Bahaa Aladdin, profile picture
Uploaded byBahaa Aladdin
PPTX, PDF3,655 views

Steganography

The document discusses steganography, which is hiding messages within other files or signals in a way that is not detectable. It defines steganography as "the art of hiding messages in such a way that no one but the sender and the intended recipient knows about the very existence of the message." The document outlines different forms of steganography including hiding information in text, images, audio and video files. It also discusses some known uses of steganography such as economic espionage, terrorism, and child pornography.

Embed presentation

Downloaded 400 times
Steganography Bahaa Aladdin
Steganography – Definition and Origin  “The art of hiding messages in such a way that no one but the sender and the intended recipient knows about the very existence of the message”.  Greek Word, Steganos – “covered”, Graphie – “writing”  The word steganography is derived from the Greek words steganos which means covered and graphie which means writing. Thus, steganography literally means "covered writing."  The strength of Steganography is “ Stealth”
Steganography Forms Steganography comes in different forms:  Hidden information in Text Files  Hidden information in Image Files  Hidden information in Document Files  Hidden information in Video Files  Hidden information in Audio Files  Hidden information in E-Mails
Who’s Using It? • Kinds of users include:  Trade fraud  Industrial espionage  Organized crime  Narcotics traffickers  Child pornographers  Criminal gangs  Individuals concerned about perceived government “snooping”  Those who want to circumvent restrictive encryption export rules  Anyone who wants to communicate covertly and anonymously A message sent by a German spy during World War II read: “Apparently neutral’s protest is thoroughly discounted and ignored. Isman hard hit. Blockade issue affects for pretext embargo on by-products, ejecting suets and vegetable oils.” By taking the second letter of every word the hidden message “Pershing sails for NY June 1” can be retrieved.
Some Known Uses of Steganography  Economic espionage - used to exfiltrate information from a major European automaker  Political extremists - increasingly being used for secure communications.  Fraud - used as a “digital dead drop” to hide stolen card numbers on a hacked Web page  Pedophilia - used to store and transmit pornographic images  Terrorism - used to hide terrorist communications over the Internet, e.g, Osama bin Laden’s alleged use of steganography
Terrorism In a New York Times article that was published in October of 2001, French defense ministry officials reported the use of steganography by terrorists that were planning on blowing up the U.S. embassy in Paris. They were reportedly instructed to communicate solely through pictures on the internet, and supposedly had connections to Al Qaeda.
Terrorism  Alleged use of stego by Osama bin Laden, (Feb ‘01)  Stego’d messages hidden on Web sites to plan attacks against the US  Maps, target photos hidden in sports chat rooms, pornographic bulletin boards, popular Web sites
Terminology  Steganography  It is the practice of disguising the existence of a message  stego-object The combination of hidden data-plus-cover is known as the stego-object  Cover Generally, innocent looking carriers, e.g., pictures, audio, video, text, etc. that hold the hidden information  Stegokey An additional piece of information, such as a password or mathematical variable, required to embed the secret information
Formula for steganographic process: cover_medium + hidden_data + stego_key = stego_medium
Formula for steganographic process:
Steganography Today Steganography Today, however, is significantly more sophisticated than the examples above suggest, allowing a user to hide large amounts of information within image and audio files. These forms of steganography often are used in conjunction with cryptography so that the information is doubly protected; first it is encrypted and then hidden so that an adversary has to first find the information (an often difficult task in and of itself) and then decrypt it.
Steganography types Steganography can be split into two types, these are Fragile and Robust. Fragile steganography involves embedding information into a file which is destroyed if the file is modified. This method is unsuitable for recording the copyright holder of the file since it can be so easily removed, but is useful in situations where it is important to prove that the file has not been tampered with, such as using a file as evidence in a court of law, since any tampering would have removed the watermark. Fragile steganography techniques tend to be easier to implement than robust methods.
Steganography types Robust marking aims to embed information into a file which cannot easily be destroyed. Although no mark is truly indestructible, a system can be considered robust if the amount of changes required to remove the mark would render the file useless. Therefore the mark should be hidden in a part of the file where its removal would be easily perceived. There are two main types of robust marking. Fingerprinting involves hiding a unique identifier for the customer who originally acquired the file and therefore is allowed to use it. Should the file be found in the possession of somebody else, the copyright owner can use the fingerprint to identify which customer violated the license agreement by distributing a copy of the file. Unlike fingerprints, watermarks identify the copyright owner of the file, not the customer. Whereas fingerprints are used to identify people who violate the license agreement watermarks help with prosecuting those who have an illegal copy. Watermarks are typically hidden to prevent their detection and removal
One of the most widely used applications is for so- called digital watermarking. A watermark, historically, is the replication of an image, logo, or text on paper stock so that the source of the document can be at least partially authenticated. A digital watermark can accomplish the same function; a graphic artist, for example, might post sample images on her Web site complete with an embedded signature so that she can later prove her ownership in case others attempt to portray her work as their own. In these days, watermarking is popularly used as a proof of ownership of digital data by embedding copyright statements into the digital media. It's also used for fingerprinting and broadcast monitoring (in case of illegal broadcasting) etc.
Steganography and Cryptography Steganography and Cryptography Unknown message passing Known message passing Steganography prevents discovery of Encryption prevents an unauthorized the very existence of communication party from discovering the contents of a communication Little known technology Common technology Technology still being developed for Most of algorithm known by all certain formats Once detected message Strong current algorithms are is known currently resistant to attack, larger expensive computing power is required for cracking Steganography does not alter the Cryptography alter the structure of the structure of the secret message secret message
Example Encryption Steganography (Contains embedded encrypted message)
Algorithms and Techniques There are three different techniques you can use to hide information in a cover file 1. Injection or insertion 2. Substitution 3. Generation
Algorithms and Techniques 1-INJECTION (or insertion). you store the data you want to hide in sections of a file that are ignored by the processing application. By doing this you avoid modifying those file bits that are relevant to an end-user—leaving the cover file perfectly usable. For example, you can add additional harmless bytes in an executable or binary file. Because those bytes don't affect the process the end-user may not even realize that the file contains additional hidden information However, using an insertion technique changes file size according to the amount of data hidden and therefore, if the file looks unusually large, it may arouse suspicion
Algorithms and Techniques 2-SUBSTITUTION. Using this approach, you replace the least significant bits of information that determine the meaningful content of the original file with new data in a way that causes the least amount of distortion. The main advantage of that technique is that the cover file size does not change after the execution of the algorithm. On the other hand, the approach has at least Two Drawbacks First, the resulting stego file may be adversely affected by quality degradation—and that may arouse suspicion. Second, substitution limits the amount of data that you can hide to the to the number of insignificant bits in the file.
Algorithms and Techniques 3- GENERATION. Unlike injection and substitution, this technique doesn't require an existing cover file this technique generates a cover file for the sole purpose of hiding the message The main flaw of the insertion and substitution techniques is that people can compare the stego file with any pre-existing copy of the cover file (which is supposed to be the same file) and discover differences between the two. You won't have that problem when using a generation approach, because the result is an original file, and is therefore immune to comparison tests
How Is Hiding Typically Done? • The simpler techniques replace example the least significant bit (LSB) of each byte in the cover with a single bit for the hidden message • Frequently, these are encrypted as well Hidden message 10110010 … 11100101 01001110 10101101 10010111 … 01011010 Least Significant Bit Cover
Detection and Analysis
Need for Improved Detection  Growing awareness of data hiding techniques and uses  Availability and sophistication of shareware and freeware data hiding software  Concerns over use to hide serious crimes, e.g., drug trafficking, pedophilia, terrorism  Frees resources currently spent on investigating cases with questionable/unknown payoff  Legislative calls
Some Indicators of Data Hiding Activity Evidence of steganography software on computer Forensics examination Hashes of well-known files don’t match originals Transmission logs Excessive/unusual e-mails involving pictures, sound files, etc. Discernable (visual) changes Statistical analysis
Detection Can steganography be detected? Sometimes…many of the simpler steganographic techniques produce some discernable change in the file size, statistics, or both. For image files, these include: Color variations Loss of resolution or exaggerated noise Images larger in size than that to be expected Characteristic signatures, e.g., distortions or patterns However, detection often requires a priori knowledge of what the image or file should look like
Detection Challenges (1/2) Stego software developers understand their products’ weaknesses and have made significant improvements: minimal carrier degradation makes embedded data harder to perceive visually better modification immunity e.g., affine invariance, immunity to channel noise, compression, conversion use of error correction coding ensures integrity of hidden data These improvements have led to even greater difficulty in detection
Detection Challenges (2/2) Lack of tools and techniques to recover the hidden data No commercial(effective) products exist for detection Custom tools are analyst-intensive Few methods beyond visual analysis of graphics files have been explored Usually, no a priori knowledge of existence No access to stegokey Use of unknown applications
Steganalysis Several on-going research activities for improving steganographic analysis methods Some research is focusing on processing techniques to reveal features in files that will: Blindly, with no a priori knowledge, indicate the presence of hidden data Uniquely identify known stego packages Some explaining follow...
"Blind" Steganography Detection Blind detection: attempts to determine if a message may be hidden in a file without any prior knowledge of the specific steganography application used to hide the information. Several techniques may be employed to inspect suspect files including various visual, structural, and statistical methods.
Complications blind detection Four Complications are possible when implementing blind detection techniques for steganalysis: The suspect file may or may not have any information hidden in it in the  first place The hidden message may have been encrypted before being hidden in the carrier file Some suspect files may have had noise or irrelevant data encoded in them which reduces the stealth aspect (i.e., makes it easier to detect use of steganography) but makes analysis very time-consuming Unless the hidden information can be found, completely recovered, and decrypted (if encrypted), it is often not possible to be sure whether the suspect carrier file contained a hidden message in the first place- all the user end up with is a probability that the suspect carrier file may have something hidden within it
Analytical Steganography Detection The analytical approach to steganalysis has been developed by the Steganography Analysis and Research Center as a byproduct of extensive research of Steganography applications and the techniques they employ to embed hidden information within files. The premise of this approach is to first determine if any residual file and/or Microsoft Windows Registry artifacts from a particular Steganography application exist on the suspect media. •IF residual artifacts exist, then the application was probably installed •The application was installed, then it was probably used •IF the application was used, then something was probably hidden using it The analytical approach attempts to determine if there is any evidence that a steganography application ever existed on the suspect media. Searching for files and registry entries that have been identified by the SARC as belonging to a steganography application will identify these residual artifacts. The goal is to determine what application was used, what type(s) of carrier files it may have been used on, and finding what was hidden by that particular application.
Steganography – Software Tools  Software tools – Freeware, Commercial.  S – Tools  Excellent tool for hiding files in GIF, BMP and WAV files  MP3Stego  Mp3. Offers quality sound at 128 kbps  Hide4PGP  BMP, WAV, VOC  JP Hide and Seek  jpg  Text Hide ( commercial)  text  Stego Video  Hides files in a video sequence  Spam mimic  encrypts short messages into email that looks like spam  http://spammimic.com  Steganos Security Suite (Commercial)  and Many Many More………………………………………………………….
Stegdetect  Automated tool for detecting steganographic content in images  Currently-claimed detection schemes:  Jsteg  JPHide  Invisible Secrets  Outguess 0.1.3b  Windermere’s analysis shows this program is extremely unreliable and provides excessive (i.e., near 100%) false-positives
S-tools Hides info in BMP, GIF, and WAV files. just drag them over open sound/picture windows hide multiple files in one sound/picture and your data is compressed before being encrypted then hidden. Encryption services come courtesy of "cryptlib" by Peter Gutmann (and others).
OmhiHide Hide your Video or Audio File Behind Image OmhiHide PRO is a powerful data-hiding utility that allows you to hide files within other files. The output files can be used or shared like a normal file would be without anyone ever knowing of the file hidden within it. That way, your data totally stays safe from prying eyes you want to hide it from.
Xiad steganography
Summary  Steganography is primarily used to maintain anonymity and is easily available to most anyone  Sophisticated tools are readily available on the Internet, and are easy-to-use  Lack of both awareness and developed tools and analysis techniques  Only recently has the security community started to concern itself with this subject  Little public information on the use of data hiding  Development/use of information hiding products far outpaces the ability to detect/recover them; this situation is not likely to change soon
A Final Thought “I think we are perilously close to a lose-lose situation in which citizens have lost their privacy to commercial interests and criminals have easy access to absolute anonymity. That's not a world we want.” Philip Reitinger Former Senior Counsel, US Justice Department Computer Crime and Intellectual Property Division
Bahaa Aladdin

More Related Content

PDF
Steganography
byMadhani Harsh
 
PPTX
steganography
byManika Arora
 
PPT
Steganography
byPREMKUMAR
 
PPTX
Steganography in images
byNikhil Tripathi
 
PDF
Steganography Project
byUttam Jain
 
PPTX
steganography
byshiveverma
 
PPT
Steganography
byShankar Murthy
 
PPTX
Steganography in images
byAishwarya Korde
 
Steganography
byMadhani Harsh
 
steganography
byManika Arora
 
Steganography
byPREMKUMAR
 
Steganography in images
byNikhil Tripathi
 
Steganography Project
byUttam Jain
 
steganography
byshiveverma
 
Steganography
byShankar Murthy
 
Steganography in images
byAishwarya Korde
 

What's hot

PPTX
SEMINAR ON staganography
byKamonasish Hore
 
DOCX
Steganography
byAbhishek Singh
 
PPTX
VIDEO STEGANOGRAPHY
bySHAJANA BASHEER
 
PPTX
Image steganography and cryptography
byAvinash Mishra
 
PPT
Steganography.
byyprajapati
 
PPT
Data hiding - Steganography
byMohamed Talaat
 
DOC
Steganography Engineering project report
byRishab Gupta
 
PPTX
Steganography
byJosh Kumar
 
PPT
Steganography presentation
byAshwin Prasad
 
ODP
Steganography
byNikunj Dhameliya
 
DOC
Audio Steganography java project
byTutorial Learners
 
PPT
Steganography - The art of hiding data
bySarin Thapa
 
PPT
Digital watermarking
bynafees321
 
PPT
Image Steganography
byHushen Savani
 
PPTX
Steganography and its techniques
byFatema Panvelwala
 
PPTX
Steganography presentation
byBSheghembe
 
PPTX
Digital watermarking
byAnkush Kr
 
PPTX
Steganography
byDaksh Verma
 
PPTX
Image Security
bySatyendra Rajput
 
PPTX
Image Steganography
byAnkit Gupta
 
SEMINAR ON staganography
byKamonasish Hore
 
Steganography
byAbhishek Singh
 
VIDEO STEGANOGRAPHY
bySHAJANA BASHEER
 
Image steganography and cryptography
byAvinash Mishra
 
Steganography.
byyprajapati
 
Data hiding - Steganography
byMohamed Talaat
 
Steganography Engineering project report
byRishab Gupta
 
Steganography
byJosh Kumar
 
Steganography presentation
byAshwin Prasad
 
Steganography
byNikunj Dhameliya
 
Audio Steganography java project
byTutorial Learners
 
Steganography - The art of hiding data
bySarin Thapa
 
Digital watermarking
bynafees321
 
Image Steganography
byHushen Savani
 
Steganography and its techniques
byFatema Panvelwala
 
Steganography presentation
byBSheghembe
 
Digital watermarking
byAnkush Kr
 
Steganography
byDaksh Verma
 
Image Security
bySatyendra Rajput
 
Image Steganography
byAnkit Gupta
 

Viewers also liked

PPTX
Steganography ppt
byOECLIB Odisha Electronics Control Library
 
PPTX
Steganography
byPRACHETA BISWAS
 
PPT
Steganography
bybhaskarnarula
 
PDF
File000133
byDesmond Devendran
 
DOC
Steganography ProjectReport
byekta sharma
 
PPT
Honeypot and Steganography
byPreeti Yadav
 
PPTX
Steganography with RSA Algorithm
byRitu Agarwal
 
PPT
Steganography chandni verma(cse 4th year)
byChandni Verma
 
PPTX
Skin tone based steganography
byGirish Ram M
 
PDF
Audio Watermarking and Steganography
byPratik Poddar
 
PPTX
steganography and watermarking
bySaurabh Kaushik
 
PPTX
Image Steganography using LSB
bySreelekshmi Sree
 
Steganography ppt
byOECLIB Odisha Electronics Control Library
 
Steganography
byPRACHETA BISWAS
 
Steganography
bybhaskarnarula
 
File000133
byDesmond Devendran
 
Steganography ProjectReport
byekta sharma
 
Honeypot and Steganography
byPreeti Yadav
 
Steganography with RSA Algorithm
byRitu Agarwal
 
Steganography chandni verma(cse 4th year)
byChandni Verma
 
Skin tone based steganography
byGirish Ram M
 
Audio Watermarking and Steganography
byPratik Poddar
 
steganography and watermarking
bySaurabh Kaushik
 
Image Steganography using LSB
bySreelekshmi Sree
 

Similar to Steganography

PPTX
Steganography
byUttam Jain
 
PPTX
Steganography
bySonam M
 
PPT
83747965 steganography
byPrashant Shukla
 
PDF
Stegnography Systems for Securing DataFile in Image
byInternational Journal of Engineering Inventions www.ijeijournal.com
 
PPTX
Steganography
byRitesh Kayal
 
PDF
A Tutorial Review On Steganography
byBryce Nelson
 
PPTX
Steganography - Hiding in plain sight.pptx
byGerhard Claassen
 
PPTX
Steganograpy
byarvind carpenter
 
PPTX
Stegnography final
byHeena Bohra
 
PPTX
Visual Cryptography part 1-1.pptx.pptx
byThusharaBAmigoz1
 
PDF
A Review Paper On Steganography Techniques
byAudrey Britton
 
PPT
8-steganography.ppt
byKalaiselviDevaraj
 
PPT
8-steganography.ppt
byssuser4d4e5a
 
PPT
8-steganography.ppt
byakashkr0802
 
PPT
8-steganography.ppt
bySamehShenoda
 
PPTX
Steganoghraphy
byAbhishek Singh
 
PPTX
“Multimedia Steganography with Cipher Text and Compression ppt.
byPradeep Vishwakarma
 
PPT
8-steganographyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy.ppt
byganeshdas9449
 
PPTX
Steganography(Presentation)
byFirdous Ahmad Khan
 
PPT
8-steg.ppt
byragsahao2
 
Steganography
byUttam Jain
 
Steganography
bySonam M
 
83747965 steganography
byPrashant Shukla
 
Stegnography Systems for Securing DataFile in Image
byInternational Journal of Engineering Inventions www.ijeijournal.com
 
Steganography
byRitesh Kayal
 
A Tutorial Review On Steganography
byBryce Nelson
 
Steganography - Hiding in plain sight.pptx
byGerhard Claassen
 
Steganograpy
byarvind carpenter
 
Stegnography final
byHeena Bohra
 
Visual Cryptography part 1-1.pptx.pptx
byThusharaBAmigoz1
 
A Review Paper On Steganography Techniques
byAudrey Britton
 
8-steganography.ppt
byKalaiselviDevaraj
 
8-steganography.ppt
byssuser4d4e5a
 
8-steganography.ppt
byakashkr0802
 
8-steganography.ppt
bySamehShenoda
 
Steganoghraphy
byAbhishek Singh
 
“Multimedia Steganography with Cipher Text and Compression ppt.
byPradeep Vishwakarma
 
8-steganographyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy.ppt
byganeshdas9449
 
Steganography(Presentation)
byFirdous Ahmad Khan
 
8-steg.ppt
byragsahao2
 

Steganography

  • 1.
  • 2.
    Steganography – Definitionand Origin  “The art of hiding messages in such a way that no one but the sender and the intended recipient knows about the very existence of the message”.  Greek Word, Steganos – “covered”, Graphie – “writing”  The word steganography is derived from the Greek words steganos which means covered and graphie which means writing. Thus, steganography literally means "covered writing."  The strength of Steganography is “ Stealth”
  • 3.
    Steganography Forms Steganography comesin different forms:  Hidden information in Text Files  Hidden information in Image Files  Hidden information in Document Files  Hidden information in Video Files  Hidden information in Audio Files  Hidden information in E-Mails
  • 4.
    Who’s Using It? • Kinds of users include:  Trade fraud  Industrial espionage  Organized crime  Narcotics traffickers  Child pornographers  Criminal gangs  Individuals concerned about perceived government “snooping”  Those who want to circumvent restrictive encryption export rules  Anyone who wants to communicate covertly and anonymously A message sent by a German spy during World War II read: “Apparently neutral’s protest is thoroughly discounted and ignored. Isman hard hit. Blockade issue affects for pretext embargo on by-products, ejecting suets and vegetable oils.” By taking the second letter of every word the hidden message “Pershing sails for NY June 1” can be retrieved.
  • 5.
    Some Known Usesof Steganography  Economic espionage - used to exfiltrate information from a major European automaker  Political extremists - increasingly being used for secure communications.  Fraud - used as a “digital dead drop” to hide stolen card numbers on a hacked Web page  Pedophilia - used to store and transmit pornographic images  Terrorism - used to hide terrorist communications over the Internet, e.g, Osama bin Laden’s alleged use of steganography
  • 6.
    Terrorism In a NewYork Times article that was published in October of 2001, French defense ministry officials reported the use of steganography by terrorists that were planning on blowing up the U.S. embassy in Paris. They were reportedly instructed to communicate solely through pictures on the internet, and supposedly had connections to Al Qaeda.
  • 7.
    Terrorism  Alleged useof stego by Osama bin Laden, (Feb ‘01)  Stego’d messages hidden on Web sites to plan attacks against the US  Maps, target photos hidden in sports chat rooms, pornographic bulletin boards, popular Web sites
  • 8.
    Terminology  Steganography  It is the practice of disguising the existence of a message  stego-object The combination of hidden data-plus-cover is known as the stego-object  Cover Generally, innocent looking carriers, e.g., pictures, audio, video, text, etc. that hold the hidden information  Stegokey An additional piece of information, such as a password or mathematical variable, required to embed the secret information
  • 9.
    Formula for steganographicprocess: cover_medium + hidden_data + stego_key = stego_medium
  • 10.
  • 11.
    Steganography Today Steganography Today,however, is significantly more sophisticated than the examples above suggest, allowing a user to hide large amounts of information within image and audio files. These forms of steganography often are used in conjunction with cryptography so that the information is doubly protected; first it is encrypted and then hidden so that an adversary has to first find the information (an often difficult task in and of itself) and then decrypt it.
  • 12.
    Steganography types Steganography canbe split into two types, these are Fragile and Robust. Fragile steganography involves embedding information into a file which is destroyed if the file is modified. This method is unsuitable for recording the copyright holder of the file since it can be so easily removed, but is useful in situations where it is important to prove that the file has not been tampered with, such as using a file as evidence in a court of law, since any tampering would have removed the watermark. Fragile steganography techniques tend to be easier to implement than robust methods.
  • 13.
    Steganography types Robust markingaims to embed information into a file which cannot easily be destroyed. Although no mark is truly indestructible, a system can be considered robust if the amount of changes required to remove the mark would render the file useless. Therefore the mark should be hidden in a part of the file where its removal would be easily perceived. There are two main types of robust marking. Fingerprinting involves hiding a unique identifier for the customer who originally acquired the file and therefore is allowed to use it. Should the file be found in the possession of somebody else, the copyright owner can use the fingerprint to identify which customer violated the license agreement by distributing a copy of the file. Unlike fingerprints, watermarks identify the copyright owner of the file, not the customer. Whereas fingerprints are used to identify people who violate the license agreement watermarks help with prosecuting those who have an illegal copy. Watermarks are typically hidden to prevent their detection and removal
  • 14.
    One of themost widely used applications is for so- called digital watermarking. A watermark, historically, is the replication of an image, logo, or text on paper stock so that the source of the document can be at least partially authenticated. A digital watermark can accomplish the same function; a graphic artist, for example, might post sample images on her Web site complete with an embedded signature so that she can later prove her ownership in case others attempt to portray her work as their own. In these days, watermarking is popularly used as a proof of ownership of digital data by embedding copyright statements into the digital media. It's also used for fingerprinting and broadcast monitoring (in case of illegal broadcasting) etc.
  • 15.
    Steganography and Cryptography Steganography and Cryptography Unknown message passing Known message passing Steganography prevents discovery of Encryption prevents an unauthorized the very existence of communication party from discovering the contents of a communication Little known technology Common technology Technology still being developed for Most of algorithm known by all certain formats Once detected message Strong current algorithms are is known currently resistant to attack, larger expensive computing power is required for cracking Steganography does not alter the Cryptography alter the structure of the structure of the secret message secret message
  • 16.
    Example Encryption Steganography (Contains embedded encrypted message)
  • 17.
    Algorithms and Techniques Thereare three different techniques you can use to hide information in a cover file 1. Injection or insertion 2. Substitution 3. Generation
  • 18.
    Algorithms and Techniques 1-INJECTION(or insertion). you store the data you want to hide in sections of a file that are ignored by the processing application. By doing this you avoid modifying those file bits that are relevant to an end-user—leaving the cover file perfectly usable. For example, you can add additional harmless bytes in an executable or binary file. Because those bytes don't affect the process the end-user may not even realize that the file contains additional hidden information However, using an insertion technique changes file size according to the amount of data hidden and therefore, if the file looks unusually large, it may arouse suspicion
  • 19.
    Algorithms and Techniques 2-SUBSTITUTION.Using this approach, you replace the least significant bits of information that determine the meaningful content of the original file with new data in a way that causes the least amount of distortion. The main advantage of that technique is that the cover file size does not change after the execution of the algorithm. On the other hand, the approach has at least Two Drawbacks First, the resulting stego file may be adversely affected by quality degradation—and that may arouse suspicion. Second, substitution limits the amount of data that you can hide to the to the number of insignificant bits in the file.
  • 20.
    Algorithms and Techniques 3-GENERATION. Unlike injection and substitution, this technique doesn't require an existing cover file this technique generates a cover file for the sole purpose of hiding the message The main flaw of the insertion and substitution techniques is that people can compare the stego file with any pre-existing copy of the cover file (which is supposed to be the same file) and discover differences between the two. You won't have that problem when using a generation approach, because the result is an original file, and is therefore immune to comparison tests
  • 21.
    How Is HidingTypically Done? • The simpler techniques replace example the least significant bit (LSB) of each byte in the cover with a single bit for the hidden message • Frequently, these are encrypted as well Hidden message 10110010 … 11100101 01001110 10101101 10010111 … 01011010 Least Significant Bit Cover
  • 22.
  • 23.
    Need for ImprovedDetection  Growing awareness of data hiding techniques and uses  Availability and sophistication of shareware and freeware data hiding software  Concerns over use to hide serious crimes, e.g., drug trafficking, pedophilia, terrorism  Frees resources currently spent on investigating cases with questionable/unknown payoff  Legislative calls
  • 24.
    Some Indicators ofData Hiding Activity Evidence of steganography software on computer Forensics examination Hashes of well-known files don’t match originals Transmission logs Excessive/unusual e-mails involving pictures, sound files, etc. Discernable (visual) changes Statistical analysis
  • 25.
    Detection Can steganography bedetected? Sometimes…many of the simpler steganographic techniques produce some discernable change in the file size, statistics, or both. For image files, these include: Color variations Loss of resolution or exaggerated noise Images larger in size than that to be expected Characteristic signatures, e.g., distortions or patterns However, detection often requires a priori knowledge of what the image or file should look like
  • 26.
    Detection Challenges (1/2) Stegosoftware developers understand their products’ weaknesses and have made significant improvements: minimal carrier degradation makes embedded data harder to perceive visually better modification immunity e.g., affine invariance, immunity to channel noise, compression, conversion use of error correction coding ensures integrity of hidden data These improvements have led to even greater difficulty in detection
  • 27.
    Detection Challenges (2/2) Lackof tools and techniques to recover the hidden data No commercial(effective) products exist for detection Custom tools are analyst-intensive Few methods beyond visual analysis of graphics files have been explored Usually, no a priori knowledge of existence No access to stegokey Use of unknown applications
  • 28.
    Steganalysis Several on-going researchactivities for improving steganographic analysis methods Some research is focusing on processing techniques to reveal features in files that will: Blindly, with no a priori knowledge, indicate the presence of hidden data Uniquely identify known stego packages Some explaining follow...
  • 29.
    "Blind" Steganography Detection Blind detection: attempts to determine if a message may be hidden in a file without any prior knowledge of the specific steganography application used to hide the information. Several techniques may be employed to inspect suspect files including various visual, structural, and statistical methods.
  • 30.
    Complications blind detection FourComplications are possible when implementing blind detection techniques for steganalysis: The suspect file may or may not have any information hidden in it in the  first place The hidden message may have been encrypted before being hidden in the carrier file Some suspect files may have had noise or irrelevant data encoded in them which reduces the stealth aspect (i.e., makes it easier to detect use of steganography) but makes analysis very time-consuming Unless the hidden information can be found, completely recovered, and decrypted (if encrypted), it is often not possible to be sure whether the suspect carrier file contained a hidden message in the first place- all the user end up with is a probability that the suspect carrier file may have something hidden within it
  • 31.
    Analytical Steganography Detection Theanalytical approach to steganalysis has been developed by the Steganography Analysis and Research Center as a byproduct of extensive research of Steganography applications and the techniques they employ to embed hidden information within files. The premise of this approach is to first determine if any residual file and/or Microsoft Windows Registry artifacts from a particular Steganography application exist on the suspect media. •IF residual artifacts exist, then the application was probably installed •The application was installed, then it was probably used •IF the application was used, then something was probably hidden using it The analytical approach attempts to determine if there is any evidence that a steganography application ever existed on the suspect media. Searching for files and registry entries that have been identified by the SARC as belonging to a steganography application will identify these residual artifacts. The goal is to determine what application was used, what type(s) of carrier files it may have been used on, and finding what was hidden by that particular application.
  • 32.
    Steganography – SoftwareTools  Software tools – Freeware, Commercial.  S – Tools  Excellent tool for hiding files in GIF, BMP and WAV files  MP3Stego  Mp3. Offers quality sound at 128 kbps  Hide4PGP  BMP, WAV, VOC  JP Hide and Seek  jpg  Text Hide ( commercial)  text  Stego Video  Hides files in a video sequence  Spam mimic  encrypts short messages into email that looks like spam  http://spammimic.com  Steganos Security Suite (Commercial)  and Many Many More………………………………………………………….
  • 33.
    Stegdetect  Automated toolfor detecting steganographic content in images  Currently-claimed detection schemes:  Jsteg  JPHide  Invisible Secrets  Outguess 0.1.3b  Windermere’s analysis shows this program is extremely unreliable and provides excessive (i.e., near 100%) false-positives
  • 34.
    S-tools Hides info inBMP, GIF, and WAV files. just drag them over open sound/picture windows hide multiple files in one sound/picture and your data is compressed before being encrypted then hidden. Encryption services come courtesy of "cryptlib" by Peter Gutmann (and others).
  • 35.
    OmhiHide Hideyour Video or Audio File Behind Image OmhiHide PRO is a powerful data-hiding utility that allows you to hide files within other files. The output files can be used or shared like a normal file would be without anyone ever knowing of the file hidden within it. That way, your data totally stays safe from prying eyes you want to hide it from.
  • 36.
  • 37.
    Summary  Steganography isprimarily used to maintain anonymity and is easily available to most anyone  Sophisticated tools are readily available on the Internet, and are easy-to-use  Lack of both awareness and developed tools and analysis techniques  Only recently has the security community started to concern itself with this subject  Little public information on the use of data hiding  Development/use of information hiding products far outpaces the ability to detect/recover them; this situation is not likely to change soon
  • 38.
    A Final Thought “I think we are perilously close to a lose-lose situation in which citizens have lost their privacy to commercial interests and criminals have easy access to absolute anonymity. That's not a world we want.” Philip Reitinger Former Senior Counsel, US Justice Department Computer Crime and Intellectual Property Division
  • 39.