PAWAN KR. VERMA(0900410055)
Outline• What is Steganography ? • Steganography – History• Watermarking and Cryptography• Steganography vs. Cryptography• Steganography vs. Watermarking• Steganography – Carrier Files• Modern Steganography Techniques• Basics of Modern Steganography• Important Requirement for Steganographic System• Uses for Steganography • Steganography – Tools• Detection of Steganographic Content/Countermeasures• Existing Steganographic Techniques• Existing Attacks• Conclusion• Reference
What is Steganography ?
Steganography is of Greek origin and means “concealed writing” -• from the Greek word steganos meaning
“covered”• and the Greek word graphie meaning
“writing”Steganography is the process of hiding of a secret message within an ordinary message and extracting it at its destination.Steganography is a technique of hiding information in digital media.The art of detecting Steganography is referred to as Steganalysis.
Steganography - History
• Both Axis and Allied spies during World War II used such measures as invisible inks using milk, fruit juice or urine which darken when heated.
• It’s also a very good Anti-forensics mechanism to mitigate the effectiveness of a forensics investigation
• In ancient Greece they used to select messenger & shave their head, they would then write a message on their head, once the message had been return the hair was allowed to grow back after the hair grew back the messenger was sent to deliver the message, the recipient would shave off the messengers hair to seethe secret message
Watermarking and Cryptography
There are two major branches of information hiding, Cryptography and Watermarking. Watermarking :-
• Communication in watermarking is the host signal, with the embedded data providing copyright protection.
• The existence of a watermark is often declared openly. • Any attempt to remove or invalidate the embedded content
renders the host useless.
Cryptography :-• Doesn’t conceal the communication.• Scrambles the data to prevent eavesdroppers understanding
the content.• Cryptography involves various methods and implementations. • May be considered complementary and orthogonal
Steganography vs. Cryptography
Steganography and cryptography are closely related. Cryptography scrambles messages so it can’t be understood. Steganography on the other hand, hide the message so there is no knowledge of the existence of the message. With cryptography, comparison is made between portions of the plaintext and portions of the cipher text. In steganography, comparisons may be made between the cover-media, the stego-media, and possible portions of the message. The end result in cryptography is the cipher text, while the end result in steganography is the stego-media. The message in steganography may or may not be encrypted. If it is encrypted, then a cryptanalysis technique is applied to extract the message.
Steganography vs. Watermarking
Digital watermarking can be a form of steganography, in which data is hidden in the message without the end user's knowledge.It is a technique which allows an individual to add hidden copyright notices or other verification messages to digital audio, video, or image signals and documents. Such a message is a group of bits describing information pertaining to the signal or to the author of the signal (name, place, etc.) The technique takes its name from watermarking of paper or money as a security measure.
Steganography – Carrier Files
• bmp (bit map picture)
• jpeg (joint photographic experts group)
• gif (graphics interchange format)
• wav (waveform audio)
• mpeg(moving picture experts group)
• png(portable network graphic)
Modern Steganography Techniques
1. Masking and Filtering: Is where information is hidden inside of a image using digital watermarks that include information such as copyright, ownership, or licenses.
2. Algorithms and Transformations: This technique hides data in mathematical functions that are often used in compression algorithms.
3. Least Significant Bit Insertion: The most common and popular method of modern day steganography is to make use of the LSB of a picture’s pixel information.
Basics of Modern Steganography
fE: steganographic function "embedding"fE-1: steganographic function "extracting"cover: cover data in which emb will be hiddenemb: message to be hiddenkey: parameter of fEstego: cover data with the hidden message
Important Requirement for Steganographic System
1. Security of the hidden communication 2. Size of the payload
3. Robustness against malicious and unintentional attacks
Uses for Steganography
• Covert communications
• Intellectual property protection
Steganography - Tools
• S-Tools (GIF, JPEG)
• StegHide (WAV, BMP)
• Invisible Secrets (JPEG)
Detection of Steganographic Content/Countermeasures
The detection of steganographically encoded packages is called Steganalysis.
• Visual Analysis tries to reveal the presence of secret communication through inspection, either with the naked eye or with the assistance of a computer.
• Statistical (Algorithmic) Analysis reveals tiny alterations in an image's statistical behavior caused by steganographic embedding.
• The nominally universal methods developed to detect embedded stego-data are generally less effective than the steganalytic methods aimed at specific types of embedding.
DIFFERENT KINDS OF STEGANOGRAPHY
The four main categories of file formats that can be
used for steganography are:
Text steganography: Hiding information in text is
the most important method of steganography. The method
was to hide a secret message in every nth letter of every
word of a text message. After booming of Internet and
different type of digital file formats it has decreased in
importance. Text stenography using digital files is not used
very often because the text files have a very small amount of
Text steganography can be classified in three basic
• Statistical generation and linguistic method.
Image steganography: Images are used as the popular cover objects for steganography. A message is embedded in a digital image through an embedding algorithm, using the secret key. The resulting stego image is send to the receiver. On the other side, it is processed by the extraction algorithm using the same key. During the transmission of stego image unauthenticated persons can only notice the transmission of an image but can’t guess the existence of the hidden message.
Audio steganography: Audio stenography is masking, which exploits the properties of the human ear to hide information unnoticeably. An audible, sound can be inaudible in the presene of another louder audible sound .This property allows to select the channel in which to hide information.
Protocol steganography: The term protocol steganography is to embedding information within network protocols such as TCP/IP. We hide information in the header of a TCP/IP packet in some fields that can be either optional or are never used.
Existing Steganographic Techniques
The steganographic algorithms can broadly be classified into two categories :-
1. Spatial Domain Techniques 2. Transform Domain Techniques
Spatial Domain:- These techniques use the pixel gray levels and their color values directly for encoding the message bits.
Transform Domain:- These techniques try to encode message bits in the transform domain coefficients of the image.
Existing AttacksThe steganalytic attacks developed till date can be classified into visual and statistical attacks. The statistical attacks can further be classified as :- • Targeted Attacks: These attacks are designed
keeping a particular steganographic algorithm in mind. Histogram Analysis Sample Pair Analysis HCF-COM based Attack
• Blind Attacks: The blind approach to steganalysis is similar to the pattern classification problem. Wavelet Moment Analysis Calibration Based Attacks Farid’s Wavelet Based Attack
Conclusion1. The approach proposed in this work aims at hampering the steganalysis ability to effectively estimating the statistics for classification.
2. It was found that the calibration step is indeed able to estimate image model. To counter this a generalized framework has been proposed which disturbs this model estimation of the attack.
3. It is based on embedding data such that stego population remains statistically closer to the cover population and the difference between these two cannot be observed in the statistics drawn from the two populations and if any how attacker may be able to know the embedding algorithm but in that case he will not be able to know the right pattern of the message because we will embed the message in the form of cipher text.
4. Like this our security will remain consistent. Like this proposed algo will be successful in breaking calibration based blind attacks.
Reference Park,S.K, and Miller, K.W. (1988). "Random Number
Generators: Good Ones Are Hard To Find".
Communications of the ACM 31 (10): 1192–1201.
C. Kurak and J. McHugh, “A Cautionary Note On Image
Downgrading,” Proc. IEEE Eighth Ann. Computer Security
Applications Conf., IEEE Press, Piscataway, N.J., 1992