Steganography Project Report

1. INTRODUCTION

1.1 INTRODUCTION:-

Information security (sometimes shortened to InfoSec) is the practice of defending information from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction. It is a general term that can be used regardless of the form the data may take (electronic, physical, etc...)[1]

Below are the fundamentals when dealing with information security:

IT Security = Sometimes referred to as computer security, Information Technology Security is information security when applied to technology (most often some form of computer system).

Information Assurance = The act of ensuring that data is not lost when critical issues arise. These issues include but are not limited to; natural disasters, computer/server malfunction, physical theft, or any other instance where data has the potential of being lost.

Governments, military, corporations, financial institutions, hospitals, and private businesses amass a great deal of confidential information about their employees, customers, products, research and financial status. Most of this information is now collected, processed and stored on electronic computers and transmitted across networks to other computers.

Should confidential information about a business' customers or finances or new product line fall into the hands of a competitor, such a breach of security could lead to negative consequences.  Protecting confidential information is a business requirement, and in many cases also an ethical and legal requirement.

For the individual, information security has a significant effect on privacy, which is viewed very differently in different cultures.

The field of information security has grown and evolved significantly in recent years. In the project we study about and apply algorithms related to an important part of information security, steganography using both image and text as a cover medium.

1.2 NECESSITY:-

i

One of the reasons that intruders can be successful is the most of the information they acquire from a system is in a form that they can read and comprehend. Intruders may reveal the information to others, modify it to misrepresent an individual or organization, or use it to launch an attack. One solution to this problem is, through the use of steganography.

Steganography is a technique of hiding information in digital media. In contrast to cryptography, it is not to keep others from knowing the hidden information but it is to keep others from thinking that no information even exists.

Steganography became more important as more people joined the cyberspace revolution. On a more general sense, steganography is the art of concealing information in ways that prevents even the detection of hidden messages. Steganography includes an array of secret communication methods that keeps the message from being seen or discovered.

Due to advances in computing, networking and internetworking most of information is kept electronically. Consequently, the security of information has become a fundamental issue. Besides cryptography, steganography can be employed to secure information in the next level. In steganography, the message or encrypted message is embedded in a digital host before passing it through the network, thus the existence of the message is unknown. Besides hiding data for confidentiality, this approach of information hiding can be extended to authentication i.e., copyright protection for digital media: audio, video and images.

The growing possibilities of modern communications need the special means of security especially on computer network. The network security is becoming more important as the number of data being exchanged on the internet increases. Therefore, the confidentiality and data integrity are requires to protect against unauthorized access and use. This has resulted in an explosive growth of the field of information hiding. Information hiding is an emerging research area, which encompasses applications such as copyright protection for digital media, watermarking, fingerprinting, and steganography.

In watermarking applications, the message contains information such as owner identification and a digital time stamp, which usually applied for copyright protection.

Fingerprint, the owner of the data set embeds a serial number that uniquely identifies the user of the data set. This adds to copyright information to makes it possible to trace any unauthorized used of the data set back to the user.

Steganography hide the secrete message within the host data set and makes it’s presence imperceptible and is to be reliably communicated to a receiver. The host data set is purposely corrupted, but in a covert way, designed to be invisible to an information analysis.

1.3 OBJECTIVES:-

ii

This project is developed for hiding information i.e, text in any image or text file. The scope of the project is implementation of steganography tools for hiding information using algorithms such as the LSB algorithm (for the cover medium image) and the White Space algorithm (for the cover medium text). Thus the main objectives of our project, like most steganographic tool, are:

To communicate reliably a secret message from a source to a destination. To hide the presence of the secret message from the third party. To design practical secured stego methods.

1.3.1 METHODOLOGIES:-

The project presents a user-friendly and simple but efficient application which effectively hides a text message in an image file or text file selected by the user. If the user wants to use an image as a cover medium, the message is hidden using a steganographic algorithm, LSB. If , on the other hand, text is selected as the cover medium, the White Space algorithm is used.

In case of the LSB, after using the encrypt menu, we achieve an image that looks apparently identical to the original image we selected for our application. To extract the information (or, the hidden text on our case) we select the decrypt option and on running the decrypt function the application separates the message from the image thus fulfilling the basic project objective. This technique is chosen, because this system includes not only imperceptibility but also un-detectability by any steganalysis tool.

While, in case of the White Space algorithm, the message is encrypted by using the white spaces in the messages , that depend on whether the particular bit in the message is a 0 or a 1.

Later , during decryption, the white spaces are decoded to give us back the bits to be reconstructed into the respective characters using the ASCII values, thus giving us back the original text.

An authentication mechanism in each of the particular encrypted file (be it image or text) has been introduced in the form of a unique authentication code randomly generated by the system during encryption. This authentication ID enables one to access the file and thus adds security on an individual file basis.

1.4 THEME:-

iii

Information hiding (or data hiding) is a general term encompassing a wide range of problems beyond that of embedding messages in content. The term hiding here can refer to either making the information imperceptible (as in watermarking) or keeping the existence of the information secret. [1]

The inventor of the word steganography is Trithemius, the author of the early publications on cryptography: Polygraphia and Steganographia. The technical term itself is derived from the Greek words steganos, which means “covered,” and graphia, which means “writing.” Steganography is the art of concealed communication. The very existence of a message is secret.

Steganography is the practice of hiding private or sensitive information within something that appears to be nothing out to the usual. Steganography is often confused with cryptology because the two are similar in the way that they both are used to protect important information. The difference between two is that steganography involves hiding information so it appears that no information is hidden at all. If a person or persons views the object that the information is hidden inside of he or she will have no idea that there is any hidden information, therefore the person will not attempt to decrypt the information.

What steganography essentially does is exploit human perception, human senses are not trained to look for files that have information inside of them, although this software is available that can do what is called Steganography. The most common use of steganography is to hide a file inside another file.

Two different applications of steganography are:

The first is what we call classical steganography, and its aim is that of transmitting a message by means of another innocent or casual-looking medium

The second is invisible digital watermarking, which purpose is to assess the ownership or integrity

Of some pieces of information, named after the watermarks we are used to see on bills or legal documents for the same purpose. It can be used also to provide additional information on a message inside a message itself.

Since we are using both image and text file for hiding text and using different algorithms for both subparts of our application, here we attempt to give a brief insight into the functioning of both,, namely LSB and White Space algorithm.

1.4.1 STEGANOGRAPHIC SYSTEM:-

iv

FIG 1.4.1: Steganographic System

The terms used are as follows :

fE :   steganographic function "embedding" fE

-1 :   steganographic function "extracting" cover :   cover data in which embedding will be hidden emb :   message to be hidden key :   parameter of fE and fE

-1

stego :   cover data with the hidden message Note : cover* are the cover data in which emb was hidden and has been extracted

emb* is the hidden text that has been extracted.

The following formula provides a very generic description of the pieces of the steganographic process: cover medium + hidden data + stegokey = stegomedium

In this context, the cover medium is the file in which we will hide the hidden data, which may also be encrypted using the stegokey. The resultant file is the stegomedium (which will, of course. be the same type of file as the covermedium). The covermedium (and, thus, the stegomedium) are typically image or audio files.

The main motivation for this is largely due to fear of encryption services getting outlawed, and copyright owners who want to track confidential and intellectual property copyright against unauthorized access and

use in digital materials such as music, film, book and software through the use of digital watermarks.

There are many ways to hide information in digital images. We look at the following approaches

least significant bit insertion masking and filtering algorithms and transformations

Each of these techniques has varying degrees of success. We used the LSB insertion technique for our project work.

1.4.2 LEAST SIGNIFICANT BIT (LSB) INSERTION:-

v

Many stego tools make use of least significant bit (LSB). For example, 11111111 is an 8-bit binary number. The rightmost bit is called the LSB because changing it has the least effect on the value of the number. The idea is that the LSB of every byte can be replaced with little change to the overall file. The binary data of the secret message is broken up into bits and then inserted into the LSB of each pixel in the image file.

Algorithmic Concept :-

Today, when converting an analog image to digital format, we usually choose between three different ways of representing colors:

· 24-bit color: every pixel can have one in 2^24 colors, and these are represented as different quantities

of three basic colors: red (R), green (G), blue (B), given by 8 bits (256 values) each.

· 8-bit color: every pixel can have one in 256 (2^8) colors, chosen from a palette, or a table of colors.

· 8-bit gray-scale: every pixel can have one in 256 (2^8) shades of gray.

LSB insertion modifies the LSBs of each color in 24-bit images, or the LSBs of the 8-bit value for 8-bit images. The larger the cover message is (in data content terms — number of bits) relative to the hidden message, the easier it is to hide the latter.

For this reason, digital pictures (which contain large amounts of data) are used to hide messages on the Internet and on other communication media. It is not clear how commonly this is actually done.

For example: a 24-bit bitmap will have 8 bits representing each of the three color values (red, green, and blue) at each pixel. If we consider just the blue there will be 28 different values of blue. The difference between say 11111111 and 11111110 in the value for blue intensity is likely to be undetectable by the human eye.

Therefore, the least significant bit can be used (more or less undetectably) for something else other than color information. If we do it with the green and the red as well we can get one letter of ASCII text for every three pixels.

1.4.3 WHITE SPACE ALGORITHM:-

vi

The algorithm deals with steganography with cover medium as text while the message is also in text format. The text to be hidden is converted into a bit stream. Depending on whether the bit is a 0 or a 1, the white space between two words varies. More precisely, the gap , or space as we call it between two words is one character of white space if the bit is a zero and two white spaces if the bit is a one.

Thus, the basic concept lies in the following:

The user initiates the procedure of hiding a text message by initially opening the application and selecting “text”. Then the message to be hidden is supplied to the procedure and a suitable cover medium is either selected by the user or created inside the application by the user him/herself.

Let us suppose the text to be hidden is:

“today is the day”.

Then each of the characters in the above text such as ‘t’ , ‘o’, ‘d’............ ‘ ‘, ‘i’........ ‘y’ are replaced with the binary form of their respective ASCII values....

As an aid to understanding, let us assume the binary string below represents the above message:

110000010001001110001010100010010

Now coming to the cover medium...the user provides it to the application in the form as below::

“Information Security Attributes: or qualities, i.e., Confidentiality, Integrity and Availability (CIA). Information Systems are composed in three main portions, hardware, software and communications with the purpose to help identify and apply information security industry standards, as mechanisms of protection and prevention, at three levels or layers: physical, personal and organizational. Essentially, procedures or policies are implemented to tell people (administrators, users and operators) how to use products to ensure information security within the organizations.”

Now once the above cover medium is used to hide the text in it... it will look like the following :

“Information Security Attributes: or qualities, i.e., Confidentiality, Integrity and Availability (CIA). Information Systems  are composed in three main portions, hardware, software and communications with the purpose to help identify and apply information security industry standards, as mechanisms of protection and prevention, at three levels or layers: physical, personal and organizational. Essentially, procedures or policies are implemented to tell people (administrators, users and operators) how to use products to ensure information security within the organizations.”

The number of blanks differs between two words until the binary string is complete.

In the application, we append the length of the string (in binary) at the front. The length is initially read and the program decodes the white spaces uptil that length.

Thus we have the initial binary string back, which is then transformed back into the text message based on the same ASCII values.

2. LITERATURE SURVEY

vii

Steganography (a rough Greek translation of the term Steganography is secret writing) has been used in various forms for 2500 years. It has found use in variously in military, diplomatic, personal and intellectual property applications. Briefly stated, steganography is the term applied to any number of processes that will hide a message within an object, where the hidden message will not be apparent to an observer. This paper will explore steganography from its earliest instances through potential future application.

2.1 STEGANOGRAPHY THROUGH AGES :-

Johannes Trithemius (1462-1516) was a German Abbot. His writing, “Steganographia:hoe estars per occultam scripturam animi sui voluntatem absentibus aperiendi certa” is ostensibly awork describing methods to communicate with spirits. A very rough translation of this Latin title is : “Steganography: the art through which writing is hidden requiring recovery by the minds of men.”

Published as a trilogy in Latin, the first two parts of his works are apparently some of the first books on cryptology describing methods to hide messages in writing. The third part of the trilogy is outwardly a book on occult astrology. The third book contains a number of tables containing numbers.

Two researchers, Dr. Thomas Ernst and Dr Jim Reeds were convinced that the third bookcontained hidden code. Dr Ernst, while a graduate student at the University of Pittsburgh published a 200 page paper, but it attracted little attention . Dr. Reeds, a mathematician at AT&T Labs independently began delving into this matter. As he searched for information on Trithemius’ works, he discovered Dr. Ernst paper.These two researchers discovered in relatively short order, that there were hidden messagescontained in the third book. The messages contained in the tables were of minor interest. Onemessage contained the Latin equivalent of “The quick brown fox jumps over the lazy dog.” Asecond message was “The bearer of this letter is a rogue and a thief. Guard yourself against him.He wants to do something to you.” And, the third message was the beginning of the 23rd Psalm.

Although “Steganographia” is the work that we derive the term steganography from, it iscertainly not the first example of hidden writing. There are examples from history that serve toillustrate the desire to hide messages or some type of intelligence from others.

Mary Queen of Scots used a combination of cryptography and steganography to hide letters. Her letters were hidden in the bunghole of a beer barrel, which freely passed in and out of her prison.

Other uses of steganography weren’t limited to normal writing materials. One may consider the huge geoglyphs of the Nazca in Peru to be a form of steganography. The geoglyphs are obviously open to view, yet many of the images were not detected until viewed from the air.

Human vectors include the efforts of Histaiacus in the 5th century BC. Histaiacus shaved the head of a messenger, wrote a note encouraging Aristagoras of Miletus to revolt against the king of Persia. After the messenger’s hair grew back, the messenger was dispatched with the message. Obviously, this message wasn’t especially time constrained.

Another human vector example includes writing messages on silk, which would then be compressed into a ball and covered with wax. The messenger would swallow the wax ball. The method of retrieval is not described.

In 480 BC a Greek by the name of Demaratus sent a message to the Spartans warning of a pending invasion by Xerxes. Heroclotus described the method used by Demaratus :

“As the danger of discovery was great, there was only one way in which he could contrive to get the message through: this was by scraping the wax off a pair of wooden folding tables, writing on the wood underneath what Xerxes intended to do, and then covering the message over with the wax again. In this way the tablets, being apparently

blank, would cause no trouble with the guards along the road….”

viii

2.2 RECENT WORK :-

In more recent history, several stenographic methods were used during World War II .

Microdots developed by the Nazis are essentially microfilm chips created at high magnification (usually over 200X). These microfilm chips are the size of periods on a standard typewriter. These dots could contain pages of information, drawings, etc.

The Nazis also employed invisible inks and null ciphers.

Currently, the emphasis has been on various forms of digital steganography. Commonly thereare a number of digital technologies that the community is concerned with, namely text files.After the events of September 11, 2001, there was immediate concern voiced regarding thepossible use of steganography by the al Queda network.

Although we are currently more interested in digital steganography, other forms ofsteganography are in use today, primarily in physical security measures. The venerablemicrodots pioneered by the Nazis are recently being marketed as a simple technique that can beused to mark equipment. Equipment marked with microdots aids in identification in the case oftheft. There are a number of firms producing microdots for this purpose. [2]

2.3 STEGANOGRAPHY vs. CRYPTOGRAPHY :-

Since cryptography and steganography both largely deal with security methods, here’s comparing both branches :

Basically, the purpose of cryptography and steganography is to provide secret communication. However, steganography is not the same as cryptography.

Cryptography hides the contents of a secret message from a malicious people, whereas steganography even conceals the existence of the message.

Steganography must not be confused with cryptography, where we transform the message so as to make it meaning obscure to a malicious people who intercept it. Therefore, the definition of breaking the system is different. In cryptography, the system is broken when the attacker can read the secret message. Breaking a steganographic system need the attacker to detect that steganography has been used and he is able to read the embedded message.

In cryptography, the structure of a message is scrambled to make it meaningless and unintelligible unless the decryption key is available. It makes no attempt to disguise or hide the encoded message. Basically, cryptography offers the ability of transmitting information between persons in a way that prevents a third party from reading it. Cryptography can also provide authentication for verifying the identity of someone or something.

2.4 DIFFERENT STEGANOGRAPHIC TECHNIQUES :-

The steganography techniques are broadly classified into :

ix

Spatial Domain Transform Domain Spread Spectrum Statistical Methods Distortion Technique Cover Generation.

Spatial Domain Techniques are also called as Substitution Techniques. In substitution technique the secret message bits is encoded in the insignificant parts of the cover image. Since there are only minor changes in the image the sender assumes the attacker will not notice the changes in the original image. But it is vulnerable to signal processing attacks and also it loses the total information for lossy compression techniques.

The Transform Domain Techniques hides the information in significant bits of the cover image hence it is robust to the techniques like compression and cropping. Most common transform domain techniques are discrete cosine transform and wavelet transforms. A trade off exists between the amount of secret information to be embedded and the robustness obtained .

Spread Spectrum deals either cover image as noise or tries to add pseudo random noise to the cover image.

The next is Statistical Technique also called as model based technique which modifies the statistical characteristic of the cover image in addition it preserves them in embedding process. This modification can be perceived by humans by identifying the luminance variation. This technique is vulnerable to rotating, cropping, scaling attacks and also all the watermarking attacks.

The Distortion technique requires the knowledge of the cover image in the decoding process. In practice it is not efficient method because the secret message can be extracted if the original cover image is available to the attacker. In earlier days most text based hiding methods were distortion type.

The last technique is Cover Generation; in this method the digital cover is generated only for the purpose of being a cover for secret message transfer. Regular expressions and mimic functions are used to generate a cover.[3]

2.5 TEXTUAL STEGANOGRAPHY :-

British Prime Minister Margaret Thatcher became so irritated at press leaks of cabinet

x

documents that she had the word processors programmed to encode their identity in the word spacing of documents, so that disloyal ministers could be traced.

This type of steganography is available due to the precision with which text can be printed on modern printers (from 300 to 1600 dpi and up) . In addition, there are a number of techniques that can be employed in textual steganography.

Open space methods Line shift coding Word shifting coding Syntactic methods Semantic methods Feature coding

There are several applications/services that will encode messages into plaintext that do not relyon line or word shifting, however they may produce results that would invite investigation.

3. SYSTEM DEVELOPMENT

xi

3.1 DATA FLOW DIAGRAMS:-

Here , in this module, we attempt at a guided diagrammatic representation of the various paths that control may and can take due to the various choices of the user and the operations that the application undergoes, by showing the flow of data during the whole process.

FIG 3.1.1: 0 Level DFD

The above shows the whole logic and functioning of our steganographic application in a nutshell.

Below, in the diagram, the two major functions of the application has been separated for the paths and data flows to be shown more clearly.

FIG 3.1.2: 1 Level DFDAn elaborate path description and flow of data and control is shown next. It breaks down the abstracted form to the most detailed level.

xii

We begin with encryption:

FIG 3.1.3: Encryption Process

After encryption has been shown, decryption follows next:

xiii

FIG 3.1.4 Decryption Process

The above data analysis diagrams give a complete understanding about the flow of data and control from a logical point of view.

3.2 PICTORIAL REPRESENTATION:- \

xiv

Continuing the modelling part by a brief navigation of the entire application based on steganography:

FIG 3.2.1 : Welcome Screen

ENCODING PROCEDURE:

xv

The application opens and the user is affronted with a main menu page that is simple yet conclusive. One needs to decide between the options encode and decode.

If encode is chosen, the user needs to decide between using an image for a cover medium or text as the cover medium.

If decode is chosen, the user needs to provide the application with the previously encoded file. We discuss decoding later.

The user needs to decide on the cover medium, choose between text and image: Image being the more effective procedure while text scores high on the insusceptibility.

FIG 3.2.2 : Encoding Process

DECODING PROCESS:

xvi

If image is the cover medium, then the user browses the picture from the computer.

If text is the selected cover medium, then we can either browse and input the text from the computer, or input it

In both the above cases, the user is required to input the message to be hidden.

In case the decode option is chosen, the user is asked to select the medium which has been used for the encoding of the file

to be decoded.

On the completion of the above, the encode button encodes both the text giving the user the encoded file and the system saves it.

The user is provided with a unique id which serves as an access control during decoding and encoding finishes.

FIG 3.2.3 : Decoding Process

3.3 IMPLEMENTATION TOOLS:

The proposed System has two main aspects :

xvii

The user then is asked to select the particular file that needs to be

decoded.

The authentication check takes place with the user being asked to provide the unique id provided by the system during encryption of that particular file. Decryption proceeds only if the correct id has been provided.

After a successful verification check, the encrypted file, be it picture or text ids decoded using the decode button.

After decoding is successfully over, the user is provided with the hidden message and the

process is complete.

Software Requirements :

Java (JDK 1.6) Netbeans IDE (7.1)

Hardware Requirements:

Intel Pentium 1.5 Ghz. 1 GB main memory. 3 GB of free hard disk space. 14” or bigger monitor. Mouse. Standard Keyboard.

Case Tool :

EDraw Max

Others:

MS Word 2007 MS Powerpoint 2007 Windows XP(Development)

3.4 SCREENSHOTS AND USER INTERFACE:-

From the physical point of view, the system model follows in the form of screen shots:

xviii

Screenshot 1 :

FIG 3.3.1: Welcome Screen

Screenshot 2 :

xix

FIG 3.3.2 Main Menu

Screenshot 3:

FIG 3.3.3 Cover Medium Selection Screen

Screenshot 4:

xx

FIG 3.3.4 Text Pad For Writing The Hidden Message

Screenshot 5(a) :

FIG 3.3.5(A) : Encoding Screen For Image Steganography

Screenshot 5(b):

xxi

FIG 3.3.5(B) : Encoding Screen For Text Steganography

Screenshot 6:

FIG 3.3.6 : Completion Of Encoding

Screenshot 7:

FIG 3.3.7: File Saved

Screenshot 8:

xxii

FIG 3.3.8: System Generated User -ID

Screenshot 9:

FIG 3.3.9 : Encoded Image

Screenshot 10:

xxiii

Fig 3.3.10 : User Authentication

Screenshot 11:

FIG 3.3.11 Access Verification

Screenshot 12 (a):

xxiv

FIG 3.3.12(A): Decoding The Encoded Image

Screenshot 12(b):

FIG 3.3.12(B): Decoding Of Text

Screenshot 13 :

xxv

FIG 3.3.13 : Completion Of Decoding

Screenshot 14 :

FIG 3.3.14 : Display Of Hidden Text

Screenshot 15:

xxvi

FIG 3.3.15: Input Cover Text

4. PERFORMANCE ANALYSIS

xxvii

4.1 TESTING OF SOFTWARE:-

We begin with designing the test case to check the proper functionality of the software.A test case in software engineering is a set of conditions or variables under which a tester will determine whether an application or software system is working correctly. The mechanism for determining whether a software program or system has passed or failed such a test is known as a test oracle. In some settings, an oracle could be a requirement or use case, while in others it could be a heuristic. It may take many test cases to determine that a software program or system is considered sufficiently scrutinized to be released. Test cases are often referred to as test scripts, particularly when written. Written test cases are usually collected into test suites.

4.1.1 TEST CASES FOR IMAGE STEGANOGRAPHY:

TEST CASE ID TEST SCENARIO

TDIE1 Check Encryption Of Blank Text

TDIE2 Check Encryption Of Normal Text

TDIE3 Check Encryption Of A Text Longer Than The Permitted Size

TDIE4 Check Encryption Using “jpeg” Image

TDIE5 Check Encryption Using A Previously Encrypted Image

TDIE6 Check Encryption Using “png” Image

TDIE7 Check Encryption Using an Unsupported File

TDID1 Check Decryption For A Normal Encoded File

TDID2 Check Decryption For A Normal “png” File

TDID3 Check Decryption For A Normal “jpeg” File

TDID4 Check Decryption Of Image Using Wrong Password

TDID5 Check Limit Of Wrong Entry Of Password

xxviii

4.1.2 RESULTS FOR TESTING :

TEST CASE ID

EXPECTED RESULT OUTCOME STATUS

TDIE1 Error Message Error Message “File Cannot Be Created”

Pass

TDIE2 Encryption process is completedsuccessfully

Encoded Image is successfully created and saved on disk

Pass

TDIE3 Error Message & System exit Shows message “ Target File Cannot Hold Message And

exits

Pass

TDIE4 Encryption process is completedsuccessfully

Encoded image is successfully created and saved on disk

Pass

TDIE5 Encryption process is completedsuccessfully

Encoded image is successfully created and saved on disk

Pass

TDIE6 Encryption process is completedsuccessfully

Encoded image is successfully created and saved on disk

Pass

TDIE7 Error Message Shows message “ Please Select Correct File” and returns to

previous window

Pass

TDID1 Decryption process is completedsuccessfully

Decryption complete.Hidden message shown.

Pass

TDID2 Decryption successfully done and shows that the file contains no

hidden image

System interrupts abnormally Fail(Problem Solved Using Password

Protection)TDID3 Decryption successfully done and

shows that the file contains no hidden image

Shows message “File Contains No Hidden Data”

Pass(Further

Improved By Adding

Password Protection)

TDID4 File cannot be read File cannot be read Pass

TDID5 System Exits after three unsuccessful attempts

System exits after three unsuccessful attempts

Pass

xxix

4.1.3 TEST CASES FOR TEXT STEGANOGRAPHY:

TEST CASE ID TEST SCENARIO

TDTE1 Check Encryption Of Blank Text

TDTE2 Check Encryption Of A Text Longer Than The Permitted Size

TDTE3 Check Encryption Using “txt” File

TDTE4 Check Encryption Using A Previously Encrypted File

TDTE5 Check Encryption Using an Unsupported File

TDTD1 Check Decryption For A Normal Encoded File

TDTD2 Check Decryption For A Normal “txt” File

TDTD3 Check Decryption Of Image Using Wrong Password

TDTD4 Check Limit Of Wrong Entry Of Password

4.1.4 RESULTS FOR TESTING:

TEST CASE ID

EXPECTED RESULT OUTCOME STATUS

TDTE1 Error Message Error Message “File Cannot Be Created”

Pass

TDIE2 Error Message & System exit Shows message “ Target File Cannot Hold Message And Exits

Pass

TDIE3 Encryption process is completedsuccessfully

Encoded Image is successfully created and saved on disk

Pass

TDIE4 Error Message Message Shown “Encryption Failed. Try With Different File”

Pass

TDIE5 Error Message Shows Message “ Please Select Correct File” and returns to

previous window

Pass

TDID1 Decryption process is completedsuccessfully

Decryption complete.Hidden message shown.

Pass

TDID2 Decryption successfully done and shows that the file contains

no hidden image

Shows message “File Contains No Hidden Data”

Pass(Further

Improved By Adding

Password Protection)

TDID3 File cannot be read File Cannot Be Read Pass

TDID4 System Exits after three unsuccessful attempts

System Exits after three unsuccessful attempts

Pass

4.2 COMPARATIVE STUDY OF DIFFERENT COVER MEDIUM:

xxx

IMAGE STEGANOGRAPHYALGORITHM USED LSB Algorithm LSB Algorithm

COVER FILE EXTENSION

“.png” “.jpeg”

MESSAGE FILE EXTENSION

“.txt” “.txt”

SIZE OF MESSAGE FILE

1.62 1.62

SIZE OF MINIMAL COVER FILE

10.3 1.96

RESOLUTION 67*67 67*67

SECRET MESSAGE TO COVER SIZE RATIO

1.62:10.63 1.62:1.96

UTILIZATION % 15.73% 82.65%

OUTCOME Only 15.73% of the entire png file can be utilized for encoding

Thus, 82.65% of the entire jpeg file can be utilized for encoding

TEXT STEGANOGRAPHY

ALGORITHM USED White Space Algorithm

COVER FILE EXTENSION

“.txt”

MESSAGE FILE EXTENSION

“.txt”

SIZE OF MESSAGE FILE

5 bytes

SIZE OF MINIMAL COVER FILE

89 bytes

SECRET MESSAGE TO COVER SIZE RATIO

5:89

UTILIZATION % 0.56%

OUTCOME Only 0.56% of the entire txt file can be utilized for encoding

xxxi

JPEG PNG TXT

010

2030

4050

6070

8090

Comparison between different cover medium (Utilization % plotted on Y-Axis)

FIG 4.1 Comparison Bar Graph

5. CONCLUSIONS

xxxii

5.1 CONCLUSION:-

Steganography can be used for hidden communication. We have explored the limits of steganography theory and practice. We pointed out the enhancement of the image steganographic system using LSB approach to provide a means of secure communication. A stego-key has been applied to the system during embedment of the message into the cover-image. In our proposed approach, the message bits are embedded in the least significant position , thus keeping the picture completely indistinguishable from the previous form to the human eye. The option of using text as a cover medium has also been provided. Although text hardly competes with image when it comes to efficient steganography, yet it gains some ground when you’d like your cover image to be so regular and unsuspecting that analysis of the file is out of the equation.

In this paper we gave an overview of steganography. It can enhance confidentiality of information and provides a means of communicating privately. We have also presented an image steganographic system using LSB approach and a text steganography system using White Space algorithm. Both the algorithms are effectively capable of hiding messages in cover medium with a reasonable robustness rate. Moreover, we have avoided the prevalent and common username-password security and instead have opted for the unique individual file authorization procedure. It not only provides enhanced security, it even narrows down damage due to a privacy breach. While a password breach can expose all the files one user uses, the unique id system narrows it down to one file. Again, it reduces the user load by taking away the necessity of remembering and protecting a username and password , even if the user rarely accesses the software.

Our application on steganography, although fundamental in nature, is simple, efficient, hasslefree , user friendly and secure.

5.2 FUTURE SCOPE:-

xxxiii

In this paper we have presented a broad study on steganography and an application of the image steganographic system using LSB approach to provide a means of secure communication. A stego-key has been applied to the system during embedment of the message into the cover-image. In our future scope we’d like to propose, the message bits are embedded randomly into the cover-image pixels instead of sequentially. We could even enhance the efficiency of the text steganography algorithm and try to reduce the ratio of the words in the message to the words in the cover medium.

The application ofcourse has certain limitations that can be overcome through certain improvements:

The image file used to hide the information can be of certain formats only and the cover image after encryption is of .png format only.

Using this application allows us to hide only text information in an image. We cannot hide an image in another image using the application.

In order to use this application we need to have NetBeans IDE installed in our computer.

Future work :we would to extend the system to be more robust and efficient. The research will include the enhancement of the algorithm that will utilize the entire image for embedding the message. We will also analyze the processing time to generate the random number and introduce method(s) to minimize the time. Moreover, the access mechanisms can be improved by allowing the decryption of a file only once. This not only rules out the chances that someone might decrypt it before or after the intended and authorized recipient without even been found out.

The application, currently running on a stand alone computer , can be taken to the next level by making it web based.

The message , being currently only English, can be extended to other languages as well.

5.3 STEGANOGRAPHY APPLICATIONS:-

xxxiv

The goal of steganography is to avoid drawing suspicion to the existence of a hidden message. This approach of information hiding technique has recently become important in a number of application areas. Digital audio, video, and pictures are increasingly furnished with distinguishing but imperceptible marks, which may contain a hidden copyright notice or serial number or even help to prevent unauthorized copying directly.

Military communications system make increasing use of traffic security technique which, rather than merely concealing the content of a message using encryption, seek to conceal its sender, its receiver or its very existence. Similar techniques are used in some mobile phone systems and schemes proposed for digital elections.

There are many applications for digital steganography of image, including copyright protection, feature tagging, and secret communication .Copyright notice or watermark can embedded inside an image to identify it as intellectual property. If someone attempts to use this image without permission, we can prove by extracting the watermark.

In feature tagging, captions, annotations, time stamps, and other descriptive elements can be embedded inside an image. Copying the stego–image also copies of the embedded features and only parties who posses the decoding stego-key will be able to extract and view the features. On the other hand, secret communication does not advertise a covert communication by using steganography. Therefore, it can avoid scrutiny of the sender, message and recipient. This is effective only if the hidden communication is not detected by the others people.

Usage in modern printers :Steganography is used by some modern printers, including HP and Xerox brand color laser printers. Tiny yellow dots are added to each page. The dots are barely visible and contain encoded printer serial numbers, as well as date and time stamps

Example from modern practice, the objective for making steganographic encoding difficult to detect is to ensure that the changes to the carrier (the original signal) due to the injection of the payload (the signal to covertly embed) are visually (and ideally, statistically) negligible; that is to say, the changes are indistinguishable from the noise floor of the carrier. Any medium can be a carrier, but media with a large amount of redundant or compressible information are better suited.

From an information theoretical point of view, this means that the channel must have more capacity than the "surface" signal requires; that is, there must be redundancy. For a digital image, this may be noise from the imaging element; for digital audio, it may be noise from recording techniques or amplification equipment. In general, electronics that digitize an analog signal suffer from several noise

sources such as thermal noise, flicker noise, and shot noise. This noise provides enough variation in the captured digital information that it can be exploited as a noise cover for hidden data. In addition, lossy compression schemes (such as JPEG) always introduce some error into the decompressed data; it is possible to exploit this for steganographic use as well.

Steganography can be used for digital watermarking, where a message (being simply an identifier) is hidden in an image so that its source can be tracked or verified (for example, Coded Anti-Piracy), or even just to identify an image (as in the EURion constellation).

Use by terrorists :

xxxv

When one considers that messages could be encrypted steganographically in e-mail messages, particularly e-mail spam, the notion of junk e-mail takes on a whole new light. Coupled with the "chaffing and winnowing" technique, a sender could get messages out and cover their tracks all at once.

Rumours about terrorists using steganography started first in the daily newspaper USA Today on February 5, 2001 in two articles titled "Terrorist instructions hidden online" and "Terror groups hide behind Web encryption". In July the same year, an article was titled even more precisely: "Militants wire Web with links to jihad". A citation from the article: "Lately, al-Qaeda operatives have been sending hundreds of encrypted messages that have been hidden in files on digital photographs on the auction site eBay.com". Other media worldwide cited these rumours many times, especially after the terrorist attack of 9/11, without ever showing proof

Alleged use by intelligence services :

In 2010, the Federal Bureau of Investigation revealed that the Russian foreign intelligence service uses customized steganography software for embedding encrypted text messages inside image files for certain communications with "illegal agents" (agents under non-diplomatic cover) stationed abroad.[1]

xxxvi

REFERENCES

1. Wikipedia (www.wikipedia.org)

2. SANS institute reading room on information security, 2001

3. University of Malaysia paper on information hiding using steganography, 2003

4. http://docs.oracle.com/javase/7/docs/webnotes/install/windows/jdk-installation-windows.html

5. https://netbeans.org/community/releases/71/install.html

xxxvii

APPENDICES

TECHNICAL MANUAL:

Here we provide the steps to install and run the software properly.

It consists of three steps:

Installing Java (JDK 1.6) Installing Netbeans IDE 7.1 Adding the project to the Netbeans environment.

We can also run the software if Java is pre installed on the system by simply double clicking the jar file located in the dist folder. However, in this case we won’t have access to the source code.

To install JDK 1.6:

In this procedure, you will run the self-installing executable file to unpack and install the JDK. As part of the JDK, this installation includes an option to include the public Java Runtime Environment. (The JDK also contains a private JRE for use only by its tools; see Private Versus Public JRE for more information.)

Install the JDK by doing the following:

Downloading the Installer Running the JDK Installer Updating the PATH Variable (Optional)

1. Downloading the Installer : If you save the self-installing executable file to disk without running it from the download page at the web site, note that its byte size provided on the download page. After the download has completed, verify that you have downloaded the full, uncorrupted software file.

2. Running the JDK Installer :You must have administrative permissions in order to install the JDK on Microsoft Windows. The file jdk-7<version>-windows-i586-i.exe is the JDK installer for 32-bit systems. The file jdk-7<version>-windows-x64.exe is the JDK installer for 64-bit systems. If you downloaded either file instead of running it directly from the web site, double-click the installer's icon. Then, follow the instructions the installer provides. The installer may ask you to reboot your computer. When finished with the installation, you can delete the downloaded file to recover disk space.

Note: Installers for JDK 7u6 and later install the JavaFX SDK and integrate it into the JDK installation directory. Installers for JDK 7u2 to 7u5 install the JDK first, then start the JavaFX SDK installer, which installs JavaFX SDK in the default directory C:\Program Files\Oracle\JavaFX 2.0 SDK or C:\Program Files (x86)\Oracle\JavaFX 2.0 SDK on 64-bit operating systems

3. Updating the PATH Environment Variable (Optional) : You can run the JDK without setting the PATH environment variable, or you can optionally set it so that you can conveniently run the JDK executable files (javac.exe, java.exe, javadoc.exe, and so forth) from any directory without having to type the full path of the command. If you do not set the PATH variable, you need to specify the full path to the executable file every time you run it, such as:

C:\> "C:\Program Files\Java\jdk1.7.0\bin\javac" MyClass.java It is useful to set the PATH variable permanently so it will persist after rebooting.

xxxviii

To set the PATH variable permanently, add the full path of the jdk1.7.0\bin directory to the PATH variable. Typically, this full path looks something like C:\Program Files\Java\jdk1.7.0\bin. Set the PATH variable as follows on Microsoft Windows:

1. Click Start, then Control Panel, then System.2. Click Advanced, then Environment Variables.3. Add the location of the bin folder of the JDK installation for the PATH variable in System

Variables. The following is a typical value for the PATH variable:

C:\WINDOWS\system32;C:\WINDOWS;C:\Program Files\Java\jdk1.7.0\bin

Note:

The PATH environment variable is a series of directories separated by semicolons (;) and is not case-sensitive. Microsoft Windows looks for programs in the PATH directories in order, from left to right.

You should only have one bin directory for a JDK in the path at a time. Those following the first instance are ignored.

If you are not sure where to add the path, add it to the right of the value of the PATH variable. The new path takes effect in each new command window you open after setting the PATH

variable.

To install NETBEANS 7.1:

1. After the download completes, run the installer. a. For Windows, the installer executable file has the .exe extension. Double-click the

installer file to run it. b. For Solaris and Linux platforms, the installer file has the .sh extension. For these

platforms, you need to make the installer files executable by using the following command: chmod +x <installer-file-name>

2. You can customize your installation. Perform the following steps at the Welcome page of the installation wizard:

a. Click Customize.b. In the Customize Installation dialog box, make your selections.c. Click OK.

3. At the Welcome page of the installation wizard, click Next.4. At the License agreement page, review the license agreement, click the acceptance check box, and

click Next.5. At the JUnit License Agreement page, decide if you want to install JUnit and click the appropriate

option, click Next.6. At the NetBeans IDE installation page, do the following:

a. Accept the default installation directory for the NetBeans IDE or specify another directory. (Note: The installation directory must be empty and the user profile you are using to run the installer must have read/write permissions for this directory.)

b. Accept the default JDK installation to use with the NetBeans IDE or select a different installation from the drop-down list. If the installation wizard did not find a compatible JDK installation to use with the NetBeans IDE, your JDK is not installed in the default location. In this case, specify the path to an installed JDK and click Next, or cancel the current installation. After installing the required JDK version you can restart the installation.

7. If the GlassFish Server Open Source Edition 3.1.2 installation page opens, accept the default installation directory or specify another installation location.

8. If you are installing Apache Tomcat, on its installation page, accept the default installation directory or specify another installation location. Click Next.

9. At the Summary page, verify that the list of components to be installed is correct and that you have adequate space on your system for the installation.

xxxix

10. Click Install to begin the installation.11. At the Setup Complete page, provide anonymous usage data if desired, and click Finish.

To add the project to the Netbeans environment :

1. Go to File-> Open Project (or press Shift + Ctrl + O)2. Browse the folder “StegoMagic” and press select.3. Now right click on the icon of “StegoMagic_FinalBuild” and select “Clean and build”4. Now Right click on the icon again and select “run” option.

xl