2. TABLE OF CONTENTS
• Introduction
• Different Than Cryptography
• Historical Perspective
• Steganography in Written Text
• Modern Steganography
• Text In Image
• Image in Image
• Audio & Video Steganography
• UV Watermarking
• Network Steganography
• Steganalysis
• Conclusion
• References
2
3. INTRODUCTION
• Derived from the Greek words steganos (στεγανός) meaning "covered or
protected," and graphei (γραυή) meaning "writing."
• It is the art of hiding stuff in stuff so that others can’t see your stuff.
• Steganography is the practice of hiding data in other data in an effort to keep third
parties from knowing that the intended message is even there !
• Encryption's ugly step brother !
• It has art aspects since human judgment is involved.
• Principle : Principle Of Steganography.mp4
3
4. DIFFERENT THAN CRYPTOGRAPHY
• Cryptography is the essence to prepare a message in such a way that unauthorized
parties aren’t able to understand it while as Steganography is the essence to
embed secret messages within seemingly innocent carriers such that unauthorized
parties are unaware of the communication.
• Cryptography provides privacy, Steganography is intended to provide secrecy.
• Steganography
– hide, without altering
– obfuscates the fact of communication, not the data
– preventative - deters attacks
• Cryptography
– alter, without hiding
– obfuscates the data, not the fact of communication
– curative - defends attacks
4
5. HISTORICAL PERSPECTIVE
• Dates back to 400 BC when Histaeus sent a message, by shaving the
head of his most trusted slave, then tattooed a message on the slave's
scalp, to his friend Aristagorus, urging revolt against the Persians.
• Demaratus tells Athens of Persia’s attack plans by writing the secret
message on a tablet, & covers it with wax.
• Chinese wrote messages on silk and encased them in balls of wax. The
wax ball, "la wan," could then be hidden in the messenger.
• A more subtle method, nearly as old, is to use invisible ink( lemon juice,
milk, or urine, all of which turn dark when held over a flame).
• Microdots used by Germany in WW2 documents shrunk to the size of a
dot & embedded within innocent letters. Inkjet dots smaller than human
eyes can see.
5
Wentworth Miller
[Prison Break Serial]
6. b. Microdot
c. First Publication on Steganography
Also the first book on Steganography was entitled “Steganograpia” written by Johannes Trithemius in the
6
XVI century.
7. • Proposed by Girolamo Cardano in XV century.
• Carden grille was a sheet of parchment with
apertures for writing text.
• Pricking pin holes above or below the letters in a
newspaper or article.
7
• Used by Nazi Forces in WW2.
8. PRISONER’S PROBLEM
• In 1984 Gustavus Simmons formulated this
problem.
• Two accomplices are arrested in separate
cells & are allowed to communicate via
warden who can look into the contents of
their communication.
• The prisoners are to agree on an escape
plan without raising suspicion of the warden.
• Solution is to create a subliminal
channel(communicate secretly in normal
looking communication over an insecure
channel)
8
9. STEGANOGRAPHY IN WRITTEN TEXT
• Covert text can be embedded in printed matter or in text.
• Embedding can also be by means of altering the
appearance of text as
a) Skewing
b) Altering
space
c) Offsetting
d) Font color alterations.
9
10. In 2004 it was revealed that several printer manufactures use steganography to hide
information about printer serial numbers and the manufacturing code to track
counterfeits.
Brother, Canon, Dell, Epson, HP, IBM, Konica Minolta, Kyocera, Lanier, Lexmark,
Ricoh, Toshiba, Xerox
10
11. • An actual message from German spy “read second letter in each word”
(example of NULL CIPHER)
“Apparently neutral's protest is thoroughly discounted and ignored.
Isman hard hit. Blockade issue affects pretext for embargo on byproducts, ejecting suets and vegetable oils”.
Pershing sails from NY June 1
• We explore new steganographic and cryptographic algorithms and
techniques throughout the world to produce
wide variety and
security in the electronic web called the Internet.
Explore The World Wide Web
• Use Different fonts to indicate 0/1 of letter encodings(Francis Bacon
Cipher)
• Laser printers can adjust spacing of lines and characters by less
than 1/300th of an inch. To hide a zero, leave a standard space,
and to hide a one leave 1/300th of an inch more than usual. Varying
the spacing over an entire document can hide a short binary
message that is undetectable by the human eye.
11
12. MODERN STEGANOGRAPHY
• Hiding one message within another(“container”)
• Most containers are rich media
Images, audio, video are very redundant, can be tweaked without affecting human eye/ear
US argued that Al_QAIDA implanted instructions within taped interviews.
• Copyright notices embedded in digital art
Prove ownership(Watermarking)
Serial number embedded to prevent replication
Seek infringements on the web using spiders/crawlers
• Digital cameras EXIF(Exchangeable Image File Format) tags
Not secretive but hidden from the eye
Embed info such as camera type, date, shutter speed, focal length..
• Similarly, possible to embed messages in invisible part of html pages
12
13. TEXT IN IMAGE (2 METHODS)
• Consider a 8-bit grey scale image
One pixel of information is stored using 8 bits.
There are 256 different variations of grey.
• As a simple example of least significant bit(LSB) substitution, imagine "hiding" the character 'G'
across the following eight bytes of a carrier file (the least significant bits are underlined):
10010101 00001101 11001001 10010110
00001111 11001011 10011111 00010000
• A 'G' is represented in the American Standard Code for Information Interchange (ASCII) as the binary
string 01000111. These eight bits can be "written" to the least significant bit of each of the eight carrier
bytes as follows:
10010100
00001101
11001000 10010110
00001110
11001011
10011111 00010001
• In the sample above, only half of the least significant bits were actually changed (shown above in
italics). This makes some sense when one set of zeros and ones are being substituted with another
13
set of zeros and ones.
14. LSB ADVANTAGES AND DISADVANTAGES
Advantages
• Does not change the size of the file
• Is harder to detect than other steganography
techniques
Disadvantages
• Normally must use the original program to
hide and reveal data
• If the picture with the hidden information is
converted to another format, then the hidden
data may be lost
14
15. CAN YOU TELL THE DIFFERENCE
Original
Before Encoding:
255,0,0
FF,00,00
11111111,00000000,00000000
After Encoding “101”:
255,0,1
FF,00,01
11111111,00000001,00000001
Same file with “I should
be able to hold 37
bytes!!!” encoded
15
16. IMAGE IN IMAGE
The Image used for embedding should be 8 times greater than the image which is supposed to be kept
hidden.
16
17. AUDIO & VIDEO STEGANORAPHY
AUDIO
VIDEO
• Data is hidden by modifying sample data.
• Coding still frames - spatial or frequency
• Uncompressed audio formats
• data encoded during refresh
– WAV (Waveform Audio File Format)
– BWF (Broadcast Wave Format)
– MBWF (Multichannel Broadcast Wave
Format)
• Compressed audio formats
closed captioning
• visible watermarking
used by most networks (logo at bottom-right)
Example : Audio Steganography.mp4
Lossy
• MP3
• Advanced Audio Coding (AAC)
Lossless
• Free Lossless Audio Codec (FLAC)
• Direct Stream Transfer (DST)
17
18. UV WATERMARKING
Spatial domain watermarking
• bit flipping
• color separation
Frequency domain watermarking
• embed signal in select frequency bands (e.g. high frequency areas)
18
19. NETWORK STEGANOGRAPHY
• Network Steganography
Information hiding techniques which can be utilized to exchange steganograms in telecommunication networks.
Can be Intra-protocol or Inter-protocol
unused bits in packet headers
IP(Type of service, Flags, fragment offset, etc.)
TCP(Sequence Number)
• LACK(Lost Audio Packet Steganography)
Hide information in packet delay.
• HICCUPS (Hidden Communication System for Corrupted Networks)
Disguise information as natural “distortion” or noise.
• Operating System
unused memory
slack space(Fragmentation issue)
unallocated space
hidden partition
normally used to hide data from investigators
19
20. STEGANOGRAPHY VS WATERMARKING
Goal of steganography
• Intruder cannot detect a message
• Primarily 1:1 communication
Goal of Watermarking
• Intruder cannot remove or replace the message
• Primarily 1:* communication
• Example : Watermarks.mp4
20
21. STEGANALYSIS
• The art and science of steganalysis is intended to detect or estimate hidden information
based on observing some data transfer.
• In some cases, just being caught sending a message can bring suspicion, or give
information to the 3rd party
• Why is this person hiding something?
• Why all the communication right now?
• Steganalysis techniques can be classified in a similar way as cryptanalysis methods, largely
based on how much prior information is known
• Steganography-only attack: The steganography medium is the only item available for analysis.
• Known-carrier attack: The carrier and steganography media are both available for analysis.
• Known-message attack: The hidden message is known.
• Chosen-steganography attack: The steganography medium and algorithm are both known.
• Chosen-message attack: A known message and steganography algorithm are used to create
steganography media for future analysis and comparison.
• Known-steganography attack: The carrier and steganography medium, as well as the
steganography algorithm, are known discipline with few articles appearing before the late 1990s.
21
24. CONCLUSION
• Steganography & Steganalysis are still at an early stage of research.
• Although in principle secure schemes exist, practical ones with reasonable capacity are known.
• Notion for security & capacity for steganography needs to be investigated.
• Since it obvious that no system of data hiding is totally immune to attacks. However,
steganography has its place in security. It in no way can replace cryptography, but is
intended to supplement it. Its application in watermarking for use in detection of unauthorized,
illegally copied material is continually being realized and developed.
• The growing number of communication protocols, services and computing environments
offers almost unlimited opportunities for displaying a whole spectrum of steganographic
methods.
24