Steganography Ryan Sacksteder. Overview What is Steganography? History Forms of Steganography Image Based Steganography Steganalysis Steganography’s Future.

Steganography

Ryan Sacksteder

Overview

• What is Steganography?• History• Forms of Steganography• Image Based Steganography• Steganalysis• Steganography’s Future

What is Steganography?

• Comes from Greek ("Wikipedia: The Free Encyclopedia")– steganos = “covered”– graphei = “writing”

• The practice of writing hidden messages in such a way that no one but the sender/receiver suspect the existence of the message.

• Steganography vs. Cryptography (Morgan)– Hiding vs. Altering– Obscuring Means of Communication vs. Obscuring Data– Deterring Attacks vs. Defending Attacks

History of Steganography

• Term – 15th Century• Concept – 2500 years (Greene)

• Let’s take a look at two early instances of steganography…

Early Instances of Steganography

• Ancient Greek Histiaeus’ and His Slave• Planning Revolt Against King of Persia• Same Trick Repeated with a Rabbit (Greene)

We must revolt against the King of Persia. Are you with

me?

Image Source: http://www.groomingguys.com/grooming-tips/the-bald-truth/

Early Instances of Steganography

• 5th Century B.C.• Exiled Greek Demaratus• Warned Sparta of Persians Planned Attack• Wax Tablet Concealed Message• 300! (Greene)

Steganography Past and Current

• Uses (Trapani)

– Hiding Personal Private Data– Embedding Copyright Information– Exchanging Passwords/Confidential Information

• Misuses (Marcus)

– Terrorist Interaction• September 11, 2011

– Child Pornography

Forms of Steganography

• Physical• Printed• Network• Digital• Etc.

Physical Steganography

• Secret Inks on Paper• Concealing Messages Under

Postage Stamps• Morse Code on Clothing ("Wikipedia: The Free Encyclopedia")

Image Source: http://media.photobucket.com/image/recent/kneesocky/morsecode.jpg

Printed Steganography

• Subset Technique - Ex: last word of every line• Null Cipher - 1st Letter (Morgan)

Image Source: http://homepage.smc.edu/morgan_david/linux/a24-steganography.pdf

Network Steganography• Unused Bits in Packet Headers/Payload• IP Identification Field• TCP Sequence Number Field• Port Knocking (Morgan)

– Ex: port 83, 69, 67, 85, 82, 73, 84, 89– ASCII –> “SECURITY”

Digital Steganography

• Altering File Headers/Footers (Villinger)

• Echo Steganography• Audio/Image-Based Steganography (Wikipedia)

– Normally Hiding a Text File– Makes Use of LSB(s)

Images Source: http://en.wikipedia.org/wiki/Steganography#Digital

LSB Image-Based Steganography

• Each pixel is a combination of 24 bits ("Under Your Hat Security")

– 1 byte (8 bits) for each of the RGB values

0 0 0 1 0 1 0 0

1 1 1 0 0 1 0 1

0 1 1 1 1 1 0 1

20

229

125

Image Source: http://www.colorspire.com/rgb-color-wheel/

LSB Image-Based Steganography

• Modifying LSB Results in Minor RGB Change– Unnoticeable Change?

0 0 0 1 0 1 0 0 1

1 1 1 0 0 1 0 1 01 0

0 1 1 1 1 1 0 1 0

21

228

124

x

x

x

Original LSB Modified

Image Source: http://www.colorspire.com/rgb-color-wheel/

LSB Image-Based Steganography(“Under Your Hat Security”)

• Hide the Word “Hi”• Convert “Hi” to Binary using ASCII (72 105)

– 0100 1000 0110 1001

• Using LSB, Requires 16 bytes of Existing Data

xxxxxxx0xxxxxxx1xxxxxxx0xxxxxxx0

xxxxxxx1xxxxxxx0xxxxxxx0xxxxxxx0

xxxxxxx0xxxxxxx1xxxxxxx1xxxxxxx0

xxxxxxx1xxxxxxx0xxxxxxx0xxxxxxx1

LSB Image-Based Steganography• Advantages (Morgan)

– No File Size Change– Hard to Detect

• Disadvantages– Hiding/Revealing Must be Done Same

• Requires Use of Same Program/Method

– Image Format Conversion– Size of Carrier Required to Hide Data

LSB Image-Based Steganography

Which Image Uses Steganography?

Steganalysis

• The Process of Detecting Steganography ("Wikipedia: The Free Encyclopedia“)

• Visual Detection – Rare (Marcus)

• Statistical Analysis – More Common ("Wikipedia: The Free Encyclopedia")

– Examining file size/Checksum• Requires Knowledge of Original Size

– Pixel Pairs

Tools/Programs

• Steganography (“Under Your Hat Security”)

– Stepic– Outguess– Steghide

• Steganalysis– Stegdetect – StegSecret (Munoz)

– VSL ("sourceforge.net")

The Future of Stegonagraphy

• Still Pretty New• Stronger, Harder to Detect• Constant Advancements

– Hopeful Advancement: Easier Detection of Small Files

Recap

• Overview• History• Forms/Examples• LSB Image-Based Steganography• Steganalysis• Tools/Programs• Steganography’s Future

Questions?

Works Cited"Steganography." Wikipedia: The Free Encyclopedia. Wikimedia Foundation, Inc., 2012. Web. 21

Nov 2012. <http://en.wikipedia.org/wiki/Steganography>.Morgan, David. "Steganography." David Morgan, Computer Science Department, Santa Monica

College. Santa Monica College. Web. 21 Nov 2012. <http://homepage.smc.edu/morgan_david/linux/a24-steganography.pdf>.

Greene, Tim. "The history of steganography." Network World. Network World, Inc., 2012. Web. 21 Nov 2012. <http://www.networkworld.com/slideshows/2009/090809-steganography.html>.

Villinger, Sandro. "Crash course: Digital steganography.“ itworld.com. ITworld, 2011. Web. 23 Nov 2012. <http://www.itworld.com/security/162779/crash-course-digital-steganography>.

"Tutorial: What Is Steganography? How Does It Work?."Under Your Hat Security. underurhat.com, 2012. Web. 23 Nov 2012. <http://underurhat.com/cryptography/tutorial-what-is-steganography-how-does-it-work/>.

Marcus, Ilana. "Steganography Detection." . University of Rhode Island, 2003. Web. 24 Nov 2012. <http://www.uri.edu/personal2/imarcus/stegdetect.htm>.

Munoz, Alfonso. "StegSecret. A simple steganalysis tool ;)."sourceforge.net. SourceForge, 2007. Web. 24 Nov 2012. <http://stegsecret.sourceforge.net/>.

"Virtual Steganographic Laboratory for Digital Images (VSL): Free tool for steganography and steganalysis." sourceforge.net. SourceForge, 2011. Web. 24 Nov 2012. <http://vsl.sourceforge.net/>.

Trapani, Gina. "Geek to Live: Hide data in files with easy steganography tools." Lifehacker. Lifehacker, 2007. Web. 24 Nov 2012. <http://lifehacker.com/230915/geek-to-live--hide-data-in-files-with-easy-steganography-tools>.