Steganography Cyber Security Camp, July 22, 2015 Rodrigo Sardiñas Dr. David Umphress William Frazier.

Steganography

Cyber Security Camp, July 22, 2015

Rodrigo SardiñasDr. David Umphress

William Frazier

2

What is Steganography

3

What is Steganography

• The art of covered or hidden writing. • Steganos – Greek word meaning “covered”• Graphy – Latin word meaning “writing” or

“drawing”• Thousands of years old

– Tattoos, symbols, contextual clues/jargon, bunnies

• Difficult to detect (if you don’t know its there)

4

What Steganography is Not

• Cryptography – Kryptos = secret or hidden– Graphein/Logia = writing/study– The art of writing or solving codes.– Hide the meaning, not the message

• Steganography– Hide the message, not the meaning

• Can both be used to obscure data

5

Example 1

• Covered or concealment ciphers– Use null cipher to hide message according

to some prearranged set of rules

Frank is not doing my editing.

Hidden message: “Find me”

6

Activity 1

• At your table, devise your own concealment cipher strategy. (5 minutes)

• Use that strategy to hide a message. (3 min)• Class will have several minutes to try to

decipher each group’s message.– Prize for group with most correct guesses– Prize for group with most elaborate or creative

strategy

7

Types of Steganography

InsertionSubstitutionGeneration

8

Insertion (Injection)

• Hide data in sections of a file that are not processed– Comments section in HTML file– After EOF marker in regular file– Metadata section of file

• No modification of relevant data• Will add to original file size• No limit to how much can be hidden• Potential to detect if compared to original

9

Example 2Steganography via injection

OriginalEdited in Notepad++

10

Activity 2 (text only)• Open an image using notepad++• Write a message at the bottom of the file• Open the image normally to view it• Experiment with writing messages at various

locations in the image (in notepad++) to see what happens

• Discuss results of inserting messages in places other than at the end– What happens when you add text to beginning?– What about somewhere in the middle?

11

Activity 3 (files)• Create file(s) (any files, text, word, etc…)• Zip files up using built-in windows zip command

(send to -> zip file)• Place zip and an image in same folder• Open command in current directory

– Shift + right click -> open command prompt here

• copy /b [name of picture].jpg + [name of zip file].zip [new name for picture].jpg

• View new image normally• Change file extension to .zip to view archive contents

12

Substitution

• Make minor changes in data such that user doesn’t notice change

• No change in file size• Limited in how much can be hidden• Potential to detect if compared to

original

13

Example 3Least Significant Bit

Substitution

Original Modified

14

Activity 5• Open a web browser and go to the following URL:

– http://www.mobilefish.com/services/steganography/steganography.php

• Follow instructions to upload any image• Type hidden message• Do not enter a password (no encryption)• Download image with message inside• Open in notepad++ to see if you can find message• Go back to website and follow instructions to

show message

15

End of Session 1

Lunch

16

Generation

• Create new file from carrier (file hiding the data) and hidden data file using some algorithm

• No limit to how much can be hidden• Cannot be compared to original since a brand

new “original” file is created

17

Example 5Use custom algorithm to hide data

Created image

Message hidden in audio generated from image

18

Activity 4 Do Together (part 1)• Use Gimp to create

hidden message– Create new image– Change background

color to black

– Create text in image (use white text)

– Export image as JPEG

19

Activity 4 Do Together (part 2)• Use coagula to convert JPEG to audio (.wav) file

– Open JPEG in coagula– Select “render without blue”

• This should create coagula.wav in current folder

20

Activity 4 Do Together (part 3)• Use Audacity to view message

– Open coagula.wav in audacity– Select Spectrogram option to view hidden message

21

Activity 5 (part 1)

• Use OpenPuff to Hide, encrypt, and distract• Hide data

– Choose 3 different passwords (write them down)• 2 for crypto, 1 for scrambling

– Select data to hide• From secret data folder

– Select multiple carriers (.mp3, .jpg, .pdf, ect…)• From carrier folder

– Sort carriers– Select noise level– Add Decoy– Enter 3 different passwords– Choose output folder(s)

22

Activity 5 (part 2)

23

Activity 5 (part 3)

• Use OpenPuff to Hide, encrypt, and distract• Unhide data

– Enter all passwords• If you want to unhide decoy, enter decoy passwords• If you want to unhide data, enter data passwords

– Browse to folder with previous carriers and choose correct ones

– Sort carriers in same order as before– Select same noise level as before– Verify data is correct

24

Activity 5 (part 4)

25

Who Uses Steganography• Spies and terrorists

– http://www.washingtonpost.com/wp-dyn/content/article/2010/06/30/AR2010063003108.html

• Commercial and Government– Suggest to use with encryption– Watermarking

• Hackers– http://www.tripwire.com/state-of-security/incident-detect

ion/hackers-exfiltrating-data-with-video-steganography-via-cloud-video-services/

• All of us after this workshop!

26

Interesting Application of Steganography• https://danbowen.wordpress.com/2014/02/11/meet

-the-man-who-solved-the-mysterious-cicada-3301-puzzle/

27

A Keystone in Building a Better Future for All