and the al-Qaeda organization use steganography to send messages through
websites and newsgroups. However, until now, no substantial evidence supporting this
claim has been found, so either al-Qaeda has used or created real good steganographic
algorithms, or the claim is probably false. Many different motives exist to detect the use of
steganography, so techniques to do so continue to be developed while the hiding
algorithms become more advanced.
TERMINOLOGY
When a message is encrypted, its easy to understand that it
contains sensitive information, a secret and someone might try to break it.
Steganography solves this problem by hiding the sensitive information in a harmless file
called carrier file. Steganographic software enables information to be hidden in text,
graphics, sound files. The embedding process produces a stego object which contains the
hidden message. We can use a stego key to control the embedding process, so we can
also restrict detection and/or recovery of the embedded data to other parties with the
appropriate permissions to access this data.
When designing information hiding techniques, we have to consider
three competing aspects: capacity, security, and robustness. Capacity refers to the amount
of information we can embed in a cover object. Security relates to an eavesdroppers
inability to detect the hidden information. Robustness refers to the amount of modification
the stego-object can withstand before an adversary can destroy the information.
TYPES OF STEGANOGRAPHY
Steganography can be split into two types, these are Fragile and
Robust. The following section describes the definition of these two different types of
steganography.
Fragile Fragile steganography involves embedding information into a file which is
destroyed if the file is modified. This method is unsuitable for recording the copyright
holder of the file since it can be so easily removed, but is useful in situations where it is
important to prove that the file has not been tampered with, such as using a file as
evidence in a court of law, since any tampering would have removed the watermark.
Fragile steganography techniques tend to be easier to implement than robust methods.
Robust Robust marking aims to embed information into a file which cannot easily be
destroyed. Although no mark is truly indestructible, a system can be considered robust
if the amount of changes required to remove the mark would render the file useless.
There are two main types of robust marking: Fingerprinting and Water marking
IMPLEMENTATION OF STEGANOGRAPHY
There are ways to hide information in an image, audio and even text
files. Moreover, if that message is in addition encoded then it has one more supplemental
level of protection. Computer steganography is based on two principles.
1. The first one is that the files that contain digitized images or sound can be altered to a
certain extend without loosing their functionality unlike other types of data that have to be
exact in order to function properly, an example of that would be a computer program.
2. The other principle deals with the human inability to distinguish negligible changes in
image color or sound quality, which is especially easy to make use of in objects that
contain redundant information, be it 16-bit sound, 8-bit or even better 24-bit image.
Speaking of images, changing the value of the least significant bit of
the pixel color wont result in any perceivable change of that color. One of the best and
most widely spread steganographic products for Windows95/98/NT is S-Tools.
Background. Evaluation method and Software evaluation which include S-Tools and Hide
and Seek v4.1 are the software packages which were reviewed with respect to
Steganographic manipulation of images. A very useful feature is the status line that
displays the largest message size that can be stored in the carrier file. All the software
uses the LSB method to both images and audio files. Steganography allows you to hide
information in five innocent looking files types: JPEG, PNG, BMP, HTML and WAV.
Null ciphers (unencrypted messages) were also used. An example of
a message containing a null cipher is German Spy in World War II:
Apparently neutral's protest is thoroughly discounted and ignored. Isman hard hit.
Blockade issue affects Pretext for embargo on byproducts, ejecting suets and Vegetable
oils.
Taking the second letter in each word the following message emerges:
Pershing sails from NY June 1.
for an unmodified image and b shows how after the steganographic process, adjacent
coefficients have the same value. Again, there are various tips and tricks to prevent
detection. Usually when the new methods are developed, new steganalysis methods to
detect them follow.
BASIC TECHNIQUE
The simplest way to hide a message in an audio file is to use a key
stream to encode some data in the least significant bits of the sampled audio. Essentially,
this adds a low-level stream of noise to the sound that would be inaudible during normal
listening. This technique works well for WAV, which uses a fixed number of bits (usually
16) for each sample. Generally, data is inserted into the WAV file using a key stream,
which is generated from a pass phrase. The key stream indicates which samples should be
modified to contain hidden data. An average of 3 LSBs sample can be modified before the
added noise becomes audible to listeners.
The simple LSB encoding method does not work for compressed
audio such as MP3, which uses a variety of compression techniques (including
psychoacoustic techniques) in order to ensure that every bit is significant. While the
increasing prevalence of compressed audio may appear to render LSB-encoding obsolete,
there is still longoing research into the improvement of LSB compression techniques. One
method to improve the capacity of LSB-encoded signals is using a simple technique called
minimum-error replacement. The technique works like this: Suppose that, in a single
sample, you wish to encode k LSBs of hidden data. Normally, the LSBs would simply be
replaced with the encoded LSBs. However, in minimum- error encoding, you also look at
the sample with the same k LSBs encoded, and the k-1st bit flipped. You then see which
of these encoded samples is closer numerically to the original sample, and replace the
original sample with that one.
k=4
Original Sample
XXXX XXXX
XXX1 0001
XXXX XXXX
XXX1 1111
XXXX XXXX
XXX0 1111
STEGANALYSIS :
DETECTING STEGANOGRAPHY
Text
While information can be hidden inside texts in such a way that the
presence of the message can only be detected with knowledge of the secret key, for
example when using the earlier mentioned method using a publicly available book and a
combination of character positions to hide the message, most of the techniques involve
alterations to the cover source. These modifications can be detected by looking for patterns
in texts or disturbings, thereof, odd use of language and unusual amounts of whitespace.
Images
Although images can be scanned for suspicious properties in a very
basic way, detecting hidden messages usually requires a more technical approach.
Changes in size, file format, last modified timestamp and in the color palette might point out
the existence of a hidden message, but this will not always be the case. A widely used
technique for image scanning involves statistical analysis. Most steganographic algorithms
that work on images, assume that the least-significant bit is more or less random. This is
however, an incorrect assumption. While the LSB might not seem to be of much
importance, applying a filter which only shows the least-significant bits will still produce a
recognizable image. Since this is the case, it can be concluded that the LSB are not
random at all, but actually contain information about the whole image. When inserting a
hidden message into an image, this property changes. Especially with encrypted data,
which has very high entropy, the LSB of the cover image will no longer contain information
about the original, but because of the modifications they will now be more or less random.
With a statistical analysis on the LSB, the difference between
random values and real image values can easily be detected. Using this technique, it is
also possible to detect messages hidden inside JPEG files with the DCT method, since this
also involves LSB modifications, even though these take place in the frequency domain.
For higher order statistical analysis image matrices method is used.
IMAGE QUALITY MATRICES
Image quality metrics are often used for coding artifact evaluation,
performance prediction of vision algorithms, quality loss due to sensor inadequacy, etc.
Steganographic schemes, whether by spread-spectrum, quantization modulation, or LSB
insertion/modification, can be represented as a signal addition to the cover image. In this
context, Avcibas and colleagues hypothesis is that steganographic schemes leave
statistical evidences that can be exploited for detection with the aid of IQMs and
multivariate regression analysis of variance (ANOVA).
Using ANOVA, the authors have pointed out that the following IQMs
are the best feature generators: mean absolute error, mean square error, Czekznowski
correlation, image fidelity, cross correlation, spectral magnitude distance, normalized mean
square, HVS error, angle mean, median block spectral phase distance, and median block
weighted spectral distance.
A linear function of the IQMs is given by
y1 = 1x11 + 2x12 + . . . + qx1q + 1
y2 = 2x21 + 2x22 + . . . + qx2q + 2
...
yN = nxn1 + 2x12 + . . . + qxnq + n,
where xij is the quality coefficient for the image i = {1 . . . n} and IQM j = {1 . . . q}.
Finally, k is the regression coefficient, and is random error.
Once we calculate these coefficients, we can use the resulting coefficient vector to any
new image in order to classify it as stego or non-stego image
LIMITATIONS OF STEGANOFGRAPHY
There are limitations on the use of steganography due to the size of
the medium being used to hide the data. In order for steganography to be useful the
message should be hidden without any major changes to the object it is being embedded
in. This leaves limited room to embed a message without noticeably changing the original
object. This is most obvious in compressed files where many of the obvious candidates for
embedding data are lost.
Unfortunately, all of the methods mentioned above can also be used
to hide illicit, unauthorized or unwanted activity. What can be done to prevent or detect
issues with steganography? Other uses for steganography range from the trivial to the
abhorrent, including Criminal communications, Fraud, Hacking, Electronic payments,
Gambling, pornography, Harassment, Intellectual property offenses, viruses, pedophilia.
CONCLUSION
Steganography is a dynamic tool with a long history and the
capability to adapt to new levels of technology. It has its own place in computer data
security. By the amount of free and commercial tools available today, one can deduce that
the use of steganography is growing. Steganography is just another tool for someone to
use to hide data, and I believe it will be used more often in the future, whether for covert
communication or personal data concealment. Security professionals will surely need to be
aware of its existence as its use becomes more prevalent. Hiding a message with
steganography methods reduces the chance of a message being detected. In and of itself,
steganography is not a good solution to secrecy, but neither is simple substitution and
short block permutation for encryption. But if these methods are combined, you have much
stronger encryption routines. Like any tool, steganography is neither inherently good nor
evil, it is the manner in which it is used which will determine whether it is a benefit or a
detriment to our society.
REFERENCES:
1.
SUMMARY
The Right to privacyis the most comprehensive of rights and the right
most valued by civilized man.
- Justice Louis Brandies, US Supreme
Court, 1928.