King Saud University College of Computer and Information Sciences Information Technology Department Designed by: Amal Al-Subaih Anfal Al-Awajy Eman Al-Rayes Hanan Al-Hindi Kholoud Al-Roumi Norah Al-Khaldi Safa'a Al-Bassam Supervised By: Prof. Mona Mursi Graduation Project (Cap 496) First semester 1430 – 2009 Group#23 Image Authentication and Steganalysis System
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
King Saud University
College of Computer and Information Sciences Information Technology Department
Designed by:
Amal Al-Subaih Anfal Al-Awajy Eman Al-Rayes Hanan Al-Hindi
Kholoud Al-Roumi Norah Al-Khaldi Safa'a Al-Bassam
Supervised By: Prof. Mona Mursi
Graduation Project (Cap 496) First semester 1430 – 2009
Group#23
Image Authentication and Steganalysis System
ii
Abstract
This project addresses the ever-increasing problem of image tampering. The tampering
addressed could take on two forms: steganography and simple image alterations. Hence the
project has a two-fold objective: steganalysis and image authentication. In the first part of the
project, we deal with the steganalysis of Least Significant Bit (LSB) embedding for hiding
messages in digital images in the BMP format. A steganalysis technique is implemented that
enables us to reliably detect the presence of binary message randomly spread in a digital image.
The method is based on close color pair analysis. The results obtained were quite satisfactory in
terms of FAR and FDR.
In the second part of the project we deal with the issue of detection of image tampering
i.e. image authentication. Two approaches are adopted for image authentication. The first
approach deals with the authentication of BMP images. The method used for that is by deriving
and embedding a digital signature in the image. A second approach that deals with the
authentication of JPEG images is also implemented. A data embedding method is proposed for
image authentication based on table look-up in the frequency domain. A watermark is embedded
invisibly in the marked image which can be stored in the compressed form. The scheme can
detect malicious alteration of the original image while being tolerant to incidental image
alterations. In addition, a technique for self-embedding an image into itself as a means for
protecting the image content, was also implemented. The original image and extracted embedded
image are visibly compared by a human observer for possible differences. The results obtain are
quite successful and the method proved to be very efficient.
The proposed methodologies are characterized as blind fragile and semi-fragile
authentication techniques respectively, since they do not rely on the original image to decide
whether the image has been altered or not.
iii
الرحيم الرمحن ا بسم
..الكرم واسع.. العطاء جزيل.. الفضل عظيم احلمد
..العمل هذا بإمتام علينا من بأن وكرمه وفضله توفيقه على وأخريَا أوًال والشكر
..ورعاية سقايةً وتعاهداها البذرة هذه زرعا الذين احلبيبني والدي إىل
...وبركتهما حلبهما نتاجاً املشروع هذا أمثر حتى
...النور إىل املشروع هذا ظهر حتى سند خري لنا كانوا صاحل الذين/ حممد واألستاذ/ مالك واألستاذ/ خالد واألستاذ/د إىل
..ميل األلف درب يف خطواتي على يل عوناً كان محّاد الذي/ إىل إخوتنا وإىل األستاذ
يف لنا وإرشادها توجيهها حسن وعلى.. خطوة بعد خطوة املشروع هذا مراحل على وإشرافها معنا تعاوهنا على مرسي منى /د.أ نشكر كما
...مرحلة كل
..العني أبنائنا وأحبتنا قُرة وإىل
...إليه نصبو ما لتحقيق العزم وابتسامتهم براءهتم منحتنا الذين
...أحبائنا يا مجيعاً فإليكم
....الثمرة هذه هندي
iv
To the most Precious people to me Mum, Dad and Brothers
To the pure soul of my grandma who was looking forward to this date
3.1.1 BMP FORMAT .................................................................................................................................. 13 3.1.2 JPEG FORMAT ................................................................................................................................. 17
3.1.2.1 OVERVIEW OF THE JPEG BIT-STREAM .......................................................................... 18 3.1.2.2 DESCRIPTION ................................................................................................................. 18
3.2 JPEG COMPRESSION ..................................................................................................................................... 20 3.2.1 CONVERSION FROM RGB TO YCBCR .............................................................................................. 20 3.2.2 SUB-SAMPLING OF THE CHROMINANCE VALUES ................................................................................ 20 3.2.3 DISCRETE COSINE TRANSFORM ....................................................................................................... 22 3.2.4 QUANTIZATION ................................................................................................................................. 24 3.2.5 ZIG-ZAG ORDERING .......................................................................................................................... 25 3.2.6 LOSSLESS COMPRESSION................................................................................................................... 25
3.4 HASHING .............................................................................................................................................................. 32 3.4.1 MERKLE-DAMGARD SCHEME ........................................................................................................... 32 3.4.2 WHAT IS SHA-1 ................................................................................................................................ 32
3.3.2.1 SHA-1 ALGORITHM ........................................................................................................ 34 3.5 DIGITAL SIGNATURE ............................................................................................................................................. 37
3.5.1 SIGNING THE DIGEST ......................................................................................................................... 37 3.5.2 VERIFYING THE DIGITAL SIGNATURE ................................................................................................ 37
3.6 STEGANOGRAPHY USING LSB IN BMP IMAGES .................................................................................................. 38 3.5.1 24-BIT IMAGES .................................................................................................................................. 39 3.5.2 8-BIT IMAGES .................................................................................................................................... 40
4.5.1 STEGANALYSIS FOR BMP IMAGES WITHOUT AUTHENTICATION SCHEME ...................................... 54 4.5.2 DIGITAL IMAGE AUTHENTICATION SCHEMES .................................................................................. 56
4.5.2.1 DIGITAL SIGNATURE OF BMP IMAGE WITH SELF EMBEDDING ..................................... 56 4.5.2.2 A DATA EMBEDDING SCHEME FOR JPEG IMAGE AUTHENTICATION .......................... 60
5 IMPLEMENTATION ………………………………………………………………………………………………65 5.1 STEGANALYSIS FOR BMP IMAGES WITHOUT AUTHENTICATION SCHEME…………………………………………………………66
5.2.A BMP_WATERMARK ()…………………………………………………………………………………………………………78 5.2.B BMP_ AUTHENTICATION ()……………………………………………………………………………………………………87 5.2.C BASIC FUNCTIONS…………………………………………………………………………………………………………………96 5.2.D HIDE AN IMAGE INTO ANOTHER IMAGE…………………………………………………………………………………….99
5.3 DATA EMBEDDING SCHEME FOR JPEG GRAYSCALE IMAGE AUTHENTICATION……………………………………………….101 5.3. A JPEG _WATERMARK………………………………………………………………………………………………………………104 5.3. B JPEG _VERIFY ……………………………………………………………………………………………………………………..110 5.3. C MATLAB FUNCTION…………………………………………………………………………………………………………..……115 5.4 USED TOOLS …………………………………………………………………………………………………………………………………..117
6.1.1 PRELIMINARY INVESTIGATION:…………………………………………………………………………………………………..120 6.1.2 THRESHOLD SELECTION……………………………………………………………………………………………………………121 6.1.3 DIFFERENT STEGO IMAGES…………………………………………………………………………………………………..….…123 6.1.4 SOME EXAMPLES:……………………………………………………………………………………..…………………………..123 6.1.4.1 NON STEGO-IMAGE………………………………………………………………………………………………………….……123 6.1.2.2 STEGO-IMAGE……………………………………………………………………………………………………………………..125 6.1.3 THE FINAL TEST RESULTS………………………………………………..………………………………………………………….127
6.2.1 SIGN A BMP IMAGE:……………………………………………………………………………………………………………….128 6.2.2 VERIFY FROM UN-TAMPERED IMAGE…………………………………………………………………………………………….131 6.2.3 VERIFY FROM SLIGHTEST MODIFIED IMAGE…………………………………………………………………………..………..132 6.2.4 VERIFY FROM MALICIOUSLY TAMPERED IMAGE………………………………………………………………………………..136 6.2.5 HIDE AN IMAGE INTO ANOTHER IMAGE……………………………………………………………………………………….140 6.2.6 FINAL TEST RESULT……………………………………………………………………………………………………..………..150
6.3.1 SIGN A JPEG IMAGE:…………………………………………………………………………………………………………….152 6.3.2 VERIFY AFTER UN-TAMPERED IMAGE……………………………………………………………………………………..….154 6.3.3 VERIFY AFTER TAMPERED IMAGE: ……………………………………………………………………………………….…..155 6.3.4 VERIFY AFTER COMPRESSED(25%) IMAGE: …………………………………………………………………………….…..157 6.3.5 VERIFY AFTER COMPRESSED(50%) IMAGE:…………………………………………………………………………….……158 6.3.6 VERIFY AFTER COMPRESSED(80%) IMAGE:………………………………………………………………………………….159 6.3.7 VERIFY AFTER UN-SIGNED IMAGE:…………………………………………………………………………………………....161 6.3.8 THE FINAL TEST RESULT………………………………………………………………………………………..................163
List OF FIGURES FIGURE [1.1]: STEGANOGRAPHY TERMS ........................................................................................................................... 2 FIGURE [3.1]: BMP FORMAT ......................................................................................................................................... 13 FIGURE [3.2]: JPEG BITSTREAM ................................................................................................................................... 18 FIGURE [3.3]: SUB-SAMPLED IMAGE. ............................................................................................................................. 21 FIGURE [3.4]: YCBCR CHANNELS .................................................................................................................................. 21 FIGURE [3.5]: DC AND AC COMPONENTS. ...................................................................................................................... 23 FIGURE [3.6]: FREQUENCY DOMAIN. .............................................................................................................................. 25 FIGURE [3.7]: ZIG-ZAG ORDERING. ................................................................................................................................ 25 FIGURE [3.8]: OVERVIEW OF JPEG. .............................................................................................................................. 28 FIGURE [3.9]: MERKLE-DAMGARD SCHEME. ................................................................................................................. 32 FIGURE [3.10]: SHA-1. ................................................................................................................................................... 33 FIGURE [3.11]: DIGITAL SIGNATURE. ............................................................................................................................. 37 FIGURE [3.12]: LSB IN BMP IMAGE .............................................................................................................................. 38
FIGURE [4.1]: CLOSE COLOUR PAIR BETWEEN TWO PIXELS. .......................................................................................... 54 FIGURE [4.2]: UNIQUE COLOURS BETWEEB TWO PIXELS ................................................................................................ 55 FIGURE [4.3]: HASH VALUE OF TWO IMAGES .................................................................................................................. 57 FIGURE [4.4: COMPRESSED IMAGE ................................................................................................................................. 58 FIGURE [4.5]: SELF EMBEDDING IMAGE. ........................................................................................................................ 59 FIGURE [4.6]: PHANTOM IMAGE'S DIGITAL SIGNATURE IN ORIGINAL IMAGE ................................................................. 59
FIGURE [5.1]: VARIATION OF THE RELATIVE VALUES OF UNIQUE COLOR WITH CLOSE COLOR PAIR FOR BOTH SIMPLE. AND COMPLEX IMAGES ................................................................................................................................................... 68 FIGURE [5.2]: FLOWCHART OF STEGANALYSIS FOR BMP IMAGES SCHEME ................................................................ 71 FIGURE [5.3]: FLOWCHART OF CALCULATE THRESHOLD FUNCTION ............................................................................ 75 FIGURE [5.4]: A DIAGRAM SHOWING HOW AN RSA DIGITAL SIGNATURE IS APPLIED AND THEN VERIFIED. ................. 77 FIGURE [5.5]: A DIAGRAM OF BMP_WATERMARK FUNCTION ..................................................................................... 78 FIGURE [5.6]: CHANGE THE 2 LSBS OF THE BLUE COMPONENT TO ZEROS. .................................................................. 80 FIGURE [5.7]: BLOCK DIAGRAM OF SELF EMBEDDING FUNCTION .................................................................................. 82 FIGURE [5.8]: APPEND A DELIMITER, THEN A TAIL TO THE IMAGE................................................................................ 85 FIGURE [5.9]: CHANGE THE 2 LSBS OF THE BLUE COMPONENT TO HOLD THE DATA OF M AND N. ............................... 86 FIGURE [5.10]: BLOCK DIAGRAM OF BMP_ AUTHENTICATION FUNCTION ................................................................... 88 FIGURE [5.11]: A DIAGRAM SHOWING HOW WE EXTRACTED OUR DATA FROM THE IMAGE. .......................................... 89 FIGURE [5.12]: A BLOCK DIAGRAM OF HIDING AN IMAGE INTO ANOTHER ONE .............................................................. 99 Figure [5.13]: A BLOCK DIAGRAM OF EXTRACTING AN IMAGE INTO ANOTHER ONE………………….……………………………………………...100 FIGURE [5.14]: BLOCK DIAGRAM OF DATA EMBEDDING SCHEME FOR JPEG GRAYSCALE IMAGE AUTHENTICATION. …………………………………………………………………………………………………………………………..103 FIGURE [5.15]: BLOCK DIAGRAM OF JPEG _WATERMARK FUNCTION ....................................................................... 105 FIGURE [5.16]: EMBEDDING ONE BIT OF IMAGE FEATURE ........................................................................................... 108 FIGURE [5.17]: BLOCK DIAGRAM OF JPEG _VERIFY FUNCTION ................................................................................. 112 FIGURE [5.18]: QUANTIZED DCT BLOCK AT VERIFY SIDE ......................................................................................... 113 FIGURE [6.1]: OPEN CLEAN IMAGE ............................................................................................................................... 124 FIGURE[6.2]: CHECK THE LOAD IMAGE ....................................................................................................................... 124 FIGURE[6.3]: THE RESULT MESSAGE ............................................................................................................................ 125 FIGURE [6.4]: OPEN STEGO IMAGE .............................................................................................................................. 126
viii
FIGURE[6.5]: CHECK THE LOAD IMAGE ....................................................................................................................... 126 FIGURE[6.6]: THE RESULT MESSAGE ........................................................................................................................... 127 FIGURE[6.7]: LOAD BMP IMAGE FOR WATERMARKING ............................................................................................. 128 FIGURE[6.8]: WATERMARKED IMAGE .......................................................................................................................... 129 FIGURE [6.9]: SAVE WATERMARKED IMAGE ................................................................................................................ 129 FIGURE [6.10]: THE IMAGE AND THE WATERMARKED VERSION OF IT. ....................................................................... 130 FIGURE [6.11]: LOAD WATERMARKED IMAGE. ............................................................................................................ 131 FIGURE [6.12]: VERIFYING PROCESS. ........................................................................................................................... 132 FIGURE [6.13]: THE RESULT OF VERIFYING. ............................................................................................................... 132 FIGURE [6.14]: HEX EDITOR NEO. .............................................................................................................................. 133 FIGURE [6.15]: OPEN IMAGE FOR EDITING. ................................................................................................................ 133 FIGURE [6.16]: HEX EDITOR NEO INTERFACE. ............................................................................................................ 134 FIGURE [6.17]: EDIT IMAGE. ........................................................................................................................................ 134 FIGURE [6.18]: SAVE TAMPERED IMAGE. ..................................................................................................................... 135 FIGURE [6.19]: LOAD TAMPERED IMAGE. .................................................................................................................... 135 FIGURE [6.20]: RESULT OF VERIFYING TAMPERED IMAGE. ......................................................................................... 136 FIGURE [6.21]: PHANTOM OF TAMPERED IMAGE. ........................................................................................................ 136 FIGURE [6.22]: LOAD IMAGE. ...................................................................................................................................... 137 FIGURE [6.23]: SIGN IMAGE. ........................................................................................................................................ 137 FIGURE [6.24]: SAVE WATERMARKED IMAGE. ............................................................................................................. 138 FIGURE [6.25]: OPEN WATERMARKED TAMPERED IMAGE. .......................................................................................... 139 FIGURE [6.26]: VERIFYING PROCESS FOR WATERMARKED TAMPERED IMAGE. ........................................................... 139 FIGURE [6.27]: RESULT OF VERIFYING TAMPERED IMAGE ......................................................................................... 140 FIGURE [6.28]: TEST EMBEDDING PROCESS BUTTON ................................................................................................... 141 FIGURE [6.29]: TEST EMBEDDING PROCESS INTERFACE .............................................................................................. 141 FIGURE [6.30]: LOAD FIRST IMAGE .............................................................................................................................. 142 FIGURE [6.31]: LOAD TEST PHANTOM IMAGE ............................................................................................................... 143 FIGURE [6.32]: THE IMAGE AND TEST PHANTOM THAT WILL BE EMBEDDED ................................................................ 144 FIGURE [6.33]: EMBEDDING PROCESS ......................................................................................................................... 144 FIGURE [6.34]: SAVE THE STEGO IMAGE ...................................................................................................................... 145 FIGURE [6.35]: THE DIRECTORY THAT CONTAIN IMAGE AND TEST PHANTOM IMAGE .................................................. 145 FIGURE [6.36]: TEST PHANTOM IMAGE ........................................................................................................................ 146 FIGURE [6.37]: DELETE TEST PHANTOM IMAGE ........................................................................................................... 146 FIGURE [6.38]: THE DIRECTORY WHICH WAS CONTAINING THAT TEST PHANTOM IMAGE ........................................... 147 FIGURE [6.39]: LOAD THE STEGO IMAGE...................................................................................................................... 147 FIGURE [6.40]: EXTRACT THE TEST PHANTOM IMAGE FROM STEGO IMAGE ................................................................ 148 FIGURE [6.41]: THE EXTRACTED TEST PHANTOM IMAGE ............................................................................................ 149 FIGURE [6.42]: ANOTHER TEST PHANTOM IMAGE SHOWING BETTER RESOLUTION ..................................................... 149 FIGURE [6.43]: A) LOAD SIMPLE IMAGE – B) LOAD COMPLEX IMAGE ......................................................................... 152 FIGURE [6.44]: A) SIGN SIMPLE IMAGE – B) SIGN COMPLEX IMAGE ............................................................................. 153 FIGURE [6.45]: A) SAVE SIGNED SIMPLE IMAGE– B) SAVE SIGNED COMPLEX IMAGE ................................................... 153 FIGURE [6.46]:A) THE SIMPLE IMAGE AND ITS AUTHENTICATED VERSION -B) THE COMPLEX IMAGE AND ITS AUTHENTICATED VERSION…... ..................................................................................................................................... 154 FIGURE [6.47]: A) OPEN AUTHENTICATED VERSION OF SIMPLE IMAGE -B) OPEN AUTHENTICATED VERSION OF COMPLEX …........................... ....................................................................................................................................... 154 FIGURE [6.48]: A) THE AUTHENTICATED SIMPLE IMAGE. - B) THE AUTHENTICATED COMPLEX IMAGE ..................... 155 FIGURE [6.49]: VERIFYING RESULT .............................................................................................................................. 155 FIGURE [6.50]: A) LOAD TAMPERED SIMPLE IMAGE. – B) LOAD TAMPERED COMPLEX IMAGE ................................. 156 FIGURE [6.51]: A) VERIFY TAMPERED SIMPLE IMAGE – B) VERIFY TAMPERED COMPLEX IMAGE ............................. 156 FIGURE [6.52]: VERIFYING RESULT .............................................................................................................................. 156
ix
FIGURE [6.53]: A) LOAD 50% COMPRESSED SIMPLE IMAGE – B) LOAD 50%COMPRESSED COMPLEX IMAGE ....... 158 FIGURE [6.54]: A) VERIFY COMPRESSED SIMPLE IMAGE – B) VERIFY COMPRESSED COMPLEX IMAGE .......... 159 FIGURE [6.55]: VERIFYING RESULT .......................................................................................................................... 159 FIGURE [6.56]: A) LOAD 80% COMPRESSED SIMPLE IMAGE – B) LOAD 80% COMPRESSED COMPLEX IMAGE ... 160 FIGURE [6.57]: A) VERIFY COMPRESSED SIMPLE IMAGE – B) VERIFY COMPRESSED COMPLEX IMAGE ............ 160 FIGURE [6.58]: VERIFYING RESULT AND PHANTOM IMAGE ....................................................................................... 161 FIGURE [6.59]: LOAD UNSIGNED IMAGE ................................................................................................................... 161 FIGURE [6.60]: VERIFY UNSIGNED IMAGE ................................................................................................................ 162 FIGURE [6.61]: VERIFYING RESULT .......................................................................................................................... 162
TABLE 5.1. EXPERIMENTAL DATA TO SHOW THE VARIATION OF THE RELATIVE VALUES OF UNIQUE COLOR WITH PACKING
DENSITY ..................................................................................................................................................................... 67 TABLE 5.2 THE LOOK UP TABLE ................................................................................................................................... 106 TABLE 5.3: THE LOOK UP TABLE ................................................................................................................................. 108 TABLE 5.4: SPECIAL CASE TO AVOID NOISE ................................................................................................................. 111 TABLE 6.1: EXAMPLE OF IMAGE CATEGORIES ............................................................................................................ 120 TABLE 6.2: EXPERIMENTAL RESULTS SHOWING THE DIFFERNCE BETWEEN M VALUES FOR CLEAN IMAGE AND ITS STEGO ................................................................................................................................................................... 121 TABLE. 6.3 THE VALUES OF THRESHOLD USING IA & SS ALGORITHM FOR DIFFERENT COMPLEX IMAGES ................ 122 TABLE. 6.4 THE VALUES OF THRESHOLD USING IA & SS ALGORITHM FOR DIFFERENT SIMPLE IMAGES ................... 122 TABLE 6.5 FAR AND FDR FOR BOTH SIMPLE IMAGES AND ITS STEGO[WITH DIFFERENT PAYLOAD SIZE] .................. 123 TABLE 6.6: FINAL TEST RESULT FOR STEGANALYSIS. ................................................................................................ 127 TABLE 6.7: FINAL TEST RESULT FOR BMP AUTHENTICATION .................................................................................... 150 TABLE 6.8: FINAL TEST RESULT FOR TEST EMBEDDING CODE..................................................................................... 151 TABLE 6.9: FINAL TEST RESULT FOR JPEG AUTHENTICATION .................................................................................. 163
1
Introduction
Chapter 1
2
CHAPTER 1 Introduction
Steganography is a Greek word (steganos-graphie) that means “covered writing” and it is a
form of security through obscurity. In another way, it is the art of hiding information in an
innocuous cover. It is different than cryptography. Cryptography encodes data such that an
unintended recipient cannot determine its intended meaning. In contrast, steganography attempts
to prevent an unintended recipient from suspecting that the data is there. It aims to make the
carrier media reveals nothing, neither the embedding of a message nor the embedded message
itself.
The basic purpose from steganography is to make communication unintelligible to those
who do not have the right keys. The message can be hidden by embedding it inside of any digital
objects like images. The carrier object is called a cover medium. After embedding a secret
message into a cover image, the resultant image is called a stego-image (see figure[1]).
Figure[1.1]: Steganography terms
3
The common approaches for message hiding in images include least significant bit(LSB)
insertion methods, frequency domain techniques, spread spectrum. The change in the behavior of
the stego-image depends on the specific approach used for hiding information. As the stego-
image cannot be easily recognized by human eyes, steganalysis tools are required to detect the
existence of hidden messages.
Steganalysis is the technology that attempts to defeat Steganography by detecting the
hidden information and extracting or destroying it if possible. The goal of steganalysis is to
identify suspected information streams, determine whether or not they have hidden messages
encoded into them, and, if possible, recover the hidden information.
There are various methods of steganalysis depending on what information is available:
Stego-only attack: Only the stego-object is available for analysis.
Known cover attack: The stego-object as well as the original medium is available. The stego-
object is compared with the original cover object to detect any hidden information.
Known message attack: The hidden message and the corresponding stego-image are known.
The analysis of patterns that correspond to the hidden information could help decipher such
messages in future.
Known stego attack: The steganography algorithm is known and both the original and stego-
object are available.
Chosen stego attack: The steganography algorithm and stego-object are known.
Chosen message attack: The steganalyst generates a stego-object from some steganography
tool or algorithm of a chosen message. The goal in this attack is to determine patterns in the
stego-object that may point to the use of specific steganography tools or algorithms.
In this project, we propose to implement a stego-only attack in LSB insertion for uncompressed
BMP images. This type of attack is the most common one because usually it is hard or impossible to get
the original image or to know the stego key or algorithm. The detection theory of the proposed
4
steganalysis method is based on statistical analysis of pixel pairs using their RGB components. We
believe that our method is effective for messages that are randomly scattered in the image.
Another important part of this project deals with image authentication. Authentication is the act of
establishing or confirming something (or someone) as authentic, that is that claims made by or about the
thing are true. Authenticating an object may mean confirming its provenance, whereas authenticating a
person often consists of verifying their identity. Authenticating an Image is the act of establishing or
confirming the image as authentic which has been taken by a camera, or if it has been tampered with or
if it has been used as a cover for a secret communication.
This can be done by adding visible watermarking, invisible or digital watermarking, distributed
source coding or by applying digital signature techniques. The location of authentication data could be
external or internal. If this data is stored in a separate file, two files have to be managed and it is quite
easy to lose this external authentication data. So it is better solution to store it inside the image file for
easy storage and maintenance.
A modern image authentication algorithm should have the following properties:
Integrity: The algorithm should be able to detect malicious modifications of the image data.
Embedding: The embedding of the authentication data into the image allows file conversions.
Robustness: The embedded data should be robust to non-malicious alterations of the image.
Visibility: The embedding induced image modification should not be visible to a human being.
Image dependence: The authentication data should be image dependent to prevent tampering.
Blindness: The integrity verification algorithm should not require the original image file.
Verification: Public verification must be allowed. No third party should be needed.
Security & Updatability: The integrity of the image data should not have an expiration date.
Since the security of an encryption scheme cannot be guaranteed forever, it must be possible to
update the encryption scheme without degrading the quality of the image in the future.
5
An effective authentication scheme should have the following desirable features:
• To be able to determine whether an image has been altered or not.
• To be able to locate any alteration made on the image.
• To be able to integrate authentication data with host image rather than as a separate data file.
• The embedded authentication data be invisible under normal viewing conditions.
• To allow the watermarked image be stored in lossy-compression format.
In this project we present an authentication scheme by embedding a bit string (derived from the image)
in the frequency domain of an image via table look-up. This scheme can be applied to compressed
image using JPEG. The visible alteration made on the marked image can be detected.
A number of authentication techniques based on digital watermarks have been proposed in
the literature.
A digital watermark is a secret key dependent signal inserted into a digital image and which can
be later detected/ extracted in order to make an assertion about the image. A digital watermark can be:
Fragile: if it fails to be detected after the slightest modification. Fragile watermarks are
commonly used for tamper detection.
Semi-fragile: if it resist benign transformations but fails detection after malignant
transformations. Semi-fragile watermarks are commonly used to detect malignant transformations.
Robust: if it resists a designated class of transformations. Robust watermarks are commonly
used in copyright applications (to carry ownership or forensic information) and copy protection
applications (to carry copy and access control information).
In this report, chapter two covers the literature review. Chapter three covers the necessary
background for the project. Chapter four covers the system analysis and design of the project. Chapter
five covers the project’s implementation. Chapter six covers the system testing.
6
Literature Review
Chapter 2
7
CHAPTER 2 Literature Review
2.1 Image Steganalysis Methods:
We classify and review current stego-detection algorithms that can be used to trace popular
steganographic products. We recognize several qualitatively different approaches to practical
steganalysis.
Westfield and Pfitzamann's histogram analysis [1] and Fridrich's RS-steganalysis [2]
algorithms are well-known model-based methods that target LSB embedding. Westfield and
Pfitzamann's technique is based on analyzing the pair of values (PoVs) in the image histogram.
The presence of the embedded message is detection with a ChiSqure test [1] that evaluate the
(dis)similarity between consecutive histogram bins. The method is most effective for images
with high payload, i.e. when most or all pixels used for LSB embedding. In RS-steganalysis [2],
Fridrich classify each pixel into regular and singular groups and perform detection based on the
relative number of such groups. A pixel is classified into regular (singular) group if its clique
potential is more(less) than its LSB flipped version. Computation of the potential over different
cliques takes the spatial distribution of pixels into account and imposes a smoothness constraint.
As a result, the algorithm is especially accurate when images conform with the smoothness
assumptions.
8
Jena and Krishna [3] proposed a new detection algorithm, which is an improved algorithm
to the difference image histogram algorithm and performed tests on a group of raw lossless
images.
Johnson and Jajodia [3,4] present a careful analysis of fingerprints introduced by current
steganographic software packages. They point out that most techniques for palette images with a
small number of colors can be easily broken by analyzing the palette for close pairs of colors.
Pfitzman and Westfield [5] introduce a powerful Chi-square steganalytic technique that can
reliably detect images with secret messages that are embedded in consecutive pixels (such as in
Steganos, J-Steg, S-tools, or EZ Stego). However, their technique will not be effective for raw
high-color images and for messages that are randomly scatteredin the image [6] .
Fridrich et al.[7,8] introduced a powerful steganalytic method (RS steganalysis) for
detection of LSB embedding that utilizes sensitive dual statistics derived from spatial
correlations in images . In a typical cover-image, the LSB plane can be predicted to some degree
from the remaining 7 bit-planes. This prediction becomes less reliable as the LSB is randomized.
This can be captured mathematically and used for building a sensitive and accurate steganalytic
method.
Fridrich et al [9] developed a steganographic method for detection of LSB embedding in
24-bit color images (the Raw Quick Pairs –RQP method). The RQP method is based on
analyzing close pairs of colors created by LSB embedding. It works reasonably well as long as
the number of unique colors in the cover image is less than 30% of the number of pixels. The
RQP method can only provide a rough estimate of the size of the secret message. The results
become progressively unreliable once the number of unique colors exceeds about 50 percent of
the number of pixels. This frequently happens for high resolution raw scans and images taken
with digital cameras stored in an uncompressed format. Another disadvantage of the RQP
method is that it cannot be applied to grayscale images [10].
9
2.2 Image Authentication Methods:
The well known adage that “seeing is believing” is no longer true due to the availability of
powerful image manipulation software. This technical development has decreased the credibility
that photography used to achieve .Development of robust image authentication techniques
becomes an important issue. Two main methods have been suggested for achieving the
authenticity of digital images: having a digital camera sign the image using a digital signature
[13], or embedding a secret code in the image [15]. The first method uses an encrypted digital
“signature,” which is generated in the capturing devices. A digital signature is based on the
method of Public Key Encryption .A private key is used to encrypt a hashed version of the
image. This encrypted message is called the “signature” of the image, and it provides a way to
ensure that this signature cannot be forged. This signature then travels with the image. The
authentication process of this image needs an associated public key to decrypt the signature. The
image received for authentication is hashed and compared to the codes of the signature. If they
match, then the received image is authenticated. The second method embeds a “watermark” in an
image [14], [15], [16]. The fragile watermark will usually be destroyed after manipulation.
Authenticity is determined by examining the watermark extracted from the received image. Both
the above methods have clear drawbacks. Authenticity will not be preserved unless every pixel
of the images is unchanged. However, since lossy compression such as JPEG is often
acceptable—or even desired—in practical applications, an authentication method needs to be
able to distinguish lossy compression from malicious manipulations [17].
Another method, Hashing Scheme for Image Authentication"[11] it is a hashing scheme to
authenticate digital images. it is designed to be resilient for acceptable manipulations like JPEG
compression and low pass filtering, and at the same time is sensitive enough to detect malicious
manipulations .It uses a key dependent feature extraction to enforce security. Specifically, the
10
scheme divides an image into a number of non overlapping blocks. Pixels in each block are
permuted using a secret key. For each permuted block, a feature vector is formed by choosing the
LL-sub-band coefficients which are then quantized to form the hash of that block.
Chia-Hung , Hao-Kuan , Der-Chyuan , and David [12] proposed a new method for image
authentication by Combining Digital Signature and Watermarking. The proposed method not
only can resist Holliman-Memon attack, but also can accurately detect the tampered location of
an image. First, a watermark is created from a protected image by using an edge detection
technique. Second, the created watermark is divided into blocks and embedded into the 2-LSB
(top layer) of the protected image. Third, all block signatures are calculated and embedded into
the 1-LSB (low layer) of the protected image. At the low layer, the calculated signatures can
resist Holliman- Memon attack. At the top layer, the created watermark can accurately detect the
tampered location of an image.
Another method of authentication is where the authentication data is stored in a separate
file, two files have to be managed. For example, strict authentication algorithms are based on
These hash functions are sensitive to single bit changes. If even one bit of the input signal is
modified, the output of a classical hash function alters dramatically and hence no verification is
possible. Therefore, they are only suited for strict authentication. The hash value is usually stored
externally in a separate file. To allow signal processing operations, which preserve the content of
an image, non-strict authentication algorithms are required. One possibility is that, before the
hash is calculated, features of the image are extracted. These features must represent the image
content and be invariant to global content-preserving signal processing operations. Another often
used solution is the use of robust hash functions since it is quite easy to lose this external
authentication data; it is a better solution to store it inside the image file for easy storage and
maintenance. This can be done by adding authentication data as metadata to the image file or by
embedding the authentication data as a watermark inside the image. The advantage to store the
authentication data intern as metadata is, that the image quality is not degraded. The drawback of
this approach used in [18]-[19] is, however, that the authentication data is usually lost after the
11
image is converted into different file formats. Since it is quite common to convert the images
into different file formats, it is better to insert the authentication data as a watermark directly into
the image.[20]
12
CHAPTER 3
Chapter 3
Background
13
CHAPTER 3 Background
3.1 Digital Image File Formats
In this project, we will deal with two digital image file formats. The following is a
description of the formats:
3.1.1 BMP Format
The Bit-Map (BMP) format has four incarnations, two under windows (new and old) and two
under os/2, all are described here.
The following table contains a description of the contents of the bmp file. for every field, the file
offset, the length and the contents will be given.[22]
offset Field size contents
0000h identifier 2 bytes the characters identifying the bitmap. the following
entries are possible:
m - windows 3.1x, 95, nt
Table 3.1: Bit-Map format
Figure [3.1]
14
a- os/2 bitmap array
i - os/2 color icon
p - os/2 color pointer
c - os/2 icon
t- os/2 pointer
0002h file size 1 dword complete file size in bytes.
0006h Reserved 1 dword reserved for later use.
000ah bitmap data
offset
1 dword offset from beginning of file to the beginning of the
bitmap data.
000eh bitmap
header size
1 dword length of the bitmap info header used to describe the bitmap colors, compression, the following sizes are possible:
28h - windows 3.1x, 95, nt
0ch - os/2 1.x
f0h - os/2 2.x
0012h Width 1 dword horizontal width of bitmap in pixels.
0016h Height 1 dword vertical height of bitmap in pixels.
001ah Planes 1 word number of planes in this bitmap.
15
001ch bits per pixel 1 word bits per pixel used to store palette entry information. this also identifies in an indirect way the number of possible colors. possible values are:
1 - monochrome bitmap
4 - 16 color bitmap
8 - 256 color bitmap
16 - 16bit (high color) bitmap
24 - 24bit (true color) bitmap
32 - 32bit (true color) bitmap
001eh Compression 1 dword compression specifications. the following values are possible:
0 - none (also identified by bi_rgb)
1 - rle 8-bit / pixel (also identified by bi_rle4)
2 - rle 4-bit / pixel (also identified by bi_rle8)
3 - bitfields (also identified by bi_bitfields)
0022h bitmap data
size
1 dword size of the bitmap data in bytes. this number must be
rounded to the next 4 byte boundary.
0026h Hresolution 1 dword horizontal resolution expressed in pixel per meter.
002ah vresolution 1 dword vertical resolution expressed in pixels per meter.
002eh Colors 1 dword number of colors used by this bitmap. for a 8-bit / pixel
bitmap this will be 100h or 256.
0032h important 1 dword number of important colors. this number will be equal to
16
colors the number of colors when every color is important.
0036h Palette n * 4 byte the palette specification. for every entry in the palette four bytes are used to describe the rgb values of the color in the following way:
1 byte for blue component
Transfer interrupted!
p>
1 byte for red component
1 byte filler which is set to 0 (zero)
0436h bitmap data x bytes depending on the compression specifications, this field
contains all the bitmap data bytes which represent indices
in the color palette.
Note: the following sizes were used in the specification above:
size # bytes Sign
char 1 Signed
word 2 Unsigned
dword 4 Unsigned
Table 3.2: size of type
17
3.1.2 JPEG Format
The JPEG (Joint Photographic Experts Group; pronounced "jay-peg") file format was
developed by C-Cube Microsystems in 1992 to provide an efficient method of storing deep-pixel
images, such as scanned photographs, which are characterized by numerous subtle (and
sometimes not so subtle) variations in color. The greatest difference between JPEG and the other
file formats discussed here is that JPEG uses a lossy, not a lossless, compression algorithm.
Lossless compression preserves image data, so that a decompressed image matches the original
image exactly. Lossy compression sacrifices some image data in order to achieve greater
compression ratios. A decompressed JPEG image rarely matches the original exactly, but very
often the differences are so minor that they are barely detectable, if at all.
JPEG image compression is a complex process that frequently requires a hardware assist to
achieve acceptable performance. First, the image is tiled into blocks that measure 8 pixels to a
side. Each block is then compressed separately, in three stages. The first stage involves using a
discrete cosine transform (DCT) formula to convert the 8-by-8 block of pixel data into an 8-by-8
matrix of amplitude values representing different frequencies (or rates of color change) in the
image. In stage two, the values in the amplitude matrix are divided by the values in a
quantization matrix that's biased to filter out amplitudes that are less important to the overall
appearance of the image. In the third and final stage, the quantized amplitude matrix is
compressed using a lossless compression algorithm.
Because the quantized matrix lacks much of the high-frequency information of its
predecessor, it frequently compresses to half its original size or less. Lossless compression
methods are often unable to compress real-life photographic images at all, so a 50-percent
reduction is quite good. On the other hand, lossless compression methods can reduce some
images by 90 percent. Such images are poor candidates for JPEG compression.
The lossy part of the JPEG compression is stage two. The higher the values in the
quantization matrix, the greater the amount of information discarded from the image, and the
18
more tightly the image is compressed. The trade-off is that higher quantization values result in
poorer image quality. When a JPEG image is generated, its creator chooses a quality factor,
whose value drives the values in the quantization matrix. The optimal quality factor--the one that
exhibits the best balance between compression ratio and image quality--is different for every
image and is usually found only through trial and error. [28, 29]
3.1.2.1 Overview of the JPEG bit-stream:
Figure [3.2 ]; JPEG bit-stream
3.1.2.2 Description:
A JPEG image begins and ends with a SOI (Start of Image) and EOI (End of Image)
marker. In between, a JPEG Image have an optional table section (Huffman table, quantization
table) followed by a Frame Header. The Frame header always exists and contains information
block block block …
Scan Tables, etc. Header Scan …
End of Image start of Image Frame
Segment Tables, etc. Header Restart Segment Restart …
19
such as the width and height of the image. The Frame header is then followed by a series of
scans.
A Scan may specify its own huffman tables and quantization tables, in which case it will
overwrite the tables specified before in the bit-stream. A Scan always contains a scan header,
which specifies information about the scan, such as which table to use, how many components
are there etc. Scan header is followed by scan data, which contains the encoded image.
The JpegHdr contains the huffman tables and the quantization tables, since only one valid set of tables can be present at any time. JpegScanHdr includes information from the scan header in the BitStream. Tables encountered while parsing a scan is updated into JpegHdr. The scan data representing the compressed image is stored as ScImages, after it is parsed from the Bit-Stream.
• "Frame" is a picture • "scan" is a pass through the pixels (e.g., the red component) • "segment" is a group of blocks • "block" is an 8x8 group of pixels.
Frame header: sample precision (width, height) of image number of components unique ID (for each component) horizontal/vertical sampling factors (for each component) quantization table to use (for each component)
Scan header:
Number of components in scan
component ID (for each component)
Huffman table for each component (for each component)
Misc. (can occur between headers)
Quantization tables
Huffman Tables
Arithmetic Coding Tables
20
Comments
Application Data
3.2 JPEG Compression
3.2.1 Conversion from RGB to YCbCr
JPEG files use a different color space than bitmaps. The three color coefficients (Red,
Green, Blue or RGB) for each pixel are transformed into a new coding scheme: one luminance
coefficient (the intensity - if we just keep this one we have a black and white image), and two
chrominance coefficients (the actual color in a 2D grid defined by a Blue/Yellow and a
Red/Green axis). After this step, we have YCbCr values.
3.2.2 Sub-sampling of the chrominance values
Due to the densities of color and brightness sensitive receptors in the human eye, humans can see
considerably more fine detail in the brightness of an image (the Y component) than in the color
of an image (the Cb and Cr components). Using this knowledge, encoders can be designed to
compress images more efficiently.
The transformation into the YCbCr color model enables this step, which is to reduce the spatial
resolution of the Cb and Cr components (called "down-sampling" or "chroma sub-sampling").
The ratios at which the down-sampling can be done on JPEG are 4:4:4 (no down-sampling),
4:2:2 (reduce by factor of 2 in horizontal direction), and most commonly 4:2:0 (reduce by factor
of 2 in horizontal and vertical directions). For the rest of the compression process, Y, Cb and Cr
are processed separately and in a very similar manner. Down-sampling the chroma components
save 33% or 50% of the space taken by the image without drastically affecting perceptual image
On the image (in figure 3) the color information (both chrominance factors Cb and Cr) was
sub-sampled by an enormous factor of 8! which means that the color information on this picture
is made by big 8x8 blocks of pixels. Here are images showing each channel only:
Y (intensity) Cb (blue/yellow) Cr (red/green)
Figure [3.4]: YCbCr Chanel
22
3.2.3 Discrete Cosine Transform
The remaining values are transformed, 8x8 blocks at a time, by a forward Discrete Cosine
Transform, which is going to transform subsampled YCbCr values into frequencies. It sounds
complex but it's not. It's just a matter of describing the numbers no more by their values, but by
coefficients of a mathematical expression. Like how easier it is to describe a line by the two
coefficients a and b in the mathematical formula "y = ax + b" than by keeping the coordinates of
hundreds of points that belong to that line. We can describe infinity of very particular points
with just two coefficients! The formula here is more complex than a simple linear one, and, as its
name implies, it involves a decomposition of the signal into several cosines functions of different
frequencies (see figure 5). A little bit like Fourier transform. we will transform the 64 values into
64 frequency coefficients. In other words, we will describe 64 values with 64 coefficients. So
what is the point? Replacing 64 values by 64 new values? No gain of space! Well, the point is
that in "natural", most of these coefficients will be very low, and we can get rid (at the next step)
of a lot of them, and still reconstruct the original values with a good accuracy. At this point we
have the DCT coefficients.
23
On the table 3.3, we have 8x8 blocks of pixel values. It could be luminance or chrominance
data, whatever we want. The 8x8 block on the right is after a forward DCT transform. The low
frequency coefficient is on the top left. It's the highest value, because it encodes the data with the
highest importance and the lowest frequency: basically the average value of all of these blocks
pixels. We can see how these coefficients are still high around the top left corner, and then, the
more when we go to the bottom right (the high frequencies), they go down. We will remove a lot
of these small values at the next step. Right now, if we do an inverse cosine transform from these
coefficients, we will recover exactly the starting pixels values, minus the rounding errors. The
main loss of information is on the next step.
Pixel values DCT coefficients
Table [3.3]: DCT coefficients of Pixel
• DC and AC components.
DC Component F(0,0) The average value of all the pixels in the block AC Component Remaining 63 coefficients Represent the amplitudes of progressively higher horizontal and vertical spatial frequencies in the block.
Figure [3.5]: DC ,AC Component
24
3.2.4 Quantization
The human eye is good at seeing small differences in brightness over a relatively large
area, but not so good at distinguishing the exact strength of a high frequency brightness
variation. This fact allows one to get away with greatly reducing the amount of information in
the high frequency components. This is done by simply dividing each component in the
frequency domain by a constant for that component, and then rounding to the nearest integer.
This is the main lossy operation in the whole process. As a result of this, it is typically the case
that many of the higher frequency components are rounded to zero, and many of the rest become
small positive or negative numbers, which take many fewer bits to store.
At this point we have the quantized DCT coefficients (see table 4). Most of them are equal
to zero. It's where JSteg hides the data (and most of other JPG steganography programs), by
Appending Padding Bits. The original message is "padded" (extended) so that its length (in
bits) is congruent to 448, modulo 512. The padding rules are:
• The original message is always padded with one bit "1" first.
• Then zero or more bits "0" are padded to bring the length of the message up to 64 bits
less than a multiple of 512.
Task 2.
Appending Length. 64 bits are appended to the end of the padded message to indicate the
length of the original message in bytes. The rules of appending length are:
• The length of the original message in bytes is converted to its binary format of 64 bits. If
overflow happens, only the low-order 64 bits are used.
• Break the 64-bit length into 2 words (32 bits each).
• The low-order word is appended first and followed by the high-order word.
Task 3.
Preparing Processing Functions. SHA1 requires 80 processing functions defined as:
f(t;B,C,D) = (B AND C) OR ((NOT B) AND D) ( 0 <= t <= 19) f(t;B,C,D) = B XOR C XOR D (20 <= t <= 39) f(t;B,C,D) = (B AND C) OR (B AND D) OR (C AND D) (40 <= t <= 59) f(t;B,C,D) = B XOR C XOR D (60 <= t <= 79)
Task 4.
Preparing Processing Constants. SHA1 requires 80 processing constant words defined as:
35
K(t) = 0x5A827999 ( 0 <= t <= 19) K(t) = 0x6ED9EBA1 (20 <= t <= 39) K(t) = 0x8F1BBCDC (40 <= t <= 59) K(t) = 0xCA62C1D6 (60 <= t <= 79)
Task 5.
Initializing Buffers. SHA1 algorithm requires 5 word buffers with the following initial
Processing Message in 512-bit Blocks. This is the main task of SHA1 algorithm, which
loops through the padded and appended message in blocks of 512 bits each. For each input
block, a number of operations are performed. This task can be described in the following pseudo
code slightly modified from the RFC 3174's method 1:
Input and predefined functions: M[1, 2, ..., N]: Blocks of the padded and appended message f(0;B,C,D), f(1,B,C,D), ..., f(79,B,C,D): Defined as above K(0), K(1), ..., K(79): Defined as above H0, H1, H2, H3, H4, H5: Word buffers with initial values Algorithm: For loop on k = 1 to N (W(0),W(1),...,W(15)) = M[k] /* Divide M[k] into 16 words */ For t = 16 to 79 do: W(t) = (W(t-3) XOR W(t-8) XOR W(t-14) XOR W(t-16)) <<< 1 A = H0, B = H1, C = H2, D = H3, E = H4
36
For t = 0 to 79 do: TEMP = A<<<5 + f(t;B,C,D) + E + W(t) + K(t) E = D, D = C, C = B<<<30, B = A, A = TEMP End of for loop H0 = H0 + A, H1 = H1 + B, H2 = H2 + C, H3 = H3 + D, H4 = H4 + E End of for loop Output: H0, H1, H2, H3, H4, H5: Word buffers with final message digest
37
3.5 Digital signature:
A digital signature guarantees that information has not been modified, as if it were
protected by a tamper-proof seal that is broken if the content were altered.
In a digital signature, the signer use her private key, applied to a signing algorithm, to sign
the file .the verifier, on the other hand, use the public key of the signer, applied to the verifier
algorithm, to verify the file.
3.5.1 Signing the digest:
A digest is made out of the file at signer site .The digest then goes through signing process
using signer’s private key. Signer then sends the file and the signature to the verifier. There are
variations in the process that are depend on the system .For example, there might be additional
calculation before the digest is made, or other secret might be used.
3.5.2 Verifying the digital signature
At verifier site using the same public hashing function ,a digest is first create out of the
received file .calculation are done on the signature and the digest .the verifying process also
applies criteria on the result of the calculation to determine the authenticity of the signature if
authentic ,the file is accepted ;Otherwise ,it is rejected. [23, 24]
File
Verifier Signer
Signer Private Key Signer Public key
File
DS File
Hash Hash Sign Verify
Figure [3.11]: digital signature
38
3.6 Steganography using LSB in BMP images
Usually 24-bit or 8-bit files are used to store digital images. The former one provides more
space for information hiding; however, it can be quite large. The colored representations of the
pixels are derived from three primary colors: red, green and blue. 24-bit images use 3 bytes for
each pixel, where each primary color is represented by 1 byte. Using 24-bit images each pixel
can represent 16,777,216 color values. We can use the lower two bits of these color channels to
hide data, then the maximum color change in a pixel could be of 64-color values, but this causes
so little change that is undetectable for the human vision system. This simple method is known
as Least Significant Bit insertion. Using this method it is possible to embed a significant amount
of information with no visible degradation of the cover image. Figure 12 shows the process.
Several versions of LSB insertion exist. It is possible to use a random number generator
initialized with a stego-key and its output is combined with the input data, and this is embedded
to a cover image. For example in the presence of an active warden it is not enough to embed a
message in a known place (or in a known sequence of bits) because the warden is able to modify
these bits, even if he can’t decide whether there is a secret message or not, or he can’t read it
because it is encrypted. The usage of a stego-key is important, because the security of a
protection system should not be based on the secrecy of the algorithm itself, instead of the choice
of a secret key
Figure [3.12]: LSB in BMP
39
3.6.1 24-bit images
To hide an image in the LSBs of each byte of a 24-bit image, you can store 3 bits in each
pixel. If you compress the message to be hidden before you embed it, you can hide a large
amount of information.
To the human eye, the resulting stego-image will look identical to the cover image. For
example, the letter A can be hidden in three pixels (assuming no compression).The original raster
The underlined bits are the only three actually changed in the 8 bytes used. On average,
LSB requires that only half the bits in an image be changed. You can hide data in the least and
second least significant bits and still the human eye would not be able to discern it.
40
3.6.2 8-bit images
8-bit images are not as forgiving to LSB manipulation because of color limitations.
Steganography software authors have devised several approaches—some more successful than
others—to hide information in 8-bit images. First, the cover image must be more carefully
selected so that the stego-image will not broadcast the existence of an embedded message. When
information is inserted into the LSBs of the raster data, the pointers to the color entries in the
palette are changed. In an abbreviated example, a simple four-color palette of white, red, blue,
and green has corresponding palette position entries of 0 (00),1 (01), 2 (10), and 3 (11),
respectively. The raster values of four adjacent pixels of white, white, blue, and blue are 00 00
10 10. Hiding the binary value 1010 for the number 10 changes the raster data to 01 00 11 10,
which is red, white, green, blue. These gross changes in the image are visible and clearly
highlight the weakness of using 8-bit images. On the other hand, there is little visible difference
noticed between adjacent gray values.
41
System Analysis and
Design
Chapter 4
42
CHAPTER 4 System Analysis and Design
4.1 Problem Definition:
The rapid evolution of multimedia technology over the past decade has brought about many
advantages in the creation and distribution of image content .But beneath the ability of easy
copying, transmitting and editing digital images the need for image content protection increases.
Digital images can be modified or forged with a wide variety of available manipulation software
and hence it is rather difficult to tell if a picture is the original one, which has been taken by a
camera, or if has been tampered with.
Thus image authentication aims to prevent illegitimate tampering and fraudulent use of
modified image. Such tampering of images may take on one of two forms:
1.An image may be altered or forged and made to look very real to the unsuspecting eye, via the
usage of some very sophisticated image editing and manipulation software available on the
Internet.
2.An image may be used as cover to carry secret messages between individuals on the Internet, via
the usage of steganography tools also available on the Internet.
Hence there is a need for a means for image authentication and a tool for image analysis to
detect such illegitimate image manipulations.
43
4.2 Objectives: Powerful publicly available image processing software packages such as Adobe PhotoShop
make digital forgeries a reality. Feathered cropping enables replacing or adding features without
causing detectable edges. It is also possible to carefully cut out portions of several images and
combine them together while leaving barely detectable traces.
The purpose of this project is to present steganographic techniques for tamper detection and
authentication of digital images. Fragile, robust watermarks, and self-embedding are treated as a
means for detecting both malicious and inadvertent changes to digital imagery.
In this project we propose several techniques based on digital signature and data hiding in
images that will be designed and implemented as a means for detecting tampering in digital
images whether it be steganography or deliberate image tampering. We will also propose a
technique for self-embedding an image into itself as a means for protecting the image content
and recovering an approximation of it for visually detecting tampering.
44
4.3 Functional Specification The project has the following functions:
1. Sign an image(BMP OR JPEG):
Load image: the user selects image from a specific path. Sign image: the image is digitally signed by the system. Save image: the user selects a place to save the signed image in.
2. Detect stenography or tampering in an image(BMP OR JPEG) with
authentication feature:
Load image: the user selects image from specific path Check image's authenticity and display the result: this function checks and analyzes the authenticity of the image to detect whether the image has been edited or a massage has been embedded. Then, it displays result.
3. Detect steganography in an image(BMP ) with no authentication
feature:
Load image: the user selects image from specific path Check image and display result: this function analyzes image to detect steganography, and displays the result.
45
4.4 Data Flow Diagram (DFD):
46
47
48
49
50
51
52
5.7 5.8
5.3
53
54
4.5 Preliminary to Algorithms:
4.5.1 Steganalysis for BMP Images Without Authentication Scheme:
Preliminary:
Although messages embedded into an image are often imperceptible to the human eye, they
often disturb the statistical nature of the image.
In this section we will use a steganalysis algorithm for detecting the presence of hidden messages in LSB steganography, which was proposed by S.Mitra, T.Roy, D.Mazumdar and A.B.Saha[28]. The detection theory is based in statistical analysis of pixel pairs using their RGB components.
In RGB color system:-
1-(( Two colors C1(R1,G1,B1),C2(R2,G2,B2) are close pair color if and only if:
|R1-R2|=1 and |G1-G2|=1 and |B1-B2|=1)) [show figure 13].
Figure [4.1]: closed color pair
55
2- (( Two colors C1(R1,B1,G1),C2(R2,B2,G2) are unique if any of the following is true:
|R1-R2|=1 OR |G1-G2|=1 OR |B1-B2|=1)) [show figure 14].
In a natural uncompressed image, the ratio of the number of unique colors to the total
number of pixels is approximately 1:6. Hence after LSB embedding, which is equivalent of
introducing noise, the randomness of LSB pattern will increase. This increase in randomness is
reflected in increase in the number of unique colors U, which is utilized as the distinguishing
signature for these type of images.
For any uncompressed real image, the ratio of number of close colors pairs to number of
unique colors gives an idea about the relative number of close color pairs with that of unique
colors.
Now, it is observed that, for an untampered image, which does not have any embedded
message, the value of ratio is greater compared to an image which has a message already
embedded in it. This happens as embedded message behaves as a random noise, which increases
the number of unique colors abruptly.
Figure [4.2]: unique color pair
56
Two approaches will be adopted for tamper detection of authenticated digital image:
4.5.2 Digital Image Authentication Scheme
4.5.2.1 Digital signature of BMP Image with Self Embedding:
Image Hashing
Hash functions are frequently called message digest functions. Their purpose is to extract a
fixed-length bit-string from a message (computer file or image) of any length. Obviously, a
message digest function is a one-to-one mapping. In cryptography, hash functions are typically
used for digital signatures to authenticate the message being sent so that the recipient can verify
that the message is authentic and that it came from the right person.
The requirements for a cryptography hash function area:
• Given a message m and a hash function H , it should be easy and fast to compute the hash
h=H(m)
• Given h, it is hard to compute m such that h= H(m) (i.e., the hash function should be one-way)
• Given m , it is hard to find another message m' such that H(m')=H(m) (property of being
collision free)
From the above properties it is clear that hash functions are "infinitely" sensitive in the
sense that a small perturbation of the message m will give you a completely different bit-string h.
In application involving steganalysis and authentication of digital images, the requirements
on what should be a digest of an image are basically the same.
57
Changing the value of one pixel does not make the image different but should yield a
different h. distortion introduced by lossy compression or typical image processing does not
change the visual content of the image yet would alter the value of h.
In this section we presented a scheme for authenticating digital images in the BMP format.
However, such a scheme would not authenticate images that have undergone lossy compression,
even though they may not have been manipulated otherwise.
Figure [4.3]:hash value of tow images
58
Protection of digital images using self-embedding:
In this section we propose a technique for self-embedding an image into it self as a means
for protecting the image content. After self-embedding, it is possible to recover portions of the
image that have been cropped out, replaced or otherwise tampered.
For obvious reasons, it is certainly not possible to embed a complete image into it self. To
lower the information content of the image, we have to use either lossy compression (e.g., JPEG
compression), decrease the color depth of the image, or preserve only important image features,
such as information about edges, using advanced techniques ( such as Laplacian filter).
In this project we propose to use lossy image (JPEG) compression as a means of lowering
the information content of the image to be embedded (phantom image).
There is an obvious trade off between the quality of reconstruction and the extent of
modifications due to self-embedding. By using two least significant bits for self-embedding
rather than just one LSB, the image quality of the reconstruction will be dramatically improved
while the changes to the original image will still be very minor.
Compress
Original image Phantom image
Figure [4.4]: Compress image
59
41f160e5555648fe7c41b76ac2b e39fd0189
Thus, the phantom image will be embedded in the original image using the 2 LSBs of the
pixels.
Phantom image
embedded in
0101010010101010010……… One pixel
The phantom image will also undergo hashing via the Secure Hash Algorithm SHA-1 to
generate an Image Authentication Code IAC, that will be encrypted using asymmetric
cryptography i.e. a digital signature of the phantom image will be derived. The digital signature
will be included in the unused portion of the image BMP file format.
01010011
01010001
Encrypt
Phantom image Original image
IAC= 89b2470a6d125df86439e7b61bd6ac333fd067a1
Original image
Figure [4.5]: self embedded image
Figure [4.6]: Phantom image digital signature
Included in the unused
portion
60
4.5.2.2 A Data Embedding Scheme for JPEG Image Authentication
Preliminary:
JPEGs are "lossy." That's a term that means you trade-off detail in the displayed picture
for a smaller storage file. This new technique for authentication of JPEG images is based on a
look-up table in the frequency domain. A digital signature which is extracted from the image is
embedded in a way to avert loss it when the image is compressed.
Look up table :
The look up table is a table generated randomly with a seed value using function table_generator(M)"
Look-up table which starts from the biggest AC coefficient down to the Minimum DCT value for alteration. The pseudo-random function maps each AC value to 0 or 1. However it would not make a sequence of more than two adjacent 0’s or 1’s. For example, 010010110 is a valid sequence but 01U000U10110 is not.
Table 3.7: look-up table
…-127 -1 0 1 2 3 4 5 6 7 8 9 127 ..… AC
…. 1 0 1 0 1 1 0 1 1 0 0 1 1 ….. F(AC)
61
Methodology
a. JPEG image Authentication:
1. Find the Quantized DCT coefficient matrix qi for the image.
a. For the first five ACj value in qi map it to F(ACj) using the look-up table.
b. Make voting between F(ACj) values to determine if the block embedded bit is 0 or 1.
01 1 1 0 By voting, the majority is 1
ACj 18 20 13 11 15 F(ACj) 0 1 1 1 0
DC (average intensity) AC values
64
c. Add the previous step result to image feature vector D2.
Block 9
Block 8
Block 7
Block 6
Block 5
Block 4
Block 3
Block 2
Block 1
Extracting location
0 1 1 1 0 0 1 0 1 extracted_ secret
5. Compare D with D’, if they are the same then the image is authenticated. Otherwise, the
image may be tampered, cropped or has a hidden message.
In the previous example, the image is authenticated.
65
Implementation
Chapter 5
66
5.1 Steganalysis for BMP Images without Authentication Scheme:
In this section we will use a steganalysis algorithm for detecting the presence of hidden
messages in LSB steganography. The detection theory is based on statistical analysis of pixel
pairs using their RGB components and by using special computations to detect if there is hidden
message or not.
For any uncompressed real image, the ratio R= P/U gives us an idea about the relative
number of close color pairs with the unique colors where:
P: is the number of image’s close color pairs,defind as:
|R1-R2|=1and|G1-G2|=1and|B1-B2|=1
U: is the number of its unique colors,defind as:
|R1-R2|=1or|G1-G2|=1or|B1-B2|=1
And according to S.Mitra, T.Roy, D.Mazumdar and A.B.Saha[ ] and S.Geetha, Siva
S.Sivatha Sindhuand N.Kamaraj[ ], it is observed that, for any clean or un-tampered image i.e.
which does not have any embedded message, the value of R is greater in comparison with a
tampered image which has a message already embedded in it. This happens when an embedded
message behaves as a random noise, which increases the number of unique colors U abruptly. As
an example, we have taken 24 bit untampered BMP images having wide variation in color
composition. Then we categorized them to simple or complex images according to their number
of colors i.e. an image is complex if it has a large number of colors which are more than one
third of its size. After that, we experimented with those images when different lengths of
message bits are embedded by LSB insertion. We repeated that for 25%, 55% and 85%
embedding strength of the maximum capacity (packing density).
67
The average values of the ratio R for both untampered and tampered images are
compared in Table 5.1.
Table 5.1 Experimental data to show the variation of the relative values of unique color with packing density.
It is noticed that, due to the wide variation in the number of unique colors in different
images, it is almost impossible to find a universal threshold for R that is optimal for all images to
differentiate uniquely a stego-image from a clean one(see conclusion). The graphical
representation of R with different percentage of data embedded in the tested images is shown in
Figure 5.1.
% of message bit
insertion
Mean Value or R
Image Category
Simple Complex
Un-tampered 14.9 5.4018
20_30% 1.56 0.8364
50_60% 0.74 0.1904
80_90% 0.58 0.1852
68
Figure [5.1]: Variation of the relative values of unique color with close color pair for both simple and complex images.
The rate of change of relative values of the unique color depends on the nature of the
image. After some testing with different kinds of images having wide color variation, a particular
property is observed which enables us to reliably distinguish a tampered image from an
untampered one.
Packing Density)(
69
5.1.1 Experimental Observations:
It is noticed that, if any test image is already tampered with a message, embedding it
further with additional bit streams will not modify the R value significantly. Alternately, under
repeated embedding, the highest disruption of the Signal characteristics is for the first embedding
and then decreases steadily. This principle of decreasing distortion is used to derive a
steganalysis tool that tries to detect the presence of hidden messages in an uncompressed 24 bits
BMP image.
To explore the decreasing property we have artificially pack the test image with
data, then recalculate the unique color U’ and the close color pair P’. So, R’= P’/U’ gives the
relative number of close color pair in the artificially tampered image.
The R changes ratio is measured in terms of M where, M is the percentage
of change in R that is defined as:
M= [ (R-R’)/R ] * 100
To detect if the image is tampered or clean ,we calculate the threshold according to number of
colors in the image; then we compare M with the threshold:
If M> threshold The Image is CLEAN
If M< threshold The Image is tampered
70
5.1.2 BMP_steganalysis (I ) Input: a BMP image I
Output: massage (The Image is CLEAN or It is a STEGO Image)
UPseudo code:
BMP_steganalysis( I ) {
CALL colorCount with I RETURNING colors
CALL calculatePandU with I RETURNING P,U
R = P / U
CALL hide_msg with I RETURNING stego-image SI
CALL calculatePandU with SI RETURNING P',U'
R'= p' / U'
M = ((R – R') / R) * 100
Imagesize=width*height
CALL calculate_Threshold with imagesize,colors RETURNING threshold
IF M Greater_than threshold
DISPLAY("The Image is CLEAN ")
ELSE
DISPLAY("It is a STEGO Image ")
ENDIF
}
71
UFlowchart:
Figure [5.2]: Flowcharts of Steganalysis for BMP Images Scheme
CALL colorcount(I)
CALL calculatePandU(I)
R= P / U
CALL hide_msg (I)
CALL calculatePandU(SI)
R'= P' / U'
M=((R –R')/R)*100
imagesize= width*height
CALL calculate_threshold (imagesize,color)
M>threshold
The Image is CLEAN
It is a STEGO Image
yes no
72
colorCount(I) Input: a BMP image I
Output: count: number of color in image I
imgColors:array of color in image I
This function is used to count the number of different colors in the image I
,and set them in array imgColors .
UPseudo code:
colorCount(I) {
SET count to 0 FOR each pixel in I IF imgColors NOT contains the color of pixel THEN Append color in imageColors INCREMENT count ENDIF ENDFOR RETURN count {
calculatePandU(I) Input: a BMP image I
Output: p: total number of close pair colors in the whole image I
U: total number of unique colors in the whole image I
This function calculates the number of all pairs of close colors P and the number of all unique
colors U in the image I.
UPseudo code:
calculatePandU(I)
{ CALL colorCount with I RETURNING count,imgColors
Figure [5.6]: Change the 2 LSBs of the blue component to zeros.
ComputeSHA1 (ImgBytes ): Input: The image's data as a byte ImgBytes after setting the 2 LSBs to zeros
Output: The ImgBytes' digest.
We use System.Security.Cryptography library to do Secure Hash Algorithm SHA-1. The purpose of using this hash function is to extract a fixed-length digest (160-bit) from an image of any size (less than 264). Obviously, it is a one-to-one mapping.
Based on the SHA1 RFC document, the SHA-1 is called secure because it is
computationally infeasible to find a message which corresponds to a given message digest, or to
find two different messages which produce the same message digest. Any change to a message in
transit will, with very high probability, result in a different message digest, and the signature will
be failed to verify, hence this authentication technique is a fragile one.
ComputeSHA1 function will apply the hashing algorithm SHA1 to compute and return the
hash value of the ImgBytes.
RSA_Encrypt( Digest ): Input: the image's digest .
Output: The image's Digital_Signature.
We also use System.Security.Cryptography library to create the digital signature of an
image by applying the asymmetric cryptography Algorithm RSA. A digital signature guarantees
81
that image's information has not been modified, as if it were protected by a tamper-proof seal
that is broken if the content were altered.
At signing process we create a new instance of cryptographic service provider's parameters
to perform cryptographic computations. Then, we store these parameters in a key container with
the name "KEY". After that, by using these parameters we create an instance of
RSACryptoServiceProvider to generate public and private key data. Finally, using the private
key data we encrypt the input Digest and then return the result which is the image's
Digital_Signature.
self embedding( ImgBytes, I, Digital_Signature ): Input: The image's data as a byte after setting the 2 LSBs to zeros.
The original BMP image.
The image's Digital_Signature.
Output: authenticated_image : The finally authenticated image as bytes.
In this function we distribute a compressed copy of the image (phantom image) into the
image's 2 LSBs. We also distribute the image's digital signature and the phantom image digital
signature at the remaining LSBs. Finally, we append the phantom image's length and another
copy from this compressed image at the end of image data.
After this function, we have the authintecated_image and able to display or save it.
UPseudo code self_embedding( ImgBytes, I, Digital_Signature )
{
CALL compress with I RETURNING phantom_image
CALL convertToByte with phantom_image RETURNING phantom_image_bytes
SET u to 0
SET v to 0
CALL distribute with ImgBytes, phantom_image_bytes, u and v RETURNING
tempImg,u and v
CALL distribute with tempImg, Digital_Signature, u and v RETURNING
tempImg,u and v
82
CALL ComputeSHA1 with phantom_image_bytes RETURNING IAC
CALL RSA_Encrypt with IAC RETURNING phantom_image_ds
CALL distribute with tempImg, phantom_image_ds, u and v RETURNING
signed_image_se, u and v
CALL Length with phantom_image_bytes RETURNING len
CALL append with signed_image_se and len RETURNING tempImg
CALL append with tempImg and phantom_image_bytes RETURNING authenticated_image
RETURN authenticated_image
}
UBlock Diagram
Figure [5.7]: block diagram of self embedding function
83
compress(I) :
Input: The original BMP image.
Output: a relatively compressed copy of I in the format of 24 bit per pixel BMP image.
This function will create the phantom image (thumbnail image) from the original image I.
The phantom_image_width is equal to I_width * 25% and the same thing is for its height.
distribute( image_bytes, data, j, k ):
Input: The image's data as a byte.
The data that will be embedded in the 2 LSBs.
The starting x-coordinate and y-coordinate of the pixel. The corresponding pixel will hold the first two bits of data.
Output: The image_bytes after distributing data into it.
The x-coordinate and y-coordinate of the first pixel which does not contain data in its LSBs
This function loops through data byte by byte. Then, it loops through that byte taking two
bits at a time and inserts them in the current position. After changing the current two LSBs, it
will update the x-coordinate and y-coordinate according to the image's dimensions. When it
finishes from distributing all data's data, it will return imag which is image_bytes that holds data
in its LSBs. Sometimes if the image (image_bytes) is very small, this function may fails to
distribute data into image_bytes.
UPseudo code distribute( image_bytes, data, j, k )
{
CALL convertToImage with image_bytes RETURNING imag
FOR each byte in data
SET temp to byte
CALL convertToBinary with temp RETURNING binary
FOR each two bits in binary
84
CALL change_2LSB with imag,j,k,binary[r] and binary[r+1] RETURNING
imag
CALL check_j_k with j, k, imag_Height and imag_Width RETURNING
j and k
ENDFOR
ENDFOR
RETURN imag
}
append(Img , tail ):
Input: The image's data as a byte.
The data which will be added to the end of Img.
Output: The Img after appending tail to it (signed_imgByte).
In this function we will first add a Delimiter at the end of the Img to separate image's data
from the added tail. The basic algorithm for this function is from DevX Discussions web site. We
choose the Delimiter as a list of 15 random elements. Obviously, Img new size will be equal to its
previous size plus the length of the tail and the Delimiter. Figure5.2.3 illustrates the idea.
UPseudo code append(Img , tail )
{
/* We define this sequence of data to use it as a delimeter that will indicate the
appended data position*/
SET Delimiter to {73,82,113,83,116,95,82,112,116,115,72,101,96,53,101}
SET signed_imgByte_size to length of Img, Delimiter and tail
SET signed_imgByte to Img
Appened Delimiter to signed_imgByte
Appened tail to signed_imgByte
RETURN signed_imgByte
}
85
Figure [5.8]: Append a delimiter, then a tail to the Image .
change_2LSB( img, j, k, m, n):
Input: The image.
The x-coordinate of the pixel that will be change.
The y-coordinate of that pixel. The corresponding pixel[j,k] will hold the two bits of data m and n.
The first bit to be saved in the second LSB.
The second bit to be saved in the first LSB.
Output: The img after changing the two LSB of pixel[j,k] to save m and n respectively.
This function will take two bits m and n, then it will embed or save them in the
img_Pixel[j,k]. Figure5.2.4 will illustrate the m's and n's new positions.
UPseudo code change_2LSB( img, j, k, m, n) { SET color to img_Pixel[j,k] SET temp to color[Blue] CALL convertToBinary with temp RETURNING binary SET binary[1] to n SET binary[2] to m CALL convertToInteger with binary RETURNING temp SET color[Blue]to temp SET img_Pixel[j,k] to color }
86
Figure [5.9]: Change the 2 LSBs of the blue component to hold the data of m and n.
check_j_k (j, k, height, width):
Input: The x-coordinate of the changed pixel.
The y-coordinate of that pixel.
The image's height.
The image's width.
Output: The x-coordinate after updating its value, if needed.
The y-coordinate after updating its value.
This function used to update x and y coordinates, and to ensure that they still within
This function will first extract the embedded authentication data(i.e. embedded digital
signature) from the image I and ensure that they match with the computed digital signature. If
so, the image is authentic and there is no tampering or steganography in it. If otherwise (i.e. no
match), if the extracted digest is not the same as the calculated one, the image may be tampered
or modified. To recover the original image's compressed copy (i.e. the phantom image), the
system will check if the extracted phantom image's digital signature is the same as the computed
one. If they are the same, the system will display the phantom image. But if they are different,
this function will try with the other copy of the phantom image. If they are still different, this
means that the phantom image is also tampered. When the extraction process fails this means
that the image is not watermarked or it may be modified. UPseudo code CALL convertToByte with I RETURNING ImgBytes
CALL extract with ImgBytes RETURNING Img1 and tail
CALL extract with tail RETURNING len and phantom_image_Copy
CALL extract_image_data with I and len RETURNING phantom_image,
Image_Extracted_DS, and Phantom_Image_Extracted_DS
CALL RSA_Decrypt with Image_Extracted_DS RETURNING Image_Extracted_Digest
CALL setLSB with Img1 RETURNING Img1
CALL ComputeSHA1 with Img1 RETURNING Digest
INIT flag to TRUE IF Digest Equals Image_Extracted_Digest THEN
DISPLAY "No tampring or steganography in this image." ELSE DISPLAY "Image was tampered."
CALL recover_image with Phantom_Image_Extracted_DS and phantom_image RETURNING flag
ENDIF IF flag Equals FALSE THEN
CALL recover_image with Phantom_Image_Extracted_DS and phantom_image_Copy RETURNING flag
88
IF flag Equals FALSE THEN DISPLAY "The image's compressed copy may be also tampered."
ENDIF ENDIF
UBlock Diagram
Figure [5.10]: block diagram of BMP_ Authentication function
89
extract(Img):
Input: An image as a byte.
Output: From the beginning of Img and up to but not including the Delimiter (PicByte).
From the first bit that follows the end of the Delimiter up to the end of the input Img.
The basic algorithm for this function is from DevX Discussions web site. However, we
modified this function to match our needs.
In this function we will first search for the Delimiter in Img. If the complete Delimiter
found, the function succeed and will return PicByte which is Img without Delimiter or any tail.
This function will also return the tail which is the appended data (phantom_image_bytes and its
len). Figure5.2.5 illustrates the idea from using this function in the previous function.
Figure [ 5.11]: A diagram showing how we extracted our data from the image.
90
UPseudo code extract(Img) {
/* We define this sequence of data to use it as a delimeter that will indicate the
appended data position*/
INIT Delimiter to {73,82,113,83,116,95,82,112,116,115,72,101,96,53,101} INIT OutterSearch to TRUE INIT InnerSearch to TRUE INIT StopSearch to FALSE INIT count to 0 INIT leftCounter to 0 INIT rightCounter to 0
WHILE( count Less_than [Length(Img)-Length(Delimiter)] AND StopSearch Equals FALSE)
IF Img[count] Equals Delimiter[0] THEN SET leftCounter to count + 1 SET rightCounter to 1 SET InnerSearch to TRUE WHILE ( InnerSearch Equals TRUE
AND rightCounter Less_than Length(Delimiter)
AND leftCounter Less_than Length(Img) )
IF Img[leftCounter] Equals Delimiter[rightCounter] THEN INCREMENT rightCounter INCREMENT leftCounter
IF rightCounter Equals Length(Delimiter) THEN SET StopSearch to TRUE SET PicByte to Img without the Delimiter or any tail
ENDIF ELSE
SET InnerSearch to False INCREMENT count
ENDIF ENDWHILE
ELSE INCREMENT count
ENDIF ENDWHILE IF StopSearch Equals TRUE THEN
INIT i to 0 WHILE leftCounter Less_than Length(Img)
Image_Extracted_DS[i] = Img[leftCounter]
91
INCREMENT i INCREMENT leftCounter
ENDWHILE PRINT "Extraction Success"
RETURN Image_Extracted_DS ELSE
PRINT " Extraction Fails. Either the image is not watermarked or it may be modified." Return Failure
ENDIF }
92
Set OutterSearch to True Set InnerSearch to True Set StopSearch to False Set count to 0 Set LeftCounter to 0 Set rightCounter to 0
Count
< [ Length(Img) –
Length(Delimiter)] ?
StopSearch Equals False?
Img[count] Equals
Delimiter[0] ?
Set leftCounter to count + 1 Set rightCounter to 1 Set InnerSearch to True
InnerSearch
Equals True ?
rightCounter <
Length(Delimiter)?
leftCounter <
Length(Img) ?
Img[leftCounter] Equals
Delimiter[rightCounter]?
Increment leftCounter Increment rightCounter
rightCounter Equals
Length(Delimiter) ?
Set StopSearch to True
Set PicByte to (Img without any tail or DS)
Set InnerSearch to False Increment count
Increment count
Set i to 0
Extraction Fails Either the Picture is not authenticated,
or it may be tampered.
Extraction Success
LeftCounter <
Length(Img)?
Set Image_Extracted_DS[i] to Img[LeftCounter]
Increment i Increment LeftCounter
Flowchart:
93
extract_image_data(image, len):
Input: The original BMP image.
The length of the phantom image.
Output: phantom_image: The phantom image data as byte.
imageDS: The image extracted digital signature.
phantomImageDS: The phantom image extracted digital signature.
This function will extract the data that was embedded in the image's 2LSBs. This data was inserted in the following order:
1. phantom_image with the length len.
2. imageDS with the length of 128 bits.
3. phantomImageDS with the length of 128 bits.
So, we will first extract phantom_image then imageDS and finally phantomImageDS. UPseudo code extract_image_data(image, len) {
INIT index to 0 INIT j to 0 INIT k to 0 FOR i = 0 to len
INIT binary2 to empty string INIT bit to 0 WHILE bit Not_Equals 8
SET color to image _Pixel[j,k] SET temp to color[Blue] CALL convertToBinary with temp RETURNING binary1 Append the two LSBs from binary1 to binary2 INCREMENT bit by 2 CALL check_j_k with j,k,image_Height and image_Width RETURNING j,
k ENDWHILE CALL convertToInteger with binary2 RETURNING temp SET phantom_image[index] to temp INCREMENT index
ENDFOR INIT index to 0 FOR i = 0 to 128
INIT binary2 to empty string INIT bit to 0
94
WHILE bit Not_Equals 8 SET color to image _Pixel[j,k] SET temp to color[Blue] CALL convertToBinary with temp RETURNING binary1 Append the two LSBs from binary1 to binary2 INCREMENT bit by 2 CALL check_j_k with j,k,image_Height and image_Width RETURNING j,
k ENDWHILE CALL convertToInteger with binary2 RETURNING temp SET imageDs[index] to temp INCREMENT index
ENDFOR INIT index to 0 FOR i = 0 to 128
INIT binary2 to empty string INIT bit to 0 WHILE bit Not_Equals 8
SET color to image _Pixel[j,k] SET temp to color[Blue] CALL convertToBinary with temp RETURNING binary1 Append the two LSBs from binary1 to binary2 INCREMENT bit by 2 CALL check_j_k with j,k,image_Height and image_Width RETURNING j,
k ENDWHILE CALL convertToInteger with binary2 RETURNING temp SET phantomImageDS [index] to temp INCREMENT index
ENDFOR }
95
RSA_Decrypt ( ds ):
Input: The image's extracted digital signature .
Output: The image's digest after decrypting it.
As in RSA_Encrypt we also use System.Security.Cryptography Namespace to decrypt the
extracted digital signature of the image. In the verification process we are using the public key to
decrypt the digital signature and then return the result which is the extracted image's digest. The
digital signature schemes is used for sender authentication and non-repudiation, because anyone
can decrypt image's signature using the camera's public key. However only the camera that
captures this image can encrypt the image's digital signature using its private key.
Input: The extracted digital signature of the phantom image.
The phantom image as byte.
Output: flag: Indicates whether the process success or not .
This function will first decrypt the Phantom_Image_Extracted_DS to get the Phantom_Image _Extracted_Digest. Because the hashing is a one way cryptographic function, we need to calculate the hash value(Digest) for the phantom_image. If the two digest are identical that means the phantom_image is authenticated, so this function will display it as a way for recovering the original image content. Otherwise a failure flag will be returned.
This function used to display the image file name and location. If the file path is too large
it will display part of it followed by five dots then the file name. Otherwise it will display the
complete file name and path.
Save(I):
Input: An image. Output: -
This function uses System.Windows.Forms.SaveFileDialog Class to help saving I as a
BMP image file. The SaveFileDialog class displays a dialog box from which the user can select a
file or type a file name. It also prompts the user to select a location for saving a file, and either
open and overwrite an existing file or create a new file.
BuClose( ):
Input: - Output: -
This function used to close the application.
99
5.2.D Hide an Image Into Another Image(Steganography) *
This part is used for testing the embedding process, and to prove that it is really embedding an image inside another image. It also provides a steganography tool to hide an image message inside a cover image file. It works in the same way as self_embedding function except that it embeds a different image into the cover image. At the beginning, the image that will be embedded pic2 is compressed relative to the cover image size (i.e. pic1’s size) so that the cover file can accommodate it.. Then pic2’s compressed copy and its digital signature will be distributed in the 2LSBs of pic1. In addition, the length of the compressed image will be appended to the stgo-image. Finally, we will have the stgo-image which contains another image (pic2)with its digital signature and length. The block diagram shows the idea.
Fig[5.12 ] :block diagram of hiding an image into another one
*This section was not included in the project scope
100
To extract the embedded image we first extract the length from the end of the stego-
image. Then we will be able to extract the embedded phantom image and its digital signature. To
ensure that it is not modified, we decrypt the phantom_image_extracted_DS and compute the
phantom_image’s digest; if they are not equal this means that the stego-image has been altered.
The following block diagram shows how the extract function works.
UBlock Diagram
Fig[5.13 ] :block diagram of extracting an image into another one
101
5.3 Data Embedding Scheme for JPEG Grayscale Image Authentication
This is a semi-fragile watermarking technique [33]that accepts JPEG lossy compression on
the watermarked image, and rejects malicious attacks. the method is based on the invariant
property of DCT coefficients before and after JPEG compressions. We use this property to
generate the authentication signature bits stream from the image , then each bit of that stream
is hidden by the modification of the AC components of the image. The security of the technique
is achieved by extracting the image’s feature vector and performing Exclusive OR with a secret
key. Also by using a secret mapping table controls the image’s feature vector authentication
signature embedding and extracting processes in the image frequency domain AC coefficients.
In additional to image authentication , we embed a thumbnail of the image for recovering if a
tampering was detected(self-embedding).
A data embedding scheme typically consists of four main processes:
o Image’s feature vector generation process.
o Mapping table generation (i.e. look up table) process.
o Image’s feature vector embedding process.
o Image’s feature vector extracting process.
The JPEG baseline coding algorithm consists of the following steps:
1. The image is divided into 8×8 non-overlapping blocks.
2. Each block is level-shifted by subtracting 128 from it.
3. Each level-shifted block is transformed with Discrete Cosine Transform (DCT).
4. Each block of DCT coefficients is quantized using a quantization table . Quantization
simply consists of dividing the DCT coefficients by a number that affect the image
quality and the amount of compression and then rounding the result to integer . It is
102
done because most of higher frequency DCT coefficients will typically be truncated to
zeros and can then be represented with a simple run –length code.
5. Each block of quantized DCT coefficients is reordered in accordance with a zigzag
pattern.
6. Each block is coded with Huffman coding that assigns shorter bit codes to the most
frequency used number and longer bit codes to the least frequency used number .
Figure 5.14 shows a block diagram of Data Embedding Scheme for JPEG Grayscale
Image Authentication
103
Figure [5.14]: block diagram of Data Embedding Scheme for JPEG Grayscale Image Authentication
104
5.3. A JPEG _watermark (I): The main steps for image watermark are:
• Create a look up table (i.e. secret table) that contains 256 values . We use it to map each
AC value to 0 or 1 according to the image’s feature vector. The table contains the
possible range of AC values from -127 to +127 and correspondent pseudorandom values
0 or 1.
• After we obtain the quantized DCT coefficients of the image , we generate the image’s
feature vector from the difference between two DC components of adjacent blocks. If
the difference is bigger than zero then the bit value is set to 1 else the bit value is et to0.
Collecting these bits will form the image’s feature vector .Following that ,we use XOR
encryption of image’s feature vector for security reasons .
• Embed the image’s feature vector by modifying the low frequency coefficients of the
image DCT choosing the first five AC coefficients of most blocks using the look up
table .we choose only five to trying to protect the image quality.
• Create a thumbnail of the image and insert it to the comment field of the image for
recovering the original image contents if a tampering is detected.
Input: a grayscale JPEG or BMP image I
Output: The authenticated JPEG image Authenticated_img
UPseudo code CALL create_thumbnail_and_DS with I RETURNING thumbnail, DS_thumbnail
CALL Generate_image_feature_vector with I RETURNING image_feature
CALL Generate_LUT RETURNING LUT
CALL Embed_image_feature_vector with Q_DCT,LUT,and image_feature RETURNING
Authenticated_img
CALL Append_ thumbnail_and_DS with Authenticated_img, thumbnail, DS_thumbnail
RETURNING Authenticated_img
105
Block diagram :
Figure[ 5.15]: block diagram of JPEG _watermark function
106
Generate_LUT () In this function we create a 1-by-256 look up table using Matlab built in function round
(rand (1,256)). The table contains the possible range of AC values from -127 to +127 and
correspondent pseudorandom values 0 or 1.We use it to map each AC value to 0 or 1 according
to the feature vector. However it should not have a sequence of more than two adjacent 0’s or
1’s. For example, 010010110 is a valid sequence but 01 U000U10110 is not table 5.3.1 show our
Extract_ thumbnail (I) In this function we extract thumbnail and DS_thumbnail from the comment filed of the
Authenticated image.
5.3. C Matlab function:
function uses
im2Jpeg Convert an IMAGE to a JPEGOBJ struct
It compresses image X based on 8 x 8 DCT transforms, coefficient quantization, and Huffman
symbol coding.
Jpeg2im
Convert a JPEGOBJ struct to an image.
RSADEC
Rapidly decrypt a short message using RSA.
RSAENC
Rapidly encrypt a short message using RSA.
HASH
Convert an input variable into a message digest using
any of several common hash algorithms.
MAT2HUFF
Huffman encodes a matrix.
HUFF2MAT
Decodes a Huffman encoded matrix.
116
imread
Read image file (MATLAP).
Imwrite
Write image file (MATLAP).
imresize
Resize image.
dctmtx
Discrete cosine transform matrix.
blkproc
Implement distinct block processing for image.
im2col
Rearrange image blocks into columns.
rand
Uniformly distributed random numbers and arrays.
117
5.4 Used Tools • Visual Basic .Net is an object-oriented computer language. It is the extended version of
Microsoft's Visual Basic (VB) implemented on the Microsoft .NET framework. We used version VB 8.0, which was released in 2005, to write the main code.
• MATLAB is a numerical computing environment and programming language.
"Maintained by The Math Works, MATLAB allows easy matrix manipulation, plotting of functions and data, implementation of algorithms, creation of user interfaces, and interfacing with programs in other languages.
• S-Tools is a steganography tool that hides files in BMP, GIF, and WAV files. You open
S-Tools window and drag pictures and sounds across to it. To hide files you only drag them over open sound or picture windows. You can hide many files in one sound or picture and your data is compressed before being encrypted then hidden. Multi-threaded procedure means that you can have many hide/reveal procedures going simultaneously without fear of them interfering with you or holding up your work. You can even close the original picture/sound with no effects to ongoing threads
• Hex Editor Neo is a binary files editing software utility for Windows
• Microsoft Office Word Used for documentation
• Microsoft Office Power Point Used for presentation for the project and draw block
diagram .
• Adobe Photoshop Used for make tampered image, design the logo and some touches in project
• Microsoft Office Project Used for draw Gantt char
118
Testing
Chapter 6
119
Testing is the period of time in the software life cycle during which the components of a software product are evaluated and integrated, and the software product is evaluated to determine whether or not requirements have been satisfied and correct functionality is insured. A primary purpose for testing is to detect software failures so that defects may be uncovered and corrected. It can be done on the following levels:
• Unit testing:
tests the minimal software component, or module. Each unit (basic component) of the
software is tested to verify that the detailed design for the unit has been correctly
implemented.
• Integration testing
exposes defects in the interfaces and interaction between integrated components
(modules). Progressively larger groups of tested software components corresponding to
elements of the architectural design are integrated and tested until the software works as a
system.
• System testing
tests a completely integrated system to verify that it meets its requirements.
• System integration testing
that a system is integrated to any external or third party systems defined verifies in the
system requirements.
120
6.1 BMP steganalysis 6.1.1 Preliminary investigation: To test the performance of the steganalysis algorithm we used a database of 100 colored
images categorized as a complex, i.e. image has too much colors >⅓ of its size ; while the
others will be a simple (see table 6.1) . This database is augmented with the stego versions of
these images using the popular LSB embedding software, S-Tools, and the payload strength
which employed was 50~60% of the image maximum capacity. So there are 100 clean
images and 100 stego images ( overall 200 images). All these images are adulterated
artificially with a payload of strength 25% using IA&SS to analyze the purity of the images
(200*2=400 images). Any LSB based data hiding algorithm would equally work well.
Image Size No. of colors Histogram category
128 x 128 15620
complex
128 x 128 2474
simple
Table 6.1: Example of image categories
121
6.1.2 Threshold Selection According to S.Mitra, T.Roy, D.Mazumdar and A.B.Saha [21] , which confirmed the
necessity of a variable threshold to mark the stego images rather than a fixed one. we started
with a fixed threshold (10), To get some keys of how to choose the variable threshold, and run
the code for clean images and its stego. During that we do observe the values of U and P and M;
we noted the following:
1. The value of P and U increase as much as the image be more complex and vice versa.
2. Sequentially the value of R, R’ and M get more smaller for complex images both clean
and stego (see last three rows of table. 6.2) while for the simple images there is a large
difference between M for a stego and it for a clean(see first three rows of table. 6.2)
Image category image No of colors* M(clean) M(stego)
Table. 6.3 Shows the values of threshold using IA & SS algorithm for clean complex images:(Threshold_C ) and its Stego images:(Threshold_S), [True result condition: M(clean) > Threshold_C or M(stego) < Threshold_S] The last row shows the False Alarm Rate (FAR )and the False Detection Rate( FDR)
Table.6.4 shows the value of threshold using IA & SS algorithm for clean simple images: (Threshold_C ) and its stego images:(Threshold_S), [True result condition: M(clean) > Threshold_C or M(stego) < Threshold_S] The last row shows the False Alarm Rate (FAR )and the False Detection Rate( FDR)
123
Note:
1-The algorithm was tested for 128 x 128 images and it works well for the most.
2- There is a case for more complex images(colors >⅔ size) that algorithm does not
always work since some images have M value for clean image less than M value for its
stego. (see table.6.3: Smiley faces, Sun flower and Cake images)
6.1.3 Different stego images To test the performance of IA &SS for different stego images, 20 colored images
is used. They augmented with the stego versions using , S‐Tools, and three different
payload strength were employed which were 20~30%, 50~60% and 80~90%. So there
are 20 clean images and 60 stego images (20 under each hiding capacity; overall 80
images). And the following table show the results:
Image Category FAR FDR
Payload 20~30% 50~60% 80~90%
Simple images 10% 40% 10% 0%
Complex images 30% 40% 0% 0% Table 6.5 FAR and FDR for both simple images and its stego [with different payload size] U6.1.4 Some Examples U: 6.1.4.1 Non stego-image
Date: 30/1/2009 Application: BMP Steganalysis program. Testing objective: To test the program ability in differentiating a stego-image from a non stego one. Expected Result: As the image does not have any embedded message, the checking
result will be "The Image is CLEAN".
Test Input Data: 47.bmp (Its dimension is 128 x128).
124
Description: 1- Load a clean image
Figure [6.1]: open clean image.
2- Click check to start steganalysis
Figure [6.2]: check the load image.
125
6.1.2.2 stego-image
3- When the steganalysis finishes, the following result is displayed:
Figure [6.3]: the result message.
Actual Result: Succeed.
Date: 30/1/2009 Application: BMP Steganalysis program. Testing objective: To test the program ability in differentiating a stego-image from a non stego one. Expected Result: As the image has a message already embedded in it, the checking
result will be "This is a STEGO Image"
Test Input Data: 28_ss.bmp (Its dimension is 128 x128).
Description: 1. Click open and choose stego image 50~60%
126
Figure [6.4]: open stego image.
2. Click check to start steganalysis
Figure [6.5]: check the load image.
127
The Final test Results
Table 6.6: Final test result for steganalysis.
3. The displayed result is:
Figure [6.6]: the result message.
Actual Result: Succeed.
Case Description Expected Result Actual Result
1. Click open button The image successfully loaded 2. Click stego button Open s-tools application
3. Click exit button The IA&SS’s application will be closed
128
6.2 BMP Image Authentication Scheme 6.2.1 Sign a BMP image:
Date: 28/1/2009 Application: BMP Authentication program. Testing objective: To ensure the validity of the signing process and the ability to get and save the watermarked image. Expected Result: The selected image is loaded, signed and then saved. Test Input Data: Omar_Aboody.bmp (Its dimension is 1616 x1130).
Description: In this test, 1. The user calls Omar_Aboody.bmp image to be loaded.
Figure [6.7]: Load BMP image for watermarking.
2. As we designed the program to add a watermark to the image, click Sign
Button to get the watermarked or authenticated image.
129
Figure [6.8]: watermarked image.
3. When the signing process completes successfully, the user can save the
watermarked image in the desired path with the desired name, say Omar_Aboody watermarked.bmp.
130
Figure [6.9]: save watermarked image
4.The Omar_Aboody watermarked.bmp image is successfully saved to part2 directory.
Figure [6.10]: The image and the watermarked version of it.
Actual Result: Succeed.
131
6.2.2 Verify after un-tampered image:
Date: 28/1/2009 Application: BMP Authentication program. Testing objective: To ensure the validity of the watermark verifying process. Expected Result: The selected image is verified and the “ No tampering or steganography in this image.” Message is displayed. Test Input Data: Omar_Aboody watermarked.bmp (Its dimension is 1616 x1130). Description: In this test,
1. The user calls Omar_Aboody watermarked.bmp image to be loaded.
Figure [6.11]: Load watermarked image.
2. When the image is displayed, he can click Verify Button to check this image
authenticity.
132
6.2.3 Verify after Slightest modified image:
Figure [6.12]: verifying process.
3. The user can observe the work progress of the verifying process through the Status Strip. When the process completes successfully, the expected result message is displayed.
Figure [6.13]: The result of verifying.
Actual Result: Succeed.
Date: 28/1/2009 Application: BMP Authentication program and Hex Editor Neo. Testing objective: To ensure the validity of the watermark verifying process after incidental modification. And to test the ability to display the phantom image if the image is slightly tampered. Expected Result: The selected image is verified and the “ Image was tampered.” Message is displayed. Also a compressed copy of the original image is displayed. Test Input Data: Omar_Aboody watermarked.bmp (Its dimension is 1616 x1130). Description: In this test,
1. The user opens a hex file editing tool like Hex Editor Neo.
133
Figure [6.14]: Hex Editor Neo.
2. Then he clicks on Open icon to open and dump Omar_Aboody
watermarked.bmp image.
Figure [6.15]: Open image for editing.
3. Notice that the address 00692b25h’s value is ff h , and the address 00692b26h’s value is 0ah.
134
Figure [6.16]: Hex Editor Neo interface.
4. Assume that we changed these values to 7fh and 5ah ,respectively .
Notice that only few bits were modified.
Figure [6.17]: Edit image.
135
5. Then he click Save as icon to save the slightly tampered image with the name Omar_Aboody watermarked_Tampered.bmp
Figure [6.18]: Save tampered image.
6. Now the user will turn to IA&SS BMP Authentication program and selecte
Omar_Aboody watermarked_Tampered.bmp image file. Then he will click opened.
Figure [6.19]: Load tampered image.
7. After Omar_Aboody watermarked_Tampered.bmp image has been loaded,
136
6.2.4 Verify after maliciously tampered image:
the user clicks Verify button to check if the image stills authentic after this modification or not.
8. While the verifying process does its work, he can observe this work through the Status Strip. When the process completes successfully, as this is a fragile watermarking technique the expected result message is displayed.
Figure [6.20]: Result of verifying tampered image.
9. Because of the few number of tampered bits, the phantom image can be
extracted properly and its digital signature can be verified correctly. Finally, the phantom image is displayed.
Figure [6.21]: Phantom of tampered image.
Actual Result: Succeed.
Date: 28/1/2009 Application: BMP Authentication program and The Photoshop. Testing objective: To ensure the validity of the watermark verifying process after a malicious modification. Expected Result: The selected image is verified and the “Image was tampered, or it may be not watermarked.” Message is displayed.
137
Test Input Data: rose.bmp (Its dimension is 166 x166 ). Description: In this test,
1. At BMP Authentication program,the user calls rose.bmp image to be loaded.
Figure [6.22]: Load image.
2. Then, he clicks Sign Button to get the watermarked image.
Figure [6.23]: Sign image.
3. When the signing process completes successfully, the user saves the
138
watermarked image with the name rose_ watermarked.bmp.
Figure [6.24]: Save watermarked image.
4. The rose_ watermarked.bmp image is successfully saved to part2 directory.
5. Now, the user will use some image manipulation tool like The Photoshop. He opened rose_ watermarked.bmp and changed the color of one of its roses. Then he saved the modified image with the name rose_ watermarked_Tampered.bmp at part2 directory.
6. After that, he will go back to IA&SS BMP Authentication program and call rose_ watermarked_Tampered.bmp.
139
Figure [6.25]: Open watermarked tampered image.
7. Then, he clicks Verify button to check if the image stills authentic after this malicious modification or not.
Figure [6.26]: Verifying process for watermarked tampered image.
.
8. When the verifying process completes, the expected result message is displayed.
140
6.2.5 Hide an image into another image:
Figure [6.27]: Result of verifying tampered image
9. As this modification was malicious, the program will not be able to extract and verify the watermark or the phantom image data. So, the image will not be authentic.
Actual Result: Succeed.
Date: 28/1/2009 Application: BMP Authentication program. Testing objective: To ensure the validity of the image compressing and embedding processes. Expected Result: The cover-image will hold another image in its LSBs. We will obtain the stego-image and from it –if it is not tampered- we can extract the embedded image. Test Input Data: The cover-image: Amera.bmp (Its dimension is 124 x166 ).
The embedded image: Hessa.bmp (Its dimension is 1600 x1200 ). Description: In this test,
1. From IA&SS BMP Authentication program,the user clicks on Test the code button in order to test the program ability to hide an image into itself or into another image.
141
Figure [6.28]: Test embedding process button
2. Now, from the opened application he selects the cover image Amera.bmp.
Figure [6.29]: Test embedding process interface
142
Figure [6.30]: Load first image
3. Then, he selects the phantom or embedded image to be Hessa.bmp.
143
Figure [6.31]: Load test phantom image
144
Figure [6.32]: The image and test phantom that will be embedded
4. To embed the phantom image in the cover image, the user clicks Embed
button. He can follow up the embedding progress through the status strip.
Figure [6.33]: Embedding process
5. When the embedding process completes successfully, the user saves the stego-
image with the name Amera_Stego.bmp. Then go back to the home page.
145
Figure [6.34]: Save stego image
6. Now, the user can go to part2 directory.
Figure [6.35]: The directory that contain image and test phantom image
146
Figure [6.36]: Test phantom image
7. Then delete the embedded image Hessa.bmp.
Figure [6.37]: Delete phantom image
147
Figure [6.38]: The directory which was containing that test phantom image
8. After deleting the embedded file, the user will return back to the IA&SS
Hiding image in another image application. Then open Amera_Stego.bmp image file.
Figure [6.39]: Load the stego image
9. At this moment the user want to see the embedded image, so he clicks on
148
Extract button.
Figure [6.40]: Extract the test phantom image from stego image
10. When the extraction process completes, the embedded image will be displayed. At this case because of that the embedded image is greater than the cover-image, the extracted phantom image will be not very clear.
149
The
Figure [6.41]: The extracted test phantom image
However, if we try to embed Amera.bmp image in Hessa.bmp image, the extracted phantom image will be better in its resolution.
Figure [6.42]: Another test phantom image showing better resolution Actual Result: Succeed.
150
6.2.6 Final Test Result
BMP watermarking: Case Description Expected Result Actual Result
1. Click open button The image successfully loaded
2. Click sign button The image successfully signed
3. Click verify button
3.1. Image is clean Display message “No tampering or steganography in this image”
3.2. Image was
tampered Display message "Image was tampered” and display phantom image
3.3. Image and
phantom image were tampered
Error message “Image was tampered , or it may be not watermarked”
3.4. Image was not
signed Error message “Image was tampered , or it may be not watermarked”
4. Click exit button The IA&SS’s application
will be closed Table 6.7: Final test result for BMP Authentication
151
Test the embedding code(Hide an Image Into Another Image): Case Description Expected Result Actual Result
1. Click open Image button The image successfully loaded
2. Click open phantom Image button
The phantom image successfully loaded
3. Click embed phantom image button
The embedding successfully done
4. Click extract button
4.1. Image contain another image Display phantom image
4.2. Image was tampered
Display message “Image was tampered, or it may be does not contain any image”
4.3. Image does not contain any image
Display message “Image was tampered, or it may be does not contain any image”
5. Click exit button Test code window will be closed
Table 6.8: Final test result for Test embedding code
152
6.3 JPEG Image Authentication Scheme
6.3.1 Sign a JPEG image:
Date: 27/1/2009 Application: JPEG Authentication program. Testing objective: To ensure the validity of the signing process and the ability to get and save the watermarked image. Expected Result: The selected image is loaded, signed and then saved. Test Input Data: a) Jammaz.jpg(simple) (Its dimension is 638 x635 ) b) house.bmp(complex) (Its dimension is 685 x366). Description: In this test,
4. The user call Jammaz.jpg(simple) / house.bmp(complex) image to be loaded.
Figure [6.43]: a) Load simple image – b) Load complex image
5. As we designed the program to add a watermark to the image, he can click Sign Button to get the watermarked image.
153
Figure [6.44]: a) Sign simple image – b) Sign complex image
6. When the signing process completes successfully, the watermarked image will be saved in the desired path with the desired name, say Jammaz_auth.jpg(simple) / house_auth.bmp(complex) .
Figure [6.45]: a) Save signed simple image – b) Save signed complex image
4.The Jammaz_auth.jpg(simple) / house_auth.bmp(complex)image is successfully saved to part3 directory
154
6.3.2 Verify after un-tampered image:
Figure [6.46]: a) The simple image and its authenticated version . b) The complex image and its authenticated version Actual Result: Succeed.
Date: 27/1/2009 Application: JPEG Authentication program. Testing objective: To ensure the validity of the watermark verifying process. Expected Result: The selected image is verified and the “ Image is not tampered.” Message is displayed. Test Input Data: Jammaz_auth.jpg(simple) (Its dimension is 638 x635) / house_auth.jpg(complex) (Its dimension is 685 x366). Description: In this test, 4. The user call Jammaz_auth.jpg(simple) / house_auth.jpg(complex) image to be loaded.
Figure [6.47]: a) Open authenticated version of simple image. b) Open authenticated version of complex . 5. When the image is displayed, he can click Verify Button to check this image authenticity.
155
6.3.3 Verify after tampered image:
Figure [6.48]: a) The authenticated simple image. b) The authenticated complex image 6. When the process completes successfully, the expected result message is displayed.
Figure [6.49]: Verifying result Actual Result: Succeed.
Date: 27/1/2009 Application: JPEG Authentication program. Testing objective: To ensure the validity of the watermark verifying process. Expected Result: The selected image is verified and the “ Image was tampered” Message is displayed. Test Input Data: Jammaz_tampered.jpg(simple) (Its dimension is 638 x635) / house_tampered.jpg(complex) (Its dimension is 685 x366). Description: In this test,
1. The user call Jammaz_tampered.jpg(simple) / house_tampered.jpg(complex) image to be loaded.
156
Figure [6.50]: a) Load tampered simple image – b) Load tampered complex image
2. When the image is displayed, he can click Verify Button to check this image authenticity.
Figure [6.51]: a) Verify tampered simple image – b) Verify tampered complex image
3. When the process completes successfully, the expected result message is displayed.
Figure [6.52]: Verifying result Actual Result: Succeed.
157
6.3.4 Verify after compressed(25%) image: Date: 27/1/2009 Application: JPEG Authentication program. Testing objective: To ensure the validity of the watermark verifying process. Expected Result: The selected image is verified and the “ Image is not tampered” Message is displayed. Test Input Data: Jammaz_compresed25.jpg(simple) (Its dimension is 638 x635) / house_comperesed25.jpg(complex) (Its dimension is 685 x366).
Description: In this test, 1. The user call Jammaz_compresed25.jpg(simple) / house_comperesed25.jpg(complex)
2. When the image is displayed, he can click Verify Button to check this image authenticity.
3. When the process completes successfully, the expected result message is displayed.
158
6.3.5 Verify after compressed(50%) image:
Actual Result: Succeed.
Date: 27/1/2009 Application: JPEG Authentication program. Testing objective: To ensure the validity of the watermark verifying process. Expected Result: The selected image is verified and the “ Image is not tampered” Message is displayed. Test Input Data: Jammaz_compresed50.jpg(simple) (Its dimension is 638 x635) / house_comperesed50.jpg(complex) (Its dimension is 685 x366). Description: In this test,
1. The user call Jammaz_compresed50.jpg(simple) / house_comperesed50.jpg(complex)
Figure [6.53]: a) Load 50% compressed simple image – b) Load 50% compressed complex image
2. When the image is displayed, he can click Verify Button to check this image authenticity.
159
Figure [6.54]: a) verify compressed simple image – b) verify compressed complex image
3. When the process completes successfully, the expected result message is displayed.
Figure [6.55]: verifying result Actual Result: Succeed. 6.3.6 Verify after compressed(80%) image: Date: 27/1/2009 Application: JPEG Authentication program. Testing objective: To ensure the validity of the watermark verifying process. Expected Result: The selected image is verified and the “ Image was tampered ” Message is displayed. Test Input Data: Jammaz_compresed80.jpg(simple) (Its dimension is 638 x635) / house_comperesed80.jpg(complex) (Its dimension is 685 x366). Description: In this test,
1. The user call Jammaz_compresed80.jpg(simple) / house_comperesed80.jpg(complex)
160
Figure [6.56]: a) Load 80% compressed simple image – b) Load 80% compressed complex image
2. When the image is displayed, he can click Verify Button to check this image authenticity.
Figure [6.57]: a) verify compressed simple image – b) verify compressed complex image
3. When the process completes successfully, the expected result message is displayed.
161
Figure [6.58]: verifying result and phantom image
Actual Result: Succeed.
6.3.7 Verify after un-signed image: Date: 27/1/2009 Application: JPEG Authentication program. Testing objective: To ensure the validity of the watermark verifying process. Expected Result: The selected image is verified and the “ Image was tampered” Message is displayed. Test Input Data: penciles.jpg (Its dimension is 540 x369). Description: In this test,
1. The user call penciles.jpg image to be loaded.
Figure [6.59]: Load unsigned image
162
2. When the image is displayed, he can click Verify Button to check this image
authenticity.
Figure [6.60]: Verify unsigned image
3. When the process completes successfully, the expected result message is
displayed.
Figure [6.61]: Verifying result
Actual Result: Succeed.
163
6.3.9 The Final Test Result
Case Description Expected Result Actual Result
1. Click open button The image successfully loaded 2. Click watermark
button The image successfully signed and saved
3. Click verify button
3.1. Image is clean Display message “No malignant tampering in this image”
3.2. Image was
tampered
Display message "Image was tampered” and display phantom image
3.3. Image and phantom
image were tampered
Error message “Image was tampered , or it may be not watermarked”
3.4. Image was not
signed
Error message “Image was tampered , or it may be not watermarked”
4. Click exit button The IA&SS’s application will
be closed Table 6.10: Final test result for JPEG Authentication
164
Conclusion In this project, we have presented three techniques; first one is a steganalysis for BMP
images without authentication to detect the presence of hidden message in LSB steganography .
The detection theory is based on statistical analysis of pixel pairs using their RGB components.
The second techniques is a new technique for JPEG images authentication that is based on table
look-up in the frequency domain .A feature vector which is extracted from the image is
embedded in a way to avert loss when the image is compressed . The third is a new technique for
BMP images ' authentication using digital signature and self-embedding to protect the image
content.
In our authentication algorithms, we tried to achieve most of the modern image
authentication algorithm's properties. For example, the hashing and encryption algorithms can be
updated easily which means that the proposed authentication schemes will also be secure in the
future.
Future work 1-For steganalysis of BMP images, derive an equation that would be used to calculate the
threshold as a function of the image parameters.
2-For digital signature: based image authentication perhaps derive a hashing algorithm
that is robust to incidental image manipulations, but can detect malicious tampering.
3-for JPEG semi-fragile image authentication, modify the embedding algorithm in such a
way so as to increase the embedding capacity of the image , and hence dispense with the
comment field for storage of the thumbnail image.
165
References:
[1] A. Westfield and A. Pfitzamann, "Attacks on steganographic systems" in 3rd
International Workshop on Information Hiding, pp. 61-76, 1999
[2] J. Fridrich, M. Goljan, D. Hogea and D. Soukal, "Quantitative steganalysis of digial
images: Estimating the secret message length" ACM Multimedia System Journal 9,Sept.
2003
[3] Deus Ex Machina Communications ,“STEGANOS.”
[4] Machado, Romana.,“E2 Stega”
[5] A.Westfield, A. and Pfitzmann A., “Attacks on Steganographic Systems“, Proc. 3rd
Info. Hiding Workshop,
Dresden, Germany, September 28-October 1, 1999, pp.
[6] Jiri Fridrich, bRui Du, bMeng Long “STAGANALYSIS OF LSB ENCODING IN
COLOR IMAGES”.
[7] J. Fridrich, R. Du, and L. Meng, “Steganalysis of LSB Encoding in Color Images,”
Proceedings IEEE International
Conference on Multimedia and Expo, July 30–August 2, 2000, New York City, NY.
[8]. J. Fridrich, M. Goljan, and R. Du, "Reliable Detection of LSB Steganography in
Grayscale and Color Images ",
Proc. ACM, Special Session on Multimedia Security and Watermarking, Ottawa, Canada,
October 5, 2001, pp. 27–30.
166
[9]. J. Fridrich, M. Goljan, and R. Du, “Detecting LSB Steganography in Color and Gray-
Scale Images”, Magazine of
IEEE Multimedia, Special Issue on Security, October-November issue, 2001, pp. 22–28.
[10] Jessica Fridrich*, Miroslav Goljan,”Practical Steganalysis of Digital Images – State
of the Art”
SUNY Binghamton, Department of Electrical Engineering, Binghamton, NY 13902-6000
[11] "A Secure and Robust Hashing Scheme for Image Authentication" Fawad Ahmed
and M.Y. Siyal
[12] Chia-Hung LU , Hao-Kuan TSO , Der-Chyuan LOU , and David Chien-Ting TAI
"Image Authentication Method by Combining Digital Signature and Watermarking"
[13] G. L. Friedman, “The trustworthy digital camera: Restoring credibility
to the photographic image,” IEEE Trans. Consumer Electron., vol. 39,
pp. 905–910, Nov. 1993.
[14] "A watermark-based robust image authentication method using wavelets,”
Columbia Univ., New York, ADVENT Project Rep., Apr.
1998.
[15] S.Walton, “Image authentication for a slippery new age,” Dr. Dobb’s J.,
pp. 18–26, April 1995.
[16] M. Yeung and F. Mintzer, “An invisible watermarking technique for image
verification,” in Proc. IEEE Int. Conf. Image Processing, Santa