Published on

Published in: Education, Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide


  1. 1. Problem DefinitionA classic problem of computer security is the mitigation of covert channels. Firstintroduced by Lampson , a covert channel in a (single-host or distributed) computersystem can be roughly defined as any means by which two processes or users canexchange information in violation of security policy. While the exact detection of usablecovert channels in a system is un decidable, many conservative.Approaches exist to detect and eliminate all potential covert channels; for example, theUS Department of Defense “Light Pink Book” on covert channel analysis includesdetailed procedures to find and eliminate covert channels. Unfortunately, the cost of suchelimination is often prohibitive; in this case, the Light Pink Book recommends techniquesto limit the bandwidth of covert channels and requires auditing to detect any use of thecovert channel.Problem IdentificationThis Project we focuses on the dual problem of steganography How can twocommunicating entities send secret messages over a public or audited channel so that athird party such as the reference monitor cannot detect the presence of the secretmessages? Notice how the goal of steganography is different from classical encryption,which seeks to conceal the content of secret messages: Steganography is about hiding thevery existence of the secret messages.we use techniques from cryptography and complexity theory to answer the question“under what conditions is (secure) steganography possible?” We give cryptographicdefinitions for symmetric-key stegosystems and steganographic secrecy against a passiveadversary in terms of indistinguishability from a probabilistic channel process. We show that a widely believed complexitytheoretic assumption (the existence ofa one-way function) and access to a channel oracle are both necessary and sufficientconditions for the existence of secure steganography relative to any channel. Wefurthermore give a construction that has essentially optimal bandwidth when comparedwith known provably secure constructions. Finally, we consider the question of robuststeganographythat resists attempts to censor the use of a covert channel; we prove necessary andsufficient conditions for the existence of a secure robust stegosystem and give a provablyrobust stegosystem with nearly optimal bandwidth under attack.
  2. 2. Existing System: Classic problem of computer security is the mitigation of covert channels, acovert channel in a (single-host or distributed) computer system can be roughly definedas any means by which two processes or users can exchange information in violation ofsecurity policy. While the exact detection of usable covert channels in a system isundividable, many conservative approaches exist to detect and eliminate all potentialcovert channels.Proposed System: Focuses on the dual problem of steganography how can two communicatingentities send secret messages over a public or audited channel so that a third party such asthe reference monitor cannot detect the presence of the secret messages the goal ofsteganography is different from classical encryption, which seeks to conceal the contentof secret messages. Steganography is about hiding the very existence of the secretmessages. We give a necessary condition on the amount of disruption the adversary isallowed in terms of a worst case measure of mutual information. We give a constructionthat is provably secure and computationally efficient and has nearly optimal bandwidth,assuming repeatable access to the channel distributionSystem configurationHardware Requirements:
  3. 3. Processor Type : Pentium -IV Speed : 2.4 GHZ Ram : 512 MB RAM Hard disk : 20 GB HD (Min)Software Requirements: Operating System : Win2000/XP/Linux Programming Package : JAVA / J2EE. Tools : Eclipse.5.1 SDK : JDK1.5.0. Server : Tomcat server 5.0SYSTEM DESIGN3.1 Design Overview Input- Video Processing Stegnography Reverse Processing Video+ Image Input- Image
  4. 4. Modules In this project we are having four modules for the video stegnograpghModules: 1. Choosing the Input Files(Video and Image) 2. Stgenography processing 3. Reverse the Stegnography 4. Checking the Files after stegnographyModule 1: Choosing the Input Files(Video and Image) In this module user should select the input file as video and image file. Image filesize should be less that video file. After processing the these things will be in the separatefolderModule 2: Stgenography processingModule 3: Reverse the StegnographyModule 4: Checking the Files after stegnographyIf someone has decided to hide their data, they will probably be able to do so fairlyeasily. The only way to detect steganography is to be actively looking for in specific files,or to get very lucky. Sometimes an actively enforced security policy can provide theanswer: this would require the implementation of company-wide acceptable use policiesthat restrict the installation of unauthorized programs on company computers.
  5. 5. Using the tools that you already have to detect movement and behavior of traffic on yournetwork may also be helpful. Network intrusion detection systems can helpadministrators to gain an understanding of normal traffic in and around your network andcan thus assist in detecting any type of anomaly, especially with any changes in thebehavior of increased movement of large images around your network. If theadministrator is aware of this sort of anomalous activity, it may warrant furtherinvestigation. Host-based intrusion detection systems deployed on computers may alsohelp to identify anomalous storage of image and/or video files.Two methods of attacking steganography, which really are also methods of detecting it.They are the visual attack (actually seeing the differences in the files that are encoded)and the statistical attack: "The idea of the statistical attack is to compare the frequencydistribution of the colors of a potential stego file with the theoretically expectedfrequency distribution for a stego file." It might not be the quickest method of protection,but if you suspect this type of activity, it might be the most effective. For JPEG filesspecifically, a tool called Stegdetect, which looks for signs of steganography in JPEGfiles, can be employed. Stegbreak, a companion tool to Stegdetect, works to decryptpossible messages encoded in a suspected steganographic file, should that be the path youwish to take once the stego has been detected.CONCLUSION AND FUTURE SCOPESteganography is a fascinating and effective method of hiding data that has been usedthroughout history. Methods that can be employed to uncover such devious tactics, butthe first step are awareness that such methods even exist. There are many good reasons aswell to use this type of data hiding, including watermarking or a more secure centralstorage method for such things as passwords, or key processes, video, audio..etc .Regardless, the technology is easy to use and difficult to detect. The more that you knowabout its features and functionality, the more ahead you will be in the game.