Copy Increasing Network Security Using Steganography

i

Abstract

Every few years, computer security has to re-invent itself. New technologies and new

applications bring new threats, and force us to invent new protection mechanisms. Cryptography

became important when businesses started to build networked computer systems; virus

epidemics started once large numbers of PC users were swapping programs; and when the

Internet took off, the firewall industry was one of the first to benefit.

One of the newest hot spots in security research is information hiding. It is driven by two of the

biggest policy issues of the information age—copyright protection and state surveillance.

The ease with which perfect copies can be made of digital music and video has made the

entertainment industry nervous that their content might be pirated much more than currently

happens with analogue home taping. The growing popularity of MP3 encoded music has

sharpened these fears. Part of the solution may come from a change in the way music and video

are sold; after all, the software industry has largely abandoned copy-control mechanisms in favor

of a business model that combines frequent upgrades, online registration for technical support,

prosecution of large-scale pirates, and the networking of everything from business applications

to games. But in the case of music and video, it is hoped that technical protection mechanisms

will also provide part of the solution. One of these mechanisms is copyright marking—hiding

copyright notices and serial numbers in the audio or video in such a way that they are difficult

for pirates to remove.

This work mainly concentrates on increasing network security using several Steganography

tools. Few methods are implemented in MATLAB environments. In addition to this, weaknesses

of different Steganography method are also described in detailed and how those weaknesses can

be eliminated.

iii

Content

Title

Abstract

Acknowledgement

Content

List of Figure

List of Tables

i

ii

iii

iv

v

Chapter 1 – Introduction

1.1 Definition

1.2 History of Steganography

1.3 Steganographic Services

1.3.1Background

1.3.2Steganography

1.3.3Steganalysis

1.4 On the Edge: Hidden in Plain Sight

1.5 How much can be hidden?

1.6 Steganography vs. Cryptography

1

2

2

2

3

5

6

7

8

Chapter 2 – Attacks on Steganographic Systems

2.1 Breaking the Steganographic Utilities

2.2 Threats to Steganography Techniques

2.2.1Least Significant Bit (LSB)

2.2.2JSTEG

11

11

11

17

iv

Chapter 3 – BMP Image File Format

3.1 Introduction

3.2 Basic Structure

3.3 Exact Structure

3.4 The Pixel Data

22

22

22

25

Chapter 4 – Methods for Steganography

4.1 Stegosystem

4.2 Digital Image

4.3 Least Significant Bit

4.4 Algorithms and Transformations

4.5 Masking and Filtering

4.6 Jpeg-Jsteg

4.7 Ezstego

4.8 Redundant Pattern Encoding

4.9 Encryption and Scattering

4.10 Spread Spectrum

26

27

28

29

31

32

32

33

33

34

Chapter 5 – Data Flow Diagrams

5.1 1st Level DFD at Server Side

5.2 2nd Level DFD at Server Side

5.3 1st Level DFD at Client Side

5.4 2nd Level DFD at Client Side

38

39

40

41

Chapter 6 – Steganography Tools

6.1 Blind Side 42

v

6.2 Camera/Shy

6.3 Data Stash

6.4 Fort Knox

6.5 MP3Stego

6.6 Stegdetect

6.7 S-Tool

42

46

48

50

51

53

Chapter 7 – Conclusion & Future Enhancements

7.1 Conclusion

7.2 Future Enhancements

7.3 Cryptography


58

58

58

59

Chapter 8 – An Intro to MATLAB

8.1 Introduction

8.2 The MATLAB Environment

8.3 Object Oriented Programming

8.4 Interfacing with other Languages

60

61

69

70

References

Bibliography

72

73

vi

List of Figures

Figure 2.1

Figure 2.2

Figure 2.3

Figure 2.4

Figure 2.5

Figure 2.6

Figure 4.1

Figure 4.2

Figure 4.3

Figure 4.4

Figure 4.5

Figure 4.6

Figure 5.1

Figure 5.2

Figure 5.3

Figure 5.4

Figure 6.1

Figure 6.2

Figure 6.3

Figure 6.4

Figure 6.5

Figure 6.6

Visual Effects of Least Significant Bit Embedding

Effect of Least Significant Bit Embedding

LSB: Cumulative Probabilities of embedding, drived from x2

Visual effect of JSTEG embedding

JSTEG: Least Significant Bits

JSTEG: Cumulative probabilities of embedding, derived from x2

Stegosystem

Graphical Version of Stegosys

Pre/Post Processed Stegano Image

Discrete Cosine Transformation

Decoding

Watermarked Image

First level DFD at server side

Second Level DFD at Server Side

First Level DFD at Client Side

Second level of DFD at client side

Blindside

Camera/shy

Data Stash

Hiding images in video file

Resultant video file

The Comparison

12

13

16

18

19

20

26

27

27

29

31

32

38

39

40

41

42

44

46

47

47

50

vii

Figure 6.7

Figure 6.8

Figure 6.9

Figure 6.10

Figure 6.11

Figure 6.12

Figure 6.13

Figure 8.1

Figure 8.2

Figure 8.3

Stegdetect

S-tool Welcome Screen

Cover Image

Hiding Information

The Comparison of Original and Modified Image

Extracting Information

The Hidden Message

Sine Wave

Wireframe 3D plot of Sinc Function

Surface 3D plot of Sinc Function

52

53

54

55

56

56

57

66

67

68

viii

List of Tables

Table 3.1

Table 3.2

Table 3.3

Table 3.4

Table 4.1

Table 4.2

Table 4.3

BMP file data structure

The Bitmap File Header

Bitmap Info Header

RGB QUAD Array

24 bit pixel value

An Example with a 24 bit pixel

An example with an 8 bit pixel

22

23

24

25

28

28

29

TNTU – Olympia College B.Sc. (Hons) in Computer Systems Engineering (Networking)

Increasing Network Security Using Steganography Page 1/73

Chapter 1 – Introduction

Steganography is no routine way to protect confidentiality. Normally,

cryptography is used to communicate confidentially. Cryptographic algorithms—the

securities of which can be proven or traced back to known hard mathematical problems

are widely available. However, in contrast to steganography, cryptographic algorithms

generate messages which are recognizable as encrypted messages, although their

content remains confidential. [2]

Steganography embeds a confidential message into another, more extensive

message which serves as a carrier. The goal is to alter the carrier in an imperceptible

way only, so that it reveals nothing, neither the embedding of a message nor the

embedded message itself.

1.1 Definition

The word "Steganography" literally means "covered writing" derived from

Greek. It covers a wide range of methods of secret communications that conceal the

very existence of the message. Among these methods are invisible ink, Microdot,

character arrangement (other than the cryptographic methods of permutation and

substitution), digital signatures, covert channels and spread-spectrum

communications.[3]

Steganography is the art of concealing the information within seemingly

innocuous carriers. Steganography can be viewed as akin to cryptography. Both have

been used throughout history as a means to protect information. At times these two

technologies seem to converge while the aims of the two differ. Cryptographic

techniques "scramble" messages so if intercepted, messages may not be understood.



Steganography in an essence, "camouflages" a message to conceal its existence and

make it seem "invisible" thus concealing the fact that a message is being sent altogether.

An encrypted message may draw suspicion while an invisible message does not. [4]

1.2 History of Steganography

In ancient Greece, people used to conceal messages on wax-covered tablets. The

first documented instance of steganography was documented history of Herodotus,

when Demeratus sent a secret message past the guards by removing wax from the

tablet, writes on the tablet itself, covering the tablet with wax again to hide the message.

Invisible ink is a type of steganography used in recent centuries. You could hide a text

message in a section of words, so that by isolating each 10th word, the secret message

being detected. The Note itself would sound innocent to escape detection. This type of

steganography was often used during wars among spies. Recently, computerized

steganography become popular. Using different methods for encoding secret messages

hidden in digital data such as .bmp or .jpg images, wav sound files or emails. These

methods are described below. Authors are able to watermark their property this way.

Unfortunately, steganography is also suspected to play a role as a source

communications between terrorist groups around the world. In the past year, several

doubted that Osama bin Laden may have been posting images with hidden messages in

to send to several other terrorist groups. [5]

1.3 Steganographic Services

1.3.1 Background

Steganographic software is new and quite effective. In the computer, an image is

represented by an array of numbers that have light intensities at various points (pixels1)



in an image. An image size of 640 by 480 and 256 colors (or 8 bits per pixel)is

commonly used. Such an image could contain about 300 kilobits of data.

Usually there are two type of files used when embedding data into an image.

The innocent looking image which has the hidden information is a "container." A

"message" is the information to be hidden. A message may be plain-text, cipher text,

other images or any thing that can be embedded in the least significant bits (LSB) of an

image. [3]

1.3.2 Steganography

Suppose we have a 24-bit image 800 x 640 (this is a common resolution for

satellite images, electronic astral photographs and other high resolution graphics). This

may produce a file over 2 megabytes in size (800,640 = 5,12,000 bytes).

Here, in my application I have used following technique for hiding the data

inside the .bmp image file.

First of all enter your message which you want to transfer by hiding it inside the

image file.

Then after converts your message in to its equivalent binary string notations.

Import the .bmp image file inside which you want to hide your message by

using the file dialog.

Get the pixel values of imported image file.

Then get one by one binary character form the binary string notation and take

the one pixel for one binary character.

Then use following logic for hiding the message‘s binary information inside the

pixels of an .bmp image file.



Suppose that I want to hide the following message,

this is steganography system

The binary notation for this above message is for example:

10110010010100011010101110

And the pixel values of the selected .bmp image file are as follows,

255 =11111111

089 =01011001

254 =11111110

248 =11111000

250 =11111010

Here ,then after take one binary bit from the message and take one 8-bit binary

pixel of the .bmp image and replace its value to the least significant bit of the 8-

bit pixel value.

For example, if the first bit of the message is 1 and the value of the pixel is

111111111=255

Here the least significant bit is 1, so there is no any change in the value of the

11111111=255 simply traverses to the next bit of the message. If the second bit is 0 and

the second pixel of the .bmp image file is

01011001=89

Here the least significant bit is 1 so; replace the value of 8-bit pixel with either

incrementing 1in to it or decrementing 1 from it. So the modified value of the pixel is

01011010=90



And the value of the pixel will be changed but, it will change very slightly that will not

change the image just the slight change in the shade of its pixel color.

By repeating this process until length of the bits value of the message the whole

message will be hidden inside the specified .bmp image file.

1.3.3 Steganalysis

“The process of extracting the hidden message from specified image file is called the

Steganalysis system”

For extracting the message from the image file from above hiding image file we can

extract this message as follows:

First of all import the modified image file and also its pixel values

After getting its pixel values take the least significant bit from the 8-bit pixel

value and continuously stores this bit value in to the String

After collecting the string convert this string in to the equivalent character value

and again store this characters into the string this string is the original message,

which is to be hidden

Suppose the modified value of the 8-bit pixel is as follows:

254 =11111110

090 =01011010

255 =11111111

249 =11111001

251 =11111011

By performing the AND operation of that 8-bit pixel value with the 0x01 H hexadecimal

value as follows:



(11111110 & 0x01)=0

(01011010 & 0x01)=0

(11111111 & 0x01)=1

(11111001 & 0x01)=1

(11111011 & 0x01)=1

Then after collect this all the bits in to the string continuously and converts it in

to its equivalent character values that returns the original message.

The original message is,

This is steganography system

1.4 On the Edge: Hidden in Plain Sight

One of the few noteworthy aspects of the 2001 movie Along Came a Spider is

that it probably marks the debut of steganography in mainstream culture. About six

months later, steganography was back in the public spotlight, but for a darker reason:

terrorists were using it.

In both cases, steganography was used to pass messages over the Internet using

innocuous-looking images. Although you can embed messages in video and audio files,

too, steganography usually involves image files such as JPEGs. The common

denominator is that, unlike the better-known process of encryption, where a message is

garbled but remains in plain view, steganography hides it altogether.

There are multiple ways that steganography embeds data in an image, which is

then called a "cover" image. One method is to hide the information in the headers and

footers that images typically have. Another is to append the data to the file, although

trying to attach too much can be a dead give-away. "There you have unlimited



bandwidth, but it would be odd to see a tiny image that’s tremendous," said Neil F.

Johnson. [3]

The most common technique is to change the least significant bit in each pixel.

Because it manipulates existing data that makes up an image rather than adding to it,

this approach doesn’t swell the file size. "If you’re modifying the least significant bit on

a color photograph, the human eye isn’t going to see it," Johnson said.

The bits that make up a photo are created by a computer using binary numbers

that are recognized by a program as having meaning. A JPEG image file is made up of

pixels, with binary values given for each color: red, green, and blue. The binary value

for a pure red pixel would be 1111 0000 0000 (100 percent red, zero percent green, and

zero percent blue). A steganographer could insert the tiniest portion of a message in this

pixel by adding one bit of information to the blue portion of the pixel, making the

binary composition look like 1111 0000 0001. This small change to the image is

imperceptible to the eye, but by inserting different bits of information in thousands of

pixels, a message can be recorded in the image file.

Manipulating bits has its limits. Suppose that you have an eight-bit image that

measures 800 x 640, which gives you a total of 5,12,000 bits to work with. "If you

want to hide a message in the least significant bit of each pixel, you can hide 64,000

bytes," said Hany Farid, an assistant professor of computer science at Dartmouth

College.

"This message will almost certainly be imperceptible to the human eye. If you want to

store another 32,768 bits of data, you can do so in the second-to-least-significant bit.

The risk is that degradation in the cover may become more noticeable"



1.5 How Much Can Be Hidden?

How much longer message can be hidden inside the image file is totally

depended on the size of that imported/specified image file or the resolution of that

image file. Suppose here, we are using the image file that have the 800-horizontal

pixels and 640-vertical pixels so it includes the total no of pixels 5,12,000 and for one

bit we are using one pixel. So there are 64,000 bytes can be hidden inside the image file

in my application. If we are changing or replacing the least two significant bits of the

pixel values we can hide more no. of bytes inside the image file. The change in the two

least significant bits value does not affect even the actual image that is no differentiate

by any one in any no of look.

There is no limit of how much data can be hidden inside the image file, because

there is data which can be hidden inside the image file may be in the form of the text

(.txt) file, audio file, & also it may bi in the form of video, image file. So the limit of the

hidden data is depended on the file format of the data which you want to hide inside the

image file. The file format for the .bmp image file is shown letter on in next chapter.

Steganalysis is the name given to the techniques used to identify images that

have been altered, but intercepting a steganographic message is hugely difficult. It

involves having knowledge of a suspected sender or recipient, access to the suspect’s

computer and/or e-mail account, and an examination of the files on that system, not

easy to get done in a free society. It’s enough to keep the good guys awake at night.


Basically, the purpose of cryptography and steganography is to provide secret

communication. However, steganography is not the same as cryptography.



Cryptography hides the contents of a secret message from a malicious people, where as

steganography even conceals the existence of the message. Steganography must not be

confused with cryptography, where we transform the message so as to make it meaning

obscure to a malicious people who intercept it. Therefore, the definition of breaking the

system is different. In cryptography, the system is broken when the attacker can read the

secret message. Breaking a steganographic system need the attacker to detect that

steganography has been used and he is able to read the embedded message.

In cryptography, the structure of a message is scrambled to make it meaningless

and unintelligible unless the decryption key is available. It makes no attempt to disguise

or hide the encoded message. Basically, cryptography offers the ability of transmitting

information between persons in a way that prevents a third party from reading it.

Cryptography can also provide authentication for verifying the identity of someone or

something.

In contrast, steganography does not alter the structure of the secret message, but

hides it inside a cover-image so it cannot be seen. A message in cipher text, for

instance, might arouse suspicion on the part of the recipient while an “invisible”

message created with steganographic methods will not. In other words, steganography

prevents an unintended recipient from suspecting that the data exists. In addition, the

security of classical steganography system relies on secrecy of the data encoding

system. Once the encoding system is known, the steganography system is defeated.

It is possible to combine the techniques by encrypting message using

cryptography and then hiding the encrypted message using steganography. The

resulting stego-image can be transmitted without revealing that secret information is

being exchanged. Furthermore, even if an attacker were to defeat the steganographic



technique and detect the message from the stego-object, he would still require the

cryptographic decoding key to decipher the encrypted message.



Chapter 2 - Attacks on Steganographic Systems

2.1 Breaking the Steganographic Utilities

The majority of steganographic utilities for confidential communication suffer

from fundamental weaknesses. On the way to more secure steganographic algorithms,

the development of attacks is essential to assess security. Both visual attacks, making

use of the ability of humans to clearly discern between noise and visual patterns, and

statistical attacks which are much easier to automate. The visual attacks exemplify that

software suffer from the misassumption that least significant bits of image data are

uncorrelated noise. [6]

By the visual attacks, we will reveal that this assumption is wrong. The majority

of steganographic algorithms embed messages replacing carefully selected bits by

message bits. Actually, it is difficult to distinguish randomness and image contents by

machine, and it is even more difficult to distinguish least significant bits and random

bits. It is extremely difficult to specify permissible image content in a formal way. A

substitute is having people realize what image content is. However, the border becomes

blurred and depends on our imagination. The human sight is trained to recognize known

things. This human ability is used for the visual attacks. Represents the least significant

bits, which is actually not an attack on steganography.

2.2 Threats to Steganography Techniques

2.2.1 Least Significant Bit (LSB)

Least-significant bit steganography in Matlab by replacing the green channel of

a cover image with the message bit stream XORed with a pseudorandom key. The

message used was a 1-bit image of equal size to the cover image, but this technique can

be used for messages of any length up to 3NM in a N by M color image.



Matlab Code for Pseudocode demonstrating simple LSB embedding

I = cover image

M = message

K = pseudorandom keystream

I = I - mod(I,2);

T=xor(M,K);

I=I+T

By using messages smaller than the image and then spreading the message out in a

simple way, for example skipping a key-determined pseudorandom number of pixels,

some of the described attacks can be defeated. The results of such embedding are

visually indistinguishable, as shown in Figure 2.1. Although simple, this technique, with

some variation, is widely used.

Visual Attacks

As mentioned previously, least-significant bits are not in fact pseudorandom.

Therefore, changing these bits in an image to pseudorandom noise should be detectible.

This can be shown by simply amplifying and examining the least-significant bits of the

(a)Original Image (b) Image with Embedded data

Figure 2.1: Visual Effect of Least Significant Bit Embedding



image, as shown in Figure 2.1. If embedding had been performed in all three color

channels, the effect would be even more pronounced.

(a)Unmodified Image

(b)Image Embedded with data

Figure 2.2: Effect of Least Significant bit Embedding



Chi-square Attacks

This attack can be automated using statistical techniques. As the embedded data

is pseudorandom and the natural image data is not, a test for randomness should let us

differentiate between a natural image and one with pseudorandom data embedded in it.

The chi-squared statistic is a measure of fit between two discrete distributions, and is:

(1)

To apply it here, measure the frequency of pixels of each value, and then derive an

expected value for each using the assumption that the least-significant bits are random;

with this assumption, the expected value for f is:

∗ = +(2)

Then a distribution with i=2 bins, each containing the frequency of the even bit values.

The expected frequencies calculated for each bin as shown above, and the “x2” value is

then calculated by:

(3)

To use this value to give a probability of embedding, we integrate to find the area under

the probability density function:

= − ( − / )(3)



This is implemented and tested it on several images with varying lengths of embedded

message using the following Matlab code.

Matlab Code for Matlab code for computing probability of LSB consisting of

pseudorandom data

G = imread(’image. tif ’ );

Bins(256)=0;

tsize =size(G);

Chis( tsize (1))=0;

P(tsize(1))=0;

for i=1: tsize (1),

%count pixel frequency

for j=1: tsize (2),

Bins(G(i,j)+1)=Bins(G(i,j)+1)+1;

end

% calculate chi squared

chi2=0;

for k=1:127

nexp=(Bins(2 k1)+Bins(2 k))/2;

if (nexp>5)

chi2=chi2+((Bins(2 k)nexp)ˆ2)/nexp;

end

end

Chis(i)=chi2;

end

% calculate P

xu=chi2;



r=127;

rOver2 = 0.5*r;

gammaval = gamma(rOver2);

F = @(x)x.ˆ(rOver21). exp(0.5*x)/gamma(rOver2)/2ˆrOver2;

if xu == inf

prob = 1

else

prob = quad(F,0,xu);

end

P(i)=1prob;

end

%plot graph

plot(P);

(a) Unmodified Image

(b) Image with message Embedded

(c) Message Embedded in first half of imageFigure 2.3: LSB: Cumulative Probabilities of embadding, drived from x2



Graphs of the probability of embedding against the cumulative number of rows being

examined is shown in figure 2.3. This method clearly and unambiguously differentiates

between modified and original images, and the case of partial embedding detects the

point where the embedding stops.

2.2.2 JSTEG

JSTEG works by embeding each message bit into more than one bit of the cover

image, to reduce the detectible effects of the embedding. This is achieved tby

transforming the image by dividing it into blocks and applying the discrete cosine

transform, and then altering coefficients and transforming back. This results to each

message bit affecting an whole block in the cover image, making it difficult to detect

the changes.[1]

JSTEG implementation consists of two nested parts. The outer part applies the

DCT, quantizes the coefficients, and inverts the transform. In between quantization and

the inversion, the inner stage embeds the message in the least significant bits of the

coefficients. There are a couple of subtleties; the algorithm avoids embedding data in

coefficients whose value is zero, as this usually is due to quantization, which means that

values other than zero will raise suspicion, and recompression (with the same

quantization table) will destroy the message bit. JSTEG is more fragile than the

previous technique described for this reason, as a change leading to non-zero

coefficients becoming zero will lead to the output bitstream becoming out of sync, while

with simple LSB embedding changes can just lead to flipped bits in the output.

Matlab Code for Pseudocode demonstrating JSTEG embedding

I = cover image

M = message

K = pseudorandom keystream



T = DCT(I, blocksize)

quantize(T, quantization table )

progress=0

for each element i of T:

if (i!=0 && i != max i )

setLSB(i, M(progress))

progress++

end

if (progress>size(M)) break

end

I=inverseDCT(T, blocksize)

Visual Attacks

Images with messages embedded using JSTEG are not susceptible to the simple

visual attacks demonstrated above. This is because the changes to the coefficients do

not simply alter bits in the final image in a predictable manner, but instead affect entire

blocks of the image in ways that cannot easily be perceived, even when examining the

least-significant bits of the image.

(a) Unmodified Image (b) Image with embedded data

Figure 2.4: Visual effect of JSTEG embedding





progress=0


if (i!=0 && i != max i )


progress++

end


end


Visual Attacks












progress=0


if (i!=0 && i != max i )


progress++

end


end


Visual Attacks










(a) Image after DCT/inverse DCT application, no message embedded

(b) image with message embeddedFigure 2.5: JSTEG: Least significant bits



Figure 2.5 shows that The least-significant bits of a cover image, the same

image passed through the DCT/inverse DCT algorithm without having any of its

coefficients altered (i.e. there is no embedded message), and the image with a message

embedded. Although there is a clear difference between the latter two images, it is not

apparent that one is more random than the other, and in general human observers cannot

determine whether pseudorandom data has been inserted into the DCT coefficients.

Chi-square Attacks

Although the least-significant bits of the image do not exhibit pseudorandom

properties, the DCT coefficients into which message bits were hidden do. Therefore, if

we know the transform performed, in this case the discrete cosine transform with an 8x8

block size, we can recreate the coefficients and analyze them to determine if they are

drawn from a pseudorandom distribution.

(a) Unmodified Image

(b) Image after DCT/inverse DCT application, no message embedded

(c) Image with embedded message

Figure 2.6: JSTEG: Cumulative probabilities of embedding, derived from x2



The embedding algorithm is reversed to extract the least-significant bit of each

coefficient which is not zero or maximum, and then the chi square statistic and

embedding probability are computed as in the simpler attack.

Figure 2.6 shows the resulting graphs; (a) shows the original image, (b) shows

the probability graph resulting from applying the algorithm without a message, i.e.

performing the transform and then inverting it, to show that this doe not cause false

positives, and (c) shows the graph of an image with an embedded message.



Chapter 3 - BMP Image File Format

3.1 Introduction

The .bmp file format is the standard for a Windows 3.0 or later DIB(device

independent bitmap) file. It may use compression and is not efficient enough to store

animation. There are different ways to compress a .bmp-file, but they are so rarely used.

The image data itself may contain references to entries in a color table or literal RGB

values.

3.2 Basic structure

A .bmp file contains of the following data structures:

BIT MAP FILE HEADER bmfh;

BIT MAP INFO HEADER bmih;

RGB QUAD aColors[];

BYTE aBitmapBits[];

Table 3.1: BMP file data structure

bmfh contains some information about the bitmap file. bmih contains information about

the bitmap such as size and colors. The rest is the image data, which format is specified

by the bmih structure.

3.3 Exact structure

The following tables give exact information regarding the data structures and

also contain the settings for a bitmap with the dimensions: size 100x100, 256 colors, no

compression. The Location of the byte in the file at which the explained data element of

the structure starts is the start value, the size-value contains the number of bytes used by



this data element, the name-value is the name assigned to this data element by the

Microsoft API documentation. Stdvalue stands for standard value.

a) The BITMAP FILE HEADER

Start Size Name Std value Purpose

1 2 bfType 19778must always be set to 'BM' to declare that this is a

.bmp-file.

3 4 bfSize ?? specifies the size of the file in bytes.

7 2 bfReserved1 0 must always be set to zero.

9 2 bfReserved2 0 must always be set to zero.

11 4 bfOffBits 1078specifies the offset from the beginning of the file

to the bitmap data.

Table 3.2: The Bitmap File Header

b) The BITMAP INFO HEADER

Start Size Name Stdvalue Purpose

15 4 biSize 40specifies the size of the

BITMAPINFOHEADER structure, in bytes.

19 4 biWidth 100 specifies the width of the image, in pixels.

23 4 biHeight 100 specifies the height of the image, in pixels.



27 2 biPlanes 1specifies the number of planes of the target

device, must be set to zero.

29 2 biBitCount 8 specifies the number of bits per pixel.

31 4 biCompression 0Specifies the type of compression, usually set

to zero (no compression).

35 4 biSizeImage 0

specifies the size of the image data, in bytes. If

there is no compression, it is valid to set this

member to zero.

39 4 biXPelsPerMeter 0

specifies the the horizontal pixels per meter on

the designated targer device, usually set to

zero.

43 4 biYPelsPerMeter 0

specifies the the vertical pixels per meter on

the designated targer device, usually set to

zero.

47 4 biClrUsed 0

specifies the number of colors used in the

bitmap, if set to zero the number of colors is

calculated using the biBitCount member.

51 4 biClrImportant 0

specifies the number of color that are

'important' for the bitmap, if set to zero, all

colors are important.

Table 3.3: Bitmap Info Header



c) The RGBQUAD array

Start Size Name Stdvalue Purpose

1 1 rgbBlue - specifies the blue part of the color.

2 1 rgbGreen - specifies the green part of the color.

3 1 rgbRed - specifies the red part of the color.

4 1 rgbReserved - must always be set to zero.

Table 3.4: RGB QUAD Array

In a color table (RGBQUAD), the specification for a color starts with the blue byte.

3.4 The Pixel Data

It is important to notice that the rows of a DIB are stored upside down. That

means that the top most row which appears on the screen actually is the lowest row

stored in the bitmap.

Another important thing is that the number of bytes in one row must always be adjusted

to fit into the border of a multiple of four. Simply add zero bytes until the number of

bytes in a row reaches a multiple of four, an example:

6 bytes that represent a row in the bitmap:

A0 37 F2 8B 31 C4

must be saved as:

A0 37 F2 8B 31 C4 00 00



Chapter 4 - Methods for Steganography

4.1 Stegosystem

The stegosystem is conceptually similar to the cryptosystem.

Figure 4.1: Stegosystem

emb : The message to be embedded.

cover: Medium in which emb will be embedded.

stego: Modified version of the cover that contains the embedded message, emb.

key: Additional data that is needed for embedding & extracting.

Here is a graphical version of the stegosystem:




4.1 Stegosystem











4.1 Stegosystem










4.2 Digital Image

In order to understand how steganography is applied to digital images, one must

understand what digital images are.

Figure 4.3: Pre/Post Processed Stegano Image

Figure 4.2: Graphical Version of Stegosys



On a computer, an image is an array of numbers that represent light intensities at

various points (pixels). Images can have 8 bits per pixel or 24 bits per pixel.

With 8 bits/pixel, there are 28, or 256, color varieties. With 24 bits/ pixel there are 224,

or 16,777,216, color varieties.

Color variation for a pixel is derived from 3 primary colors: Red, Green, and Blue.

24 bit image example:

24 bit images use 3 bytes to represent a color value (8 bits = 1 byte)

Color R G B

Pixel Value 00100111 11101001 11001000

Table 4.1: 24 bit pixel value

4.3 Least Significant Bit Insertion (LSB)

“The idea behind the LSB algorithm is to insert the bits of the hidden message into the

least significant bits of the pixels.”

Simplified Example with a 24 bit pixel

Pixel Value R G B

Before 00100111 11101001 11001000

After 00100111 11101000 11001001

Table 4.2: An Example with a 24 bit pixel

Simplified Example with an 8 bit pixel

Pixel Value White R G B

Before 00 01 10 11



After 00 00 11 11

Table 4.3: An example with an 8 bit pixel

Disadvantages of LSB Insertion

With the 8 bit pixel, applying LSB insertions can alter the color of the pixel.

This could lead to noticeable differences from the cover image to the stego image.

Color variations are less with 24 bit images.

Advantage of LSB Insertion

A major advantage of the LSB algorithm is it is quick and easy. LSB insertion

also works well with gray-scale images.


Another steganography method is to hide data in mathematical functions that are

in compression algorithms. Function is Discrete Cosine Transformation (DCT).

The DCT transform data from one domain into another. The DCT function

transforms that data from a spatial domain to a frequency domain.

Figure 4.4: Discrete Cosine Transformation

The DCT function



After 00 00 11 11















The DCT function



After 00 00 11 11















The DCT function



Another example for the steganography system

r1 = temp

%2

t = r1

g1 = (temp-T)/2

%2

t = t+2*g

b1 = (temp-T)/4

%2

r = r-r

%2+r1

g = g-g

%2+g1

b = b-b

%2+b1



To Decode the Hidden Data

Figure 4.5: Decoding

Steps to be performed

Take the transform of the modified image

Find the coefficients below a certain threshold

Extract bits of data from these coefficients

Combine the bits into an actual message

4.5 Masking and Filtering

Masking and filtering techniques, usually restricted to 24-bit and gray-scale

images, hide information by marking an image, in a matter similar to paper watermarks.

Watermarking technique may be applied without fear of image destruction due to lossy

compression because they are more integrated into image. [7]



Visible watermarks are not steganography by definition. The difference is

primarily one of intent. Traditional steganography conceal information; watermark

extends information and become an attribute of the cover image. Digital watermark may

include such information as copyright, ownership, or license, as shown in Figure 4.6. In

steganograpghy, the object of communication is hidden message. In digital watermarks,

the object of the communication is the cover.

To create the watermarked image in figure 4.6, the luminance of the masked

area is increased be 15 percent. If luminance is changed by smaller percentage, the mask

would be undetected by human eye. Now watermarked image can be used to hide

plaintext or encoded information.

Masking is more robust than LSB insertion with respect to compression,

cropping and some image processing. Masking techniques embed information in

significant areas so that the hidden message is more integral to cover image than just

hiding it in the “noise” level. This makes it more suitable than LSB with, for instance,

lossy JPEG image.

Figure 4.6: Watermarked Image



4.6 Jpeg-Jsteg

One steganography tool that integrates the compression algorithm for hiding

information is Jpeg-Jsteg. Jpeg-Jesteg creates a JPEG stego image from the input of the

message to be hidden and a lossless cover image. According to the independent JPEG

group JPEG software has been modified for 1-bit steganography in JIFF output files,

which are composed of lossy and nonlossy sections. The software combines the message

and the cover images using the JPEG algorithm to create lossy JPEG stego-images.

4.7 Ezstego

EzStego embeds data in GIF images, by altering the colors of pixels. To do this

imperceptibly, it sorts the image’s palette to minimize the perceptual distance between

consecutive colors. This is achieved by finding the shortest-path between the palette

colors within the RGB color space cube. Then, the message is embedded by altering

pixels, in order, so that the least significant bits of the pixels’ indexes into the sorted

palette are the message bits.

4.8 Redundant pattern encoding

Using the redundant bit encoding, one must trade off message size against

robustness. For example, a small message may be painted many times over an image as

shown in figure 4.6 so that if the stego-image is cropped, there is a high probability that

the watermarked can still be read. A large message may be embedded only once

because it will occupy a much greater portion of the image area.

4.9 Encryption and Scattering

This technique encrypts and scatters the data throughout the image. Scattering

the message makes it appear more like noise. Proponents of this approach assume that



even if the message bits are extracted, they will be useless without algorithm and stego-

key to decode them. For example, the white noise storm tool is based on spread

spectrum technology and frequency hopping, which scatter the message throughout the

image. Instead of having x channels of communication that are changed with a fixed

formula and passkey. White Noise Storm spreads eight channel within a random

number generated by the previous window size and data channel. Each channel

represents 1-bit, so each image window holds 1 byte of information and many unused

bits. These channel rotate, swap and interlace among themselves to yield a different bit

permutation. For instance, bit 1 might be swapped with bit 7, or both bits mat rotate one

position to right. The rules for swapping are dictated by the stego-key and by the

previous window’s random data (similar to DES block encryption).

Scattering and Encryption helps protect against hidden message extraction but

not against message destruction through image processing. A scattered message in the

image’s LSBs is still as vulnerable to destruction from lossy compression and image

processing as is a clear-text message inserted in LSBs.

4.10 Spread Spectrum

Spread spectrum techniques are "means of transmission in which the signal

occupies a bandwidth in excess of the minimum necessary to send the information; the

band spread is accomplished by means of a code which is independent of the data, and a

synchronized reception with the code at the receiver is used for de-spreading and

subsequent data recovery." Although the power of the signal to be transmitted can be

large, the signal-to-noise ratio in every frequency band will be small. Even if parts of

the signal could be removed in several frequency bands, enough information should be

present in the other bands to recover the signal. Thus, SS makes it difficult to detect

and/or remove a signal. This situation is very similar to a steganography system which



tries to spread a secret message over a cover in order to make it impossible to perceive.

Since spreaded signals tend to be difficult to remove, embedding methods based on SS

should provide a considerable level of robustness. Spread Spectrum methods are of

increasing importance in the field of information hiding.

In information hiding, two special variants of SS are generally used: direct-

sequence and frequency-hopping schemes. In direct-sequence schemes, the secret signal

is spread by a constant called chip rate, modulated with a pseudorandom signal and

added to the cover. On the other hand, in frequency-hopping schemes the frequency of

the carrier signal is altered in a way that it hops rapidly from one frequency to another.

SS are widely used in the context of watermarking.

Spread spectrum techniques for watermarking purposes have aroused a lot of

interest. The reasons for this are very similar to the arguments for using SS techniques

in steganography. Generally, the message used to watermark is a narrow-band signal

compared to the wide band of the cover (image). Spread spectrum techniques applied to

the message allow the frequency bands to be matched before transmitting the message

(watermark) through the covert channel (image). Furthermore, high frequencies are

relevant for the invisibility of the watermarked message but are inefficient as far as

robustness is concerned, whereas low frequencies are of interest with regard to

robustness but are useless because of the unacceptable visible impact. Spread spectrum

can reconcile these conflicting points by allowing a low-energy signal to be embedded

in each one of the frequency bands. Spread spectrum techniques also offer the

possibility of protecting the watermark privacy using a secret key to control a pseudo

noise generator. [8]

A practical watermarking scheme is presented here. This method is part of a

video scheme. Nevertheless, it is also applicable to still images. Let af (aj € {-1, 1}), be

a binary signal. From ai we derive a signal bi which is a temporal stretching of ai



(1)

“cr” is the chirp rate. Now a modulation is performed between bi and a pseudo

noise signal pi in order to obtain the watermark signal which will be directly embedded

in image vp

(2)

Where α is a strength factor controlling the robustness verses visibility trade-off. The

final embedding formula is

(3)

Where vi denotes the watermarked image.

The basic idea of watermark recovery is to demodulate the received signal and

to add each signal component corresponding to each piece of binary information,

(4)



Assuming that the pi signal is zero-mean and is statically independent with vi, we can

expect sj to be

(5)

Thus, aj is given by

(6)



Chapter 5 - Data Flow Diagrams

5.1 1st Level DFD at server side

User Hide

Original message to hide

Image inside which you want to hide message

Modified imagefile

Exception & Image insidewhich message has been

hidden

Figure 5.1: First level DFD at server side



5.2 2nd Level DFD at Server Side

Figure 5.2: Second Level DFD at Server Side



5.3 1st Level DFD at Client Side

Figure 5.3: First Level DFD at Client Side



5.4 2nd Level DFD at Client Side

SteganalysConvert pixel valueinto equivalent 8-bit

Perform ANDoperation of each

pixel valuewith0x01H

Continuouslyperform this

operation and store itinto String

Convert it intoequivalent character

value

Original Message

Exce

ptio

nModified Pixels of image

file

Figure 5.4: Second level of DFD at clientside



Chapter 6 – Steganography Tools

A steganography software tool implements a subset of the most general

digital steganography process, allowing users to insert and extract hidden data into and

from carrier files.

6.1 Blindside

Blindside is an application of steganography that allows one to conceal a file,

or set of files within a standard computer image. The new image looks identical to the

human eye, but can contain up to 50k or so of secret data. The hidden files can also be

password encrypted, to prevent unauthorized access to their data.

6.2 Camera/Shy

Camera/Shy is the only steganographic tool that automatically scans for and

delivers decrypted content straight from the Web. It is a stand-alone, Internet

Explorer-based browser that leaves no trace on the user's system and has enhanced

security.

Figure 6.1: Blindside



Camera/Shy, a program developed by the group Hacktivismo, uses

steganography to hide messages in graphics files. According to the Hacktivismo web

site is, "Camera/Shy was developed for democracy activists operating from behind

national firewalls". This program, according to it's makers, will allow information

that would otherwise be banned, to reach the citizenry of countries where Free Speech

is considered antigovernment and contrary to the needs of the masses.

It should be noted that Hacktivismo is an offshoot of the well known "hacker

group", Cult of the Dead Cow. Because of this association, they too, are considered a

hacker group - though Hacktivismo might argue this. And being notorious, especially

since 9-11, can have it's down side. Shortly after Camera/Shy was released, it was

labeled a "hacker tool" and at least one software company, NetIQ, updated it's

software to "help the IT community combat Camera/Shy".

Regardless of your opinion on the issue, Camera/Shy, for those who are

interested, can effectively encrypt and decrypt information into and from graphics

files (actually, at his point, only .gif files). This program is open source software

which means it's not only free, but it's in a constant state of development.

Following are the steps to view steganography content in an image,

Once Camera/Shy is open, go to the top of the program window and in the

two fields where you see asterisks, replace the asterisks with the

password. Do this in both fields. Encrypted images require a password to

view the information hidden in them.

Click the View menu on the menu bar and uncheck "Don't show gif steg

window".

Next to the password fields is an address field where you can enter a web



page URL. Click the field, right click and choose Paste. This should paste

the URL of this web page into the field. If not, just type it in. Press enter

to go the web page.

You should be taken to this web page. It will show up in the top left

window in Camera/Shy. Below the web page window is another smaller

window that should have the URL of the Orca picture. Click the URL.

You should now see the text that is hidden in the picture. It will show up

in the Camera/Shy browser window and in a small window to the right. If

you don't see the URL for the Orca picture, go back and reenter happy in

the password fields, and then reload the web page.

Figure 6.2: Camera/shy

Along with viewing stegged images, you can create them with Camera/Shy:



Open Camera/Shy. Click the View menu and uncheck "Don't show gif steg

window" if it is checked.

You have two choices here, navigate to a web page to encrypt or encrypt text

from a file. To encrypt text from a file, you can enter the path to the file in the

Camera/Shy browser window address field. Do this in the format of

f:///c:\docs\mydoc.txt. That is, f:/// followed by the path to your text file. You

have to use a text file. No MS Word or Excel files. Instead of using the

Camera/Shy browser window, you can copy and paste the text in the little

window to the right that says "Content to put in gif". The amount of

information you can encrypt is dependent on the size of the image file.

Camera/Shy will tell you how much text you can encrypt. The bigger the

image file, the more text you can add.

Create a password and signature, in the fields with the asterisks, at the top of

Camera/Shy. This is the password and signature that others will enter to see

the text in the encrypted graphics file. Once again, what Camera/Shy calls a

signature is just a second password. It can be the same as the first password if

you want.

Next, you need to load a .gif image file that you will be encrypting. Click the

blue arrow up by the password fields that says "Load Image" when you move

the mouse over it. At this time, Camera/Shy supports only .gif image files.

Once you have your passwords set, the image file loaded and text to encrypt

(or a web page), click either the "Encrypt Text" button above the window

where you paste text, or click the "Encrypt current web page" button above the

Camera/Shy browser window - depending on where you loaded your

information from.

Finally, go back to the top of the program window and the click the blue arrow



that says "Unload and Save Image" when you move your mouse over it.

You will now have an image file with encrypted information that you can put

on a web page or email someone.

6.3 Data Stash

Data Stash is an award-winning clever tiny steganography tool that allows

one to hide sensitive data files within other files. Select a large bitmap or database file

(or any file you`d like to use) as a receptacle, then add the data files you`d like to hide,

via an easy drag and drop mechanism. The receptacle file remains fully functional.

Password protection is also provided, using Blowfish encryption. This is useful if you

wish to keep out certain files from prying eyes, under the guise of a normal file. For

example you can hide sensitive document files into a bitmap file, and retrieve them

later. Opening the bitmap file would only show the image of the bitmap, and not the

files that are stored in it. You can hide files into .exe, .com, .mpg, and so on.

Figure 6.3: Data Stash

To hide the images in a video file select the video file in which the data is to

be hidden and then select the images that are to be hidden.



Figure 6.4: hidding images in video file

Figure 6.5: Resultant video file



Resultant video file is completely indistinguishable from original file.

6.4 Fort Knox

Fort Knox is security software that enables you to encrypt files, encrypt data,

scan and tweak PC settings, secure folders, split data, transmit data and provide users

with a number of other useful security tools.

Fort Knox is a universal Windows 95, 98, Me, XP, NT, 2000, 2003

shareware program that's intuitively easy to use and combines well known

unbreakable algorithms such as MD5, Blowfish, CryptAPI and techniques such as

steganography (digital watermarking) to fulfill many possible user securities and

profile building needs.

Key features of Fort Knox includes

Hidden activity viewing and cleaning (including index.dat files).

Passwords protect, lock, hide and secure files, folders, drives, documents,

directories.

Unique password files for all passwords.

Logon password masking.

Instantly lock multiple gigabyte sized folders in multiple drives.

Instantly lock folders and all sub-folders and files.

Encrypt files with the unbreakable, military grade CryptoAPI algorithm.

Encrypt files with the unbreakable, military grade BLOWFISH algorithm.

Encrypt and hide ANY file in ANY other file type (STEGANOGRAPHY).

Hide messages in image files (STEGANOGRAPHY)

Option to put files & folders in a drive and then LOCK THE WHOLE DRIVE.



Uses unbreakable MD5 (RSA Message Digest Algorithm) to encrypt your

password.

Free unbreakable MD5 (RSA Message Digest Algorithm) message

authentication utility to digitally sign (fingerprint) your message with a public

and private key.

Create unbreakable, military grade BLOWFISH / CryptoAPI encrypted files for

stealth email.

Create unbreakable, military grade encrypted files containing passwords or bank

details.

File Splitting utility included to split messages or files by line or by binary parts.

Store encrypted files on removeable media such as CDs.

Instantly lock unlimited gigabytes of data and all file types, including image,

video & music.

Lock program executables - prevent others using whole programs.

Restrict access to Windows functions - multiple Windows security tweaks.

Scan Index.dat files to build up a profile of user activity.

Includes File Splitter.

First with BMPs that are not 24 bits, take a small image and transformed it in

BMP format with 24 bits for each pixel (16 millions of colors), 8 bits (256 colors), 4

bits (16 colors), or 1 bit (2 colors). Then hid some text in it (the demo text followed by a

bunch of "a"), close to the maximum capacity. Here are the results. Nothing is

enhanced. These are the results you will see inside any image viewer:



Figure 6.6: The Comparision

Actually, it looks like Fort Knox does not care about the internal format of the

image. It treats every BMP like if it was 24 bits BMP. And of course, it screws up the

images which are not 24 bits, because the pixel data is not stored the same way. The

"Least Significant Bits" that Fort Knox modifies become very significant when you

don't use 24 bits. Because the header size of X bits BMP is constant, you can still see an

image, although totally scrambled (in a sort of regular way because my hidden text was

constant after the demo text, a lot of "a"). It's just plain chance.

6.5 MP3Stego

When looking at the steganographic tools available, it occurred that nothing

great had been done to hide information in MP3 files, that is sound tracks compressed

using the MPEG Audio Layer III format. There is a growing interest world-wide in

MP3 or indeed WMA files because they offer near-CD quality at compression ratio of

11 to 1 (128 kilobits per second). This gives a very good opportunity for information

hiding.



MP3Stego will hide information in MP3 files during the compression process.

The data is first compressed, encrypted and then hidden in the MP3 bit stream.

Although MP3Stego has been written with steganographic applications in mind it might

be used as a copyright marking system for MP3 files (weak but still much better than

the MPEG copyright flag defined by the standard). Any opponent can uncompress the

bit stream and recompress it; this will delete the hidden information – actually this is the

only attack known yet – but at the expense of severe quality loss.

The hiding process takes place at the heart of the Layer III encoding process

namely in the inner_loop. The inner loop quantizes the input data and increases the

quantiser step size until the quantized data can be coded with the available number of

bits. Another loop checks that the distortions introduced by the quantization do not

exceed the threshold defined by the psycho acoustic model. The part2_3_length

variable contains the number of main_data bits used for scalefactors and Huffman code

data in the MP3 bit stream. The bits are encoded as its parity by changing the end loop

condition of the inner loop. Only randomly chosen part2_3_length values are modified;

the selection is done using a pseudo random bit generator based on SHA-1.

6.6 Stegdetect

An automated tool for detecting steganographic content in images is known as

Stegdetect. It is capable of detecting several different steganographic methods that

embed hidden information in JPEG images. Currently, the detectable schemes are

jsteg,

jphide (unix and windows),

invisible secrets,

outguess 01.3b,



F5 (header analysis),

appendX and camouflage.

Stegbreak is used to launch dictionary attacks against JSteg-Shell, JPHide and

OutGuess 0.13b.

Stegdetect supports linear discriminant analysis. Given a set of normal images

and a set of images that contain hidden content by a new steganographic application,

Stegdetect can automatically determine a linear detection function that can be applied to

yet unclassified images.

Linear discriminant analysis computes a dividing hyperplane that separates the

no-stego images from the stego images. The hyperplane is characterized as a linear

function. The learned function can be saved for later use on new images.

Stegdetect supports several different feature vectors and automatically

computes receiver operating characteristic which can be used to evaluate the quality of

the automatically learned detection function.

Figure 6.7: Stegdetect



6.7 S-Tool

The main problem with S-Tool is that it requires that both sender and receiver

have a shared passphrase. The Question arises that how you share a passphrase and at

the same time have different ones. Let’s say I send a picture to a friend of mine and the

file name is Back Yard.gif. By previous agreement, my friend and I have agreed that the

passphrase for any picture will be the name of the picture except the “.” will be spelled

out. So the passphrase for this hidden file will be “Back Yarddotgif” Really it’s quite

simple yet unless you know the rules, you’ll never get the passphrase. [9]

To start S-Tools, all you have to do is click on the S-tools.exe. That will bring

up this window:

Figure 6.8: S-tool Welcome Screen

Click the “Continue” button. Now open up Notepad and write the message to be

hidden. Let the following message is to be sent:



“This message was hidden using S-Tools.”

Save the message as “I HID IT.txt”.

Now copy a BMP file of your choosing into the same S-Tools folder. I’ve chosen a

nice “Pecan Pie.bmp” for this example.

Now go back to the S-Tools window that you have open and drag the BMP file into

the open window:

Figure 6.9: Cover Image

Now drag the “I HID IT.txt” over the top of the BMP image. The next window

that you see will be asking you to enter the passphrase and to select your encryption

algorithm. Let’s leave the algorithm as the default “IDEA” and let’s put our passphrase



in, remember we said we were going to use the name of the picture so, let’s enter

“Pecan Piedotbmp” in the passphrase line and also in the Verify Passphrase line. If you

typed correctly you’ll now see a second picture of the Pecan Pie only this time it will

have Hidden Data in the top blue bar.

Figure 6.10: Hiding Information

Now let’s right click that new “hidden data” picture and then Save As and name

it “Pecan Pie Plus.bmp”



Figure 6.11: The Comparison of Original and Modified Image

Now close out of everything and re-open S-Tools.exe. Next, drag the “Pecan

Pie Plus.bmp” file onto the S-Tools window. Put your mouse over the picture and

right-click. Select the option “Reveal” and you will see the same window you saw

before requesting the passphrase. Type in your passphrase, (Pecan Piedotbmp) and

click OK. What you will see next is a pop-up window that says:

Figure 6.12: Extracting Information



Right-click the txt file to highlight it and then select Save As and give it a name like “I

HID IT Revealed.txt”

So now let’s close S-Tools and then open up the “I HID IT Revealed.txt” with

Notepad. You’ll notice that it’s the same file that you hid in the original picture.

Figure 6.13: The Hidden Message

So delete the original “Pecan Pie.bmp” file, rename the Pecan Pie Plus.bmp to be Pecan

Pie.bmp and send it to a friend and see if they can decrypt your secret message with S-

tools.



Chapter 7 - Conclusion & Future Enhancements

7.1 Conclusion

LSB method is fast and easy to implement but it is less secure method.

LSB has potential to hide large files if cover is sufficient large.

DCT hides data more securely but capacity to hide is reduced than LSB.

It is always better to encrypt data using any of the crypto algorithm like

DES or RSA which uses keys.

7.2 Future Enhancements

There is a growing importance of steganography in intelligence work, as it is

viewed as a serious threat to some governments. Most researchers believe that

steganography’s niche in security is to supplement cryptography, not replace it.

This software uses only BMP as a file to be used as cover. But BMP files are

large file to be transmitted over network. So gif, jpeg, tiff, png and other

formats should be supported.

Steganography can be implemented using wavelet based transformations. And

using redundant pattern encoding which we haven’t implemented. These

methods are better than LSB.

Private key and public key algorithm should be incorporated with stego

Software like RSA to provide added security.

Steganography software should be able to hide any kind of file rather than only

text file. It should provide image hiding in image too.

7.3 Cryptography

It is the technique that converts the original data in to unreadable format.



It is also used for the security purpose.

If we combine both Steganography & cryptography that provides better

security.

First of all convert a message in to unreadable format by using encryption

Hide message inside the image file using Steganography, and send it to a

destination

At the receiver side extract that hidden data using decryption process …and

get original data.

Now if someone want to get the hidden message inside the image file he can

not get it.

7.4 Steganography versus Cryptography

As mentioned above, cryptography is often used in situations where the

existence of the message is clear, but the meaning of the message is

obscured. In particular, the sender transforms the message into a form that

(hopefully) only the intended recipient of the message can decrypt and read.

Steganography is often used in situations where the actual existence of the message

needs to be obscured.



Chapter 8 – An Intro to MATLAB

8.1 Introduction

MATLAB is a high-level language and interactive environment that enables

you to perform computationally intensive tasks faster than with traditional

programming languages such as C, C++, and Fortran.

One can use MATLAB in a wide range of applications, including signal and

image processing, communications, control design, test and measurement, financial

modeling and analysis, and computational biology. Add-on toolboxes (collections of

special-purpose MATLAB functions, available separately) extend the MATLAB

environment to solve particular classes of problems in these application areas.

Key features of MATLAB includes;

High-level language for technical computing

Development environment for managing code, files, and data

Interactive tools for iterative exploration, design, and problem solving

Mathematical functions for linear algebra, statistics, Fourier analysis, filtering,

optimization, and numerical integration

2-D and 3-D graphics functions for visualizing data

Tools for building custom graphical user interfaces

Functions for integrating MATLAB based algorithms with external

applications and languages, such as C, C++, Fortran, Java, COM, and

Microsoft Excel



8.2 The MATLAB Environment

The MATLAB application is built around the MATLAB language. The

simplest way to execute MATLAB code is to type it in the Command Window, which

is one of the elements of the MATLAB Desktop. When code is entered in the

Command Window, MATLAB can be used as an interactive mathematical shell.

Sequences of commands can be saved in a text file, typically using the MATLAB

Editor, as a script or encapsulated into a function, extending the commands available.

MATLAB Variables

Variables are defined with the assignment operator, =. MATLAB is a weakly

dynamically typed programming language. It is a weakly typed language because

types are implicitly converted. It is a dynamically typed language because variables

can be assigned without declaring their type, except if they are to be treated as

symbolic objects, and that their type can change. Values can come from constants,

from computation involving values of other variables, or from the output of a

function. For example:

>> m = 18

m =

18

>> m = 'cat'

m =

cat

>> n = m + 0

n =

99 97 116



>> x = [4*3, pi/2]

x =

12.0000 1.5708

>> n = 2*sin(m)

n =

-1.0731 2.0000

Vector & Matrices in MATLAB

As suggested by its name (a contraction of "Matrix Laboratory"), MATLAB

provides can create and manipulate arrays of 1 (vectors), 2 (matrices), or more

dimensions. In the MATLAB vernacular, a vector refers to a one dimensional (1×N or

N×1) matrix, commonly referred to as an array in other programming languages. A

matrix generally refers to a 2-dimensional array, i.e. an m×n array where m and n are

greater than 1. Arrays with more than two dimensions are referred to as

multidimensional arrays. Arrays are a fundamental type and many standard functions

natively support array operations allowing work on arrays without explicit loops.

Therefore the MATLAB language is also an example of array programming language.

A simple array is defined using the syntax: initial: increment: terminator. For

instance:

>> array = 1:2:9

array =

1 3 5 7 9

defines a variable named array (or assigns a new value to an existing variable with the

name array) which is an array consisting of the values 1, 3, 5, 7, and 9. That is, the

array starts at 1 (the init value), increments with each step from the previous value by



2 (the increment value), and stops once it reaches (or to avoid exceeding) 9 (the

terminator value).

>> array= 1:2:20

array =

1 3 5 7 9 11 13 15 17 19

the increment value can actually be left out of this syntax (along with one of the

colons), to use a default value of 1.

>> ari = 1:5

ari =

1 2 3 4 5

assigns to the variable named ari an array with the values 1, 2, 3, 4, and 5, since the

default value of 1 is used as the incrementer.

Indexing is one-based, which is the usual convention for matrices in

mathematics, although not for some programming languages.

Matrices can be defined by separating the elements of a row with blank space

or comma and using a semicolon to terminate each row. The list of elements should be

surrounded by square brackets: []. Parentheses: () are used to access elements and

subarrays (they are also used to denote a function argument list).

>> A = [16 3 2 13; 5 10 11 8; 9 6 7 12; 4 15 14 1]

A =

16 3 2 13

5 10 11 8



9 6 7 12

4 15 14 1

>> A(2,3)

ans =

11

Sets of indices can be specified by expressions such as "2:4", which evaluates

to [2, 3, 4]. For example, a submatrix taken from rows 2 through 4 and columns 3

through 4 can be written as:

>> A(2:4,3:4)

ans =

11 8

7 12

14 1

A square identity matrix of size n can be generated using the function eye, and

matrices of any size with zeros or ones can be generated with the functions zeros and

ones, respectively.

>> eye(3)

ans =

1 0 0

0 1 0

0 0 1

>> zeros(2,3)

ans =



0 0 0

0 0 0

>> ones(2,3)

ans =

1 1 1

1 1 1

Most MATLAB functions can accept matrices and will apply themselves to

each element. For example, mod (2*J,n) will multiply every element in "J" by 2, and

then reduce each element modulo "n". MATLAB does include standard "for" and

"while" loops, but (as in other similar applications such as R), using the vectorized

notation often produces code that is faster to execute. This code, excerpted from the

function magic.m, creates a magic square M for odd values of n (MATLAB function

meshgrid is used here to generate square matrices I and J containing 1:n).

[J,I] = meshgrid(1:n);

A = mod(I+J-(n+3)/2,n);

B = mod(I+2*J-2,n);

M = n*A + B + 1;

Purpose of Semicolon in MATLAB

Unlike many other languages, where the semicolon is used to terminate

commands, in MATLAB the semicolon serves to suppress the output of the line that it

concludes.

Plots and Graphs

Function plot can be used to produce a graph from two vectors x and y. The

code:

x = 0:pi/100:2*pi;



y = sin(x);

plot(x,y)

produces the following sine wave

Figure 8.1: Sine Wave

Three-dimensional graphics can be produced using the functions surf, plot3 or mesh.

[X,Y] = meshgrid(-10:0.25:10,-10:0.25:10);

f = sinc(sqrt((X/pi).^2+(Y/pi).^2));

mesh(X,Y,f);

axis([-10 10 -10 10 -0.3 1])

xlabel('{\bfx}')

ylabel('{\bfy}')

zlabel('{\bfsinc} ({\bfR})')

hidden off

This code produces a wireframe 3D plot of the two-dimensional unnormalized sinc

function:



Figure 8.2: Wireframe 3D plot of Sinc Function

[X,Y] = meshgrid(-10:0.25:10,-10:0.25:10);

f = sinc(sqrt((X/pi).^2+(Y/pi).^2));

surf(X,Y,f);

axis([-10 10 -10 10 -0.3 1])

xlabel('{\bfx}')

ylabel('{\bfy}')

zlabel('{\bfsinc} ({\bfR})')



This code produces a surface 3D plot of the two-dimensional unnormalized sinc

function:

Figure 8.3: Surface 3D plot of Sinc Function

Structures

MATLAB supports structure data types. Since all variables in MATLAB are

arrays, a more adequate name is "structure array", where each element of the array has

the same field names. In addition, MATLAB supports dynamic field names (field look-

ups by name, field manipulations etc). Unfortunately, MATLAB JIT does not support

MATLAB structures, therefore just a simple bundling of various variables into a

structure will come at a cost.



Function handles

MATLAB supports elements of lambda-calculus by introducing function

handles, or function references, which are implemented either in .m files or

anonymous/nested functions.

Secondary programming

MATLAB also carries secondary programming which incorporates the

MATLAB standard code into a more user friendly way to represent a function or

system.

Classes

MATLAB supports classes, however the syntax and calling conventions are

significantly different than in other languages. MATLAB supports value classes and

reference classes, depending if the class has handle as super-class (for reference classes)

or not (for value classes).

Depending if a class is declared as value or reference, method call behavior is

different. For example, a call to a method

object.method();

can alter any variables of object variable only for reference classes.

8.3 Object-oriented programming

MATLAB's support for object-oriented programming includes classes,

inheritance, virtual dispatch, packages, pass-by-value semantics, and pass-by-reference

semantics.[10]



classdef hello

methods

function doit(this)

disp('Hello!')

end

end

end

When put into a file named hello.m, this can be executed with the following commands:

>> x = hello;

>> x.doit;

Hello!

8.4 Interfacing with other languages

MATLAB can call functions and subroutines written in the C programming

language or Fortran. A wrapper function is created allowing MATLAB data types to be

passed and returned. The dynamically loadable object files created by compiling such

functions are termed "MEX-files" (for MATLAB executable).

Libraries written in Java, ActiveX or .NET can be directly called from

MATLAB and many MATLAB libraries (for example XML or SQL support) are

implemented as wrappers around Java or ActiveX libraries. Calling MATLAB from

Java is more complicated, but can be done with MATLAB extension, which is sold

separately by MathWorks, or using an undocumented mechanism called JMI (Java-to-

Matlab Interface), which should not be confused with the unrelated Java Metadata

Interface that is also called JMI.



As alternatives to the MuPAD based Symbolic Math Toolbox available from

MathWorks, MATLAB can be connected to Maple or Mathematica.



References

[1] Andreas Westfeld and Andreas Pfitzmann “Attacks on Steganographic

Systems”, December 3, 2009

[2] Andreas Pfitzmann, (edited by) G. Goos, J. Harmanis and J. van Leeuwen

(2000), Information Hiding, (Germany, Springer-Verlag)

[3] Neil F. Johnson. Steganography. Technical Report. November 1995

[4] Stefan Katzenbeisser, Fabien Petitcolas (editors) (2000), Information Hiding

techniques for steganography and digital watermarking, (USA, Artech House

Inc)

[5] Justin Romberg, Steganography Detection in Images, http://www.clear.rice.edu

(Last visited May 2011)

[6] Andreas Pfitzmann (Ed.), “Information Hiding”, Third International Workshop,

IH’99 Dresden, Germany, September/October, 1999

[7] C. Kurak and J. McHugh, “A Cautionary Note On Computer Image

Downgrading,” Proc. IEEE Eighth Ann. Computer Security Applications Conf.,

IEEE Press, Piscataway, N.J., 1992, pp. 153-159.

[8] I.J. Cox et al., “Secure Spread Spectrum Watermarking for Multimedia,” Tech.

Report 95-10, NEC Research Inst., Princeton, N.J., 1995.

[9] A. Brown, S-Tools for Windows, 1994,

ftp://idea.sec. dsi.unimi.it/pub/security/crypt/code/s-tools3.zip

Bibliography

[1] Johnson, Neil; Duric, Zoran; Jajodia, Sushil (2001). Information hiding:

steganography and watermarking: attacks and countermeasures. Springer.

ISBN 978-0-7923-7204-2

[2] Petitcolas, Fabian A.P.; Katzenbeisser, Stefan (2000). Information Hiding

Techniques for Steganography and Digital Watermarking. Artech House

Publishers. ISBN 1-58053-035-4

[3] Wayner, Peter (2009). Disappearing cryptography 3rd Edition: information hiding:

steganography & watermarking. Amsterdam: MK/Morgan Kaufmann Publishers.

ISBN 978-0123744791

[4] Wayner, Peter (2002). Disappearing cryptography: information hiding:

steganography & watermarking. Amsterdam: MK/Morgan Kaufmann Publishers.

ISBN 1-55860-769-2

Copy Increasing Network Security Using Steganography

Documents