06/27/22 Perry Fowler STEGANOGRAPHY Perry Fowler CSC 585 The University of Rhode Island
Jan 15, 2016
04/21/23 Perry Fowler
STEGANOGRAPHY
Perry FowlerCSC 585
The University of Rhode Island
04/21/23 Perry Fowler
The main Fear
• [Tr note: The truncated Arabic text in the upper right-hand corner of this image reads: “a secret message from a secret soldier of al-Qaeda, Rakan Bin...to the General Command in Afghanistan and also to the…in Londonistan…about the operation…to strike nuclear
stations…in the following cities that…planning…]
04/21/23 Perry Fowler
Material to be covered• In this lecture the following material will be covered:
– Introduction– Camouflage– Terminology– History– Some types of steganography
• Visual– Writing (hand written and digital)– Photographic
• Aural– Voice and computer generated
• Computer based
– Tools to create steganography– Algorithms employed in steganography
04/21/23 Perry Fowler
Introduction
• Steganography is the technique of hiding a message from detection. If it’s done properly, the message is never detected by those not intended to receive it.
• It differs from cryptography in that cryptographic techniques don’t deny the existence of the message, they just don’t want it to be readable. In some cases the steganographic hidden message may be in plain text.
04/21/23 Perry Fowler
Terminology
• Technical Steganography – the use of scientific Methods to hide a message. Examples are invisible ink, and size reduction methods like microdots.
• Linguistic Steganography – hides a message in a carrier some non-obvious way. Is also termed semagrams or open codes.
04/21/23 Perry Fowler
Linguistic Steganography
• Semagrams – hide information by the use of symbols or signs – Visual Semagrams - use ordinary visual
objects like icons or doodles, or the positions of objects on say a workbench or a door.
– . Text Semagrams – hide a message by modifying the carrier text with changes in spacing, either horizontal or vertical or font size, or perhaps flourishes in hand written text.
04/21/23 Perry Fowler
OPEN CODES• Open Codes – employ legitimate overt carrier
messages to hide a covert message. – Jargon Codes - these open codes use a
language that is understood by a select group of people, but meaningless to others
– Covered Ciphers - hide a message openly in a carrier so that it can be recovered by anyone who knows the secret of how it was concealed. • Null Cipher – hides the message according
to some set of rules, like the first character of every other word is used to construct the message.
04/21/23 Perry Fowler
So, let’s talk about….
• Photographic Steganography• Textural Steganography• Audio Steganography
04/21/23 Perry Fowler
Watermarking II
In this example, the watermark would, of course, be invisible
04/21/23 Perry Fowler
Picture HidingThe digital image of the cat on the right was imbedded steganographically in the left digital photo of the tree.
If we consider a digital image to be made up of an array of columns, each column representing the bits that are used to represent the color density of a pixel, then, the tops of the columns would represent the most significant bits (MSBs as we all know), of color density, and the bottom bits the least significant bits or LSBs. All the bits at any particular level are considered to be in a BIT PLANE.
04/21/23 Perry Fowler
BIT PLANES
Think of a bit plane as a layer of bits, each layer representing one bit in a byte which represents the color of a pixel. Stacked vertically then, we see something like the left side of the above figure. The matrices represented are one small portion of a digital picture; say the lower right hand corner.
These represent a column
04/21/23 Perry Fowler
BIT PLANES IIOn the right hand side of the figure we see representations of three planes. The top one is the original LSB layer of this portion of the image. The middle plane is the data we wish to hide in the image, with the bottom plane being a representation of the LSB plane after the data is imbedded.
04/21/23 Perry Fowler
One Technique
The technique employed in this example simply adds (binarily) the LSB Plane of the cover image and the embedded data.
04/21/23 Perry Fowler
Line Shift Encoding
Line shift encoding
Another Line to shift
And another line still
The spacing between these lines
is different. Can you tell? It’s about +.01” in the top 2 lines, and - .01” in the bottom 2.
This can be done in word – Format/Line
spacing
04/21/23 Perry Fowler
Word Shift encoding
The spacing between these words is different, can you tell which ones?
04/21/23 Perry Fowler
Character Spacing
The spacing between these characters is different. Can you tell which ones?
Two of the characters in the above text have been changed to a different font, which is narrower than the others.
The “a” in spacing and the “w” in between
04/21/23 Perry Fowler
Geometrical Open Code
• Hidden words or messages at fixed, geometrical positions on the page.
• E.G., captured WWII U-boat officers spelled out messages by adding a little space after significant letters.
• Cardan, or “grill” cipher, uses a careful pattern of fixed locations on the page to hide a message.
04/21/23 Perry Fowler
A Null CipherThe Envelope
FRANK G. JONELIS, 1st LT. USAGARBLED WAR PRISONERS CAMPNIPPON
MR. F. B. IERS%Federal BLDG. CompanyROOM 1619 100 MAIN ST.LOS ANGELES, CALIFORNIAUSA
Here is an example of a covered cipher, specifically a NULL cipher. Consider the following message from a prisoner in a Japanese POW camp in WWII The original was hand written:
04/21/23 Perry Fowler
A Null Cipherand now the letter
AUGUST 29, 1943
DEAR IERS:
AFTER SURRENDER, HEALTH IMPROVED ~FIFTY PERCENT. BETTER FOOD ETC.AMERICANS LOST CONFIDENCEIN PHILLIPINES. AM COMFORTABLE IN NIPPON. MOTHER: INVEST30%, SALARY, IN BUSINESS. LOVE
Frank g. Jonelis
04/21/23 Perry Fowler
A Null Cipherand now the intrepretation
AUGUST 29, 1943
DEAR IERS:
AFTER SURRENDER, HEALTH IMPROVED ~FIFTY PERCENT. BETTER FOOD ETC.AMERICANS LOST CONFIDENCEIN PHILLIPINES. AM COMFORTABLE IN NIPPON. MOTHER: INVEST30 %, SALARY, IN BUSINESS. LOVE
Frank g. Jonelis
04/21/23 Perry Fowler
S-Tools
This is the Carrier
04/21/23 Perry Fowler
S-Tools
This is the imbedded image
04/21/23 Perry Fowler
S-ToolsAnd this is the carrier after insertion. I can notice granularity in the front fender, the fairing and the front disk brake.
04/21/23 Perry Fowler
JPHide and Seek
• Do a web search for jphs05.zip or JPHide and Seek
• Download jphs05.zip
• Unzip it and find jphide.exe, jpseek.exe and jphswin.exe
• Double click on jphswin.exe and you will see what’s on the next slide:
04/21/23 Perry Fowler
JPHide
Click on open JPEG, this will be the carrier
To make things easy, put all files in one folder.Double-click on JPHSWIN
Then the HIDE button becomes active, so click it.You will be asked to enter a Password
After you do that, then a window will appear asking for you to select the file to be imbedded
04/21/23 Perry Fowler
Carrier Image
04/21/23 Perry Fowler
The file to be InsertedTHIS IS A TEST FILE
These programs are available for test purposes only.
Please send me any useful comments for improvements.In particular if you discover ways to detect the presence of the hiddendata (even if you can't extract it) I would like to hear about it. Thisexcludes the case where both the original and the modified jpeg areavailable (in which case it is a trivial task!)
Remember they are FREE and BETA test versions. They may not work asyou expect. I offer no warranty and accept to liability for their use.
They are incompatible with earlier versions of similar products I havewritten.
JPHIDE.EXE is a DOS program to hide a data file in a jpeg file.JPSEEK.EXE is a DOS program to recover a file hidden with JPHIDE.EXE
JPHSWIN.EXE is a Windows-95 program which performs the same functions asthe two programs above.
The programs are free standing and require no special installation.
Allan Latham <[email protected]> 7th January 1999.
04/21/23 Perry Fowler
The Carrier with the Hidden File Inserted
04/21/23 Perry Fowler
Results• This tool works, with restrictions• The file to be imbedded in the carrier can’t
be too large.• However, it can be extracted and saved
somewhere.• It does use a password to protect the data,
I like that.• In looking at the carrier before and after, I
can’t tell the difference, as I could with some other tools.
04/21/23 Perry Fowler
04/21/23 Perry Fowler
JPEG
• JPEG is important to consider when discussing steganography, because it employs a technique, called DCT, that can be both a help and a hindrance to the process.
• On the surface, JEPG is an image compression technique used to reduce the size of pictures transmitted over the internet.
04/21/23 Perry Fowler
Quantization (Rounding)As a mono-dimentional visual example, here is a curve, the red one, made by a sum of two sine waves. One with a low frequency, one with a high frequency. After DCT quantization, you will be left only with the low frequency component, the blue one. It's intuitively simple to understand: you're going to keep the main variations, or the most significant information (low frequency), and eliminate the less important details (high frequency).
04/21/23 Perry Fowler
So, What’s it look like?What does JPEG look like? How far can one compress an image and have it look identical to the original? presentable? merely recognizable? The pictures below illustrate this point.
04/21/23 Perry Fowler
Quantization (Rounding)Now, lets consider this curve as representative of an audio signal. Considering the high frequency component (the red curve). This can be represented by the LSBs of the signal and replaced by using some of the before mentioned techniques for photographic steganography, like pattern matching, or random substitution.
04/21/23 Perry Fowler
Quantization (Rounding)These techniques when applied at the higher frequencies, outside of the boundary of human audio perception, can result in undetectable signal imbedding in the carrier.