ACSG 500  -   Presentation 1 <ul><li>STEGANOGRAPHY   </li></ul><ul><li>“ The Art of Hiding Data” </li></ul><ul><li>Sarin T...
Steganography  –   Table of Contents <ul><li>Introduction – What is ?? </li></ul><ul><li>History </li></ul><ul><li>Stego V...
Steganography  –   Definition and Origin <ul><li>“ The art of  hiding messages in such a way that no one but  the sender a...
Steganography  – A brief history <ul><li>Dates back to 440 BC. </li></ul><ul><ul><li>Herodotus and wax tablets </li></ul><...
Steganography   Vs  Cryptography <ul><li>Same Purpose   –   To hide/protect important information </li></ul><ul><li>But di...
Digital Steganography   –   Types  <ul><li>Mainly deals with hiding information within other files </li></ul><ul><ul><li>T...
Digital Steganography   –   Techniques  <ul><li>Three common techniques used  </li></ul><ul><ul><li>Substitution: LSB Meth...
Working Principle  – The Embedding Model HIDDEN INFO STEGO OUTPUT COVER  MEDIUM INFO  Stego Key Encryption Key
Steganography  –   Example <ul><li>Can you spot the difference? One of them has a hidden message </li></ul>
Steganography  –   Demo <ul><li>Live Demonstration of Steganography using S – Tools </li></ul><ul><ul><li>Cover Medium : p...
Steganography  –   Software Tools <ul><li>Software tools – Freeware, Shareware, Commercial. </li></ul><ul><li>S – Tools </...
Steganography  –   Modern Day Uses <ul><li>Legitimate Usage </li></ul><ul><ul><li>Digital Watermarking </li></ul></ul><ul>...
Steganography  –   Modern Day Uses <ul><li>Illegitimate Usage </li></ul><ul><ul><li>Corporate Espionage </li></ul></ul><ul...
Steganography  –   Recon <ul><li>Niels Provos and Peter Honeyman @ University of Michigan  </li></ul><ul><ul><li>Tools use...
Steganalysis  <ul><li>“ It is the technique used to discover the existence of hidden information”. </li></ul><ul><li>Simpl...
Steganography  –   Conclusion <ul><li>Steganography in it’s multitude of forms can be equally effective in being construct...
References <ul><li>White Papers </li></ul><ul><ul><li>http://www.sans.org/reading_room/whitepapers/stenganography/steganog...
The End <ul><li>Any Q ?? No </li></ul><ul><li>Thank You Again. </li></ul>
Upcoming SlideShare
Loading in …5
×

Steganography - The art of hiding data

19,130
-1

Published on

Presentation on Steganography (ACSG 500)

Published in: Education, Technology, Travel
2 Comments
18 Likes
Statistics
Notes
  • okay finnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnne
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • niiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiic
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
No Downloads
Views
Total Views
19,130
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
1,791
Comments
2
Likes
18
Embeds 0
No embeds

No notes for slide

Steganography - The art of hiding data

  1. 1. ACSG 500 - Presentation 1 <ul><li>STEGANOGRAPHY </li></ul><ul><li>“ The Art of Hiding Data” </li></ul><ul><li>Sarin Thapa </li></ul>
  2. 2. Steganography – Table of Contents <ul><li>Introduction – What is ?? </li></ul><ul><li>History </li></ul><ul><li>Stego Vs Crypto </li></ul><ul><li>Digital Steganography - Types </li></ul><ul><li>Digital Steganography - Common Techniques </li></ul><ul><li>The “Embedding Model” </li></ul><ul><li>An example </li></ul><ul><li>A Live Demo using S - Tools </li></ul><ul><li>Steganography Software's and Tools </li></ul><ul><li>Modern Day Uses - Legitimate </li></ul><ul><li>Modern Day Uses - Illegitimate </li></ul><ul><li>The “E-Bay” Dig </li></ul><ul><li>Steganalysis </li></ul><ul><li>Conclusion </li></ul><ul><li>References </li></ul>
  3. 3. Steganography – Definition and Origin <ul><li>“ The art of hiding messages in such a way that no one but the sender and the intended recipient knows about the very existence of the message”. </li></ul><ul><li>Greek Word, Steganos – “covered”, Graphie – “writing” </li></ul><ul><li>The strength of Steganography is “ Stealth” </li></ul>
  4. 4. Steganography – A brief history <ul><li>Dates back to 440 BC. </li></ul><ul><ul><li>Herodotus and wax tablets </li></ul></ul><ul><ul><li>Histiaeus, tattooed slave, Persian War </li></ul></ul><ul><li>World War II </li></ul><ul><ul><li>Microdots, Invisible inks and Null ciphers </li></ul></ul><ul><ul><ul><li>e.g. A fter t he t heater , a ll c lients k eep a t ab d own a t W esley’s N ook . </li></ul></ul></ul><ul><ul><ul><li>Attack at dawn (Using the first letter of every world in the sentence) </li></ul></ul></ul><ul><ul><li>Navajo code-talkers of U.S. Marine Corps </li></ul></ul><ul><li>More recently the USS Pueblo incident in 1968 </li></ul><ul><ul><li>Sign Language </li></ul></ul>
  5. 5. Steganography Vs Cryptography <ul><li>Same Purpose – To hide/protect important information </li></ul><ul><li>But different approach </li></ul><ul><ul><li>Steganography – conceals information, making it unseen </li></ul></ul><ul><ul><li>Cryptography – encrypts information, making it unreadable. </li></ul></ul><ul><li>Crypto + Steno = Added layer of security (one complements the other) </li></ul>
  6. 6. Digital Steganography – Types <ul><li>Mainly deals with hiding information within other files </li></ul><ul><ul><li>Text, Image, Audio, Video </li></ul></ul><ul><li>Types </li></ul><ul><ul><li>Hiding in Text </li></ul></ul><ul><ul><ul><li>By manipulating the lines and words, in HTML file </li></ul></ul></ul><ul><ul><li>Hiding in Images </li></ul></ul><ul><ul><ul><li>LSB insertion, Masking, Filtering, New File </li></ul></ul></ul><ul><ul><li>Hiding in Disk Space </li></ul></ul><ul><ul><ul><li>Unused or reserved disk space </li></ul></ul></ul><ul><ul><li>Hiding in Software and Circuitry </li></ul></ul><ul><ul><li>Hiding in Network packets </li></ul></ul><ul><ul><li>Hiding in strands of Human DNA (Genome Steg.) </li></ul></ul>
  7. 7. Digital Steganography – Techniques <ul><li>Three common techniques used </li></ul><ul><ul><li>Substitution: LSB Method – replaces the last bit in a byte </li></ul></ul><ul><ul><ul><li>Advantage: Simplest approach to hide data in an image file </li></ul></ul></ul><ul><ul><ul><li>Disadvantage: does not take well with file changing </li></ul></ul></ul><ul><ul><li>Injection: embedding the message directly into the carrier object </li></ul></ul><ul><ul><ul><li>Disadvantage: Makes the file size much larger </li></ul></ul></ul><ul><ul><li>Generation of a new file: Start from scratch </li></ul></ul><ul><ul><ul><li>Advantage : There is never an original file to compare to </li></ul></ul></ul>
  8. 8. Working Principle – The Embedding Model HIDDEN INFO STEGO OUTPUT COVER MEDIUM INFO Stego Key Encryption Key
  9. 9. Steganography – Example <ul><li>Can you spot the difference? One of them has a hidden message </li></ul>
  10. 10. Steganography – Demo <ul><li>Live Demonstration of Steganography using S – Tools </li></ul><ul><ul><li>Cover Medium : petronas.bmp ( An Image File) </li></ul></ul><ul><ul><li>Hidden Material : fishtail.bmp ( An Image File) + Multiple (Text Files – Hamlet.txt, Macbeth.txt, Merchant.txt, Notice.txt,etc </li></ul></ul><ul><ul><li>You won’t see a change in the file size </li></ul></ul><ul><ul><li>A good practice is to use your own cover medium to obscure the point of reference </li></ul></ul>
  11. 11. Steganography – Software Tools <ul><li>Software tools – Freeware, Shareware, Commercial. </li></ul><ul><li>S – Tools </li></ul><ul><ul><li>Excellent tool for hiding files in GIF, BMP and WAV files </li></ul></ul><ul><li>MP3Stego </li></ul><ul><ul><li>Mp3. Offers quality sound at 128 kbps </li></ul></ul><ul><li>Hide4PGP </li></ul><ul><ul><li>BMP, WAV, VOC </li></ul></ul><ul><li>JP Hide and Seek </li></ul><ul><ul><li>jpg </li></ul></ul><ul><li>Text Hide ( commercial) </li></ul><ul><ul><li>text </li></ul></ul><ul><li>Stego Video </li></ul><ul><ul><li>Hides files in a video sequence </li></ul></ul><ul><li>Spam mimic </li></ul><ul><ul><li>encrypts short messages into email that looks like spam </li></ul></ul><ul><ul><li>http://spammimic.com </li></ul></ul><ul><li>Steganos Security Suite (Commercial) and Many Many More… </li></ul>
  12. 12. Steganography – Modern Day Uses <ul><li>Legitimate Usage </li></ul><ul><ul><li>Digital Watermarking </li></ul></ul><ul><ul><ul><li>Prevent illegal modification, copying, distribution </li></ul></ul></ul><ul><ul><ul><ul><li>e.g. DVD recorders detect copy protection on DVDs that contain embedded authorizations </li></ul></ul></ul></ul><ul><ul><ul><li>Identify in Ownership disputes, content authentication </li></ul></ul></ul><ul><ul><li>Provide explanatory information with an images (like doctor’s notes accompanying an X-Ray) </li></ul></ul><ul><ul><li>Printers </li></ul></ul><ul><ul><ul><li>Tiny Yellow dots, barely visible, contains date & time-stamps, encoded serial numbers </li></ul></ul></ul><ul><ul><li>Used to hide the existence of sensitive files on storage media </li></ul></ul>
  13. 13. Steganography – Modern Day Uses <ul><li>Illegitimate Usage </li></ul><ul><ul><li>Corporate Espionage </li></ul></ul><ul><ul><ul><li>Theft of Trade Secrets </li></ul></ul></ul><ul><ul><li>Terrorism </li></ul></ul><ul><ul><ul><li>USA today article by Jack Kelly – “ Terror groups hide behind Web encryption” (February 5, 2001) </li></ul></ul></ul><ul><ul><ul><li>Hiding secrets in websites like E-Bay, Amazon, Porn Websites, transmission via chat rooms, P2P sharing networks, etc. </li></ul></ul></ul><ul><ul><ul><li>However, no official proof or record has been produced </li></ul></ul></ul><ul><ul><li>Child Pornography </li></ul></ul>
  14. 14. Steganography – Recon <ul><li>Niels Provos and Peter Honeyman @ University of Michigan </li></ul><ul><ul><li>Tools used: StegDetect, StegBreak, Crawl, Disconcert </li></ul></ul><ul><ul><li>2 million images on E – bay site scanned. </li></ul></ul><ul><ul><li>Only 1 stego-image found </li></ul></ul>sovereigntime.jpg &quot;B-52 graveyard&quot; at Davis-Monthan Air Force Base
  15. 15. Steganalysis <ul><li>“ It is the technique used to discover the existence of hidden information”. </li></ul><ul><li>Simply put, A counter-measure to Steganography </li></ul><ul><li>For additional info : Please see the reference or “google” </li></ul>
  16. 16. Steganography – Conclusion <ul><li>Steganography in it’s multitude of forms can be equally effective in being constructive as well as destructive </li></ul><ul><li>This presentation covers only a tiny fraction of the whole gamut that might go well beyond digital images, text, audio, and video only. </li></ul><ul><li>Like, voice, communication channels, protocols (TCP/IP), other text and binaries </li></ul><ul><li>Inherently, it is neither good or bad. It is the manner in which it is used that will decide the outcome </li></ul>
  17. 17. References <ul><li>White Papers </li></ul><ul><ul><li>http://www.sans.org/reading_room/whitepapers/stenganography/steganography_past_present_future_552 </li></ul></ul><ul><ul><li>http://www.sans.org/reading_room/whitepapers/stenganography/steganography_the_right_way_1584 </li></ul></ul><ul><ul><li>http://www.sans.org/reading_room/whitepapers/stenganography/mp3stego_hiding_text_in_mp3_files_550 </li></ul></ul><ul><ul><li>http://www.sans.org/reading_room/whitepapers/stenganography/steganography_and_steganalysis_an_overview_553 </li></ul></ul><ul><li>Others </li></ul><ul><ul><li>http://www.jjtc.com/Steganography/ </li></ul></ul><ul><ul><li>http://www.garykessler.net/library/steganography.html </li></ul></ul><ul><ul><li>http://www.stegoarchive.com </li></ul></ul><ul><ul><li>http://www.securityfocus.com/ </li></ul></ul><ul><ul><li>http://www.spammimic.com </li></ul></ul>
  18. 18. The End <ul><li>Any Q ?? No </li></ul><ul><li>Thank You Again. </li></ul>
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×