CYBER SECURITY BITS EDU CAMPUS COMPUTER SCIENCE DEPARTMENT
CYBER SECURITYBITS EDU CAMPUS
COMPUTER SCIENCE DEPARTMENT
TOPIC:
STEGANOGRAPHY
Prepared by:
Shruti Ghelani-140050107031
Taha Malampattiwala-140050107052
Jinal Mayavanshi-140050107056
INFORMATION HIDING• Information Hiding is a branch of computer science that deals with
concealing the existence of a message• It is related to cryptography whose intent is to render messages
unreadable except by the intended recipients• It employs technologies from numerous science disciplines:
• Digital Signal Processing (Images, Audio, Video)• Cryptography• Information Theory\Coding Theory• Data Compression• Human Visual/Auditory perception
• There are four primary sub-disciplines of Information Hiding• Steganography• Watermarking• Covert Channels• Anonymity
• Alice and Bob• Classical names given to the parties wishing to communicate
• Sometimes, you may have a Carol and a Dave
• Eve, an adversary, can listen to but not modify or forge a message• (think passive eavesdropping)
• Wendy the Warden, another adversary, can monitor, modify, or forge a message• A passive warden simply listens (like Eve)
• An active warden may modify a message
• A malicious warden may forge a fake message
BASIC TERMINOLOGY
What is Steganography?
def’n: the art and science of hiding information by embedding it in some other data.
cryptography - render message unintelligiblesteganography - conceal the existence of the message
• Steganography literally means “covered writing”• A stegosaurus has a covered back
• Steganography’s primary goal is to hide data within some other data such that the hidden data cannot be detected even if it is being sought
• Secondary goals:• prevent extraction from the cover file without destroying the cover• prevent destruction of the stego-message without destroying the cover
• Most frequently, steganography is applied to images, but many other data or file types are possible• Audio• Video• Text• Executable programs
The cover provides a host for transporting the hidden info.
info
embed
-file
extract
info
Digital Steganography
• HTML message as cover?
• computer program as cover?
• network protocol headers
• white space in text
• unused space in buffer
• least significant bits of image
• slight distortion in sound file
• “Easter eggs”
Steganography in ImagesTwo types of compression: • lossless (gif) • lossy (jpeg)
Sometimes concealed message inserted as a comment.Sometimes the accuracy of the image is sacrificed slightly.
Common Tools• StegoDOS
• White Noise Storm
• S-tools• Outguess• Steghide
APPLICATIONS OF INFORMATION HIDING• Covert military communications
• Covert police communications• Criminals have learned that police are nearby when they hear encrypted
communications, so they abate their activity for the moment
• A steganographic system would prevent this detection
• Digital Rights Management – protecting intellectual property such as images, music, electronic books, etc.
• Embedding textual data in medical images would better ensure that the picture belongs to a particular patient• This technique could apply to personal pictures, sounds, and movies
• Tamper proofing – ensuring a data file has not been changed
• Communicating in an oppressive country w/o free speech
NEFARIOUS APPLICATIONS OF INFORMATION HIDING
• You won’t find these applications in the book• money laundering• drug running• child pornography• spying (good or bad depending upon which side you’re on!)• terrorism
• Unfortunately, these uses are also possible• The technology itself isn’t bad, but like many things, it can be (and is)
abused• Since there are nefarious uses, law enforcement and the military is also
interested in understanding hiding techniques and detecting hidden data• There are some projects right here at UTSA that have done research for the
Air Force
STEGANALYSIS• Steganalysis is the detection of data that has been hidden
• It is a cat and mouse game – as one group of researchers come up with better ways to hide stuff, another group figures out how to detect it or perhaps just destroy it
• In the summer course last year, one student thought he had a hiding system that was undetectable
• His lab partner wrote a statistical analysis program that exposed the hidden message
• The first student modified his program to defeat the attack
• His lab partner modified his analyzer and still found the message
THANK YOU.