STEGANOGRAPHY USING CONE INSERTION ALGORITHM AND MOBILE BASED STEALTH STEGANOGRAPHY _______________ A Thesis Presented to the Faculty of San Diego State University _______________ In Partial Fulfillment Of the Requirements for the Degree Master of Science in Computer Science _______________ by Viraj Sharadbhai Gandhi Fall 2010
51
Embed
STEGANOGRAPHY USING CONE INSERTION ALGORITHM AND MOBILE BASED
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Steganography Using Cone Insertion Algorithm amd Mobile Based Stealth Steganography
by Viraj Sharadbhai Gandhi
Master of Science in Computer Science San Diego State University, 2010
To achieve secure communications, the cousins cryptography and steganography
are used. The former scrambles secret messages in such way that only the intended recipient is capable of unscrambling them. The latter seeks to hide a secret message inside an innocuous message, audio, image, or video file (called the cover medium), in such a way that eavesdroppers will not suspect the very existence of the secret message. Combined, cryptography and steganography provide a secure form of communication: The former will encode the secret message in such a way that even if it intercepted, it is hard decrypt it; the latter will hide the encoded secret message. Images are the most popular cover medium used in steganography. Many different image file formats exist, most of them for specific applications. There are different steganographic algorithms for different image formats.
In this work, using the idea of splitting the cover image into several bit planes, I propose to hide secret messages in the intersection points of those planes with certain geometric objects. The resulting image containing the message is called stego-image. The latter should be such that a third party intercepting it will not have any indication that a secret message is present in the image. The geometric objects I have used are the cone and the hexagonal prism, and our technique has been implemented in both Matlab and Google Android.
v
TABLE OF CONTENTS
PAGE
ABSTRACT ............................................................................................................................. iv
LIST OF FIGURES ............................................................................................................... viii
Figure 4.2. Bit-plane representation of 8-bit digital images ....................................................17
Figure 4.3. 3D representation of a cone ...................................................................................18
Figure 4.4. Top view of cone on 8-bit planes ..........................................................................19
Figure 4.5. Graphical representation of hexagon .....................................................................20
Figure 5.1. Flow of encoding image steganographic process in matlab ..................................22
Figure 5.2. Bit-planes of original image ..................................................................................23
Figure 5.3. Original image and steno image with hidden image .............................................23
Figure 5.4. Flow of encoding image steganographic process in android .................................25
Figure 5.5. Displaying message of text file and images from gallery .....................................30
Figure 5.6. Sending stego image via email ..............................................................................32
Figure 5.7. UI of emailing stego image ...................................................................................32
Figure 6.1. Flow of decoding image steganographic process in android .................................34
ix
Figure 6.2. Message after decoding image file ........................................................................36
x
ACKNOWLEDGEMENTS
I owe great many thanks to a great many people who helped and supported me during
writing of this book. I express my thanks to Professor Carmelo Interlando, Department of
Mathematics and Statistics, San Diego State University for guiding me throughout my thesis
term. His support and encouragement were instrumental in achieving the optimum results in
this thesis. I also thank Prof. Alan Riggins, and Prof. Joseph Lewis for being a part of my
thesis committee and for their kind co-operation. I offer my regards to all of those who
supported me in any respect during the completion of the thesis and I also extend my
heartfelt thanks to my family and well wishers.
1
chapter 1
introduction
Data transmissions are vital and became a necessity nowadays. Whether you share
your private messages with your close friends, or business secrets with your partners, you
must protect your confidential information from hackers, your boss, or your competitors. But
we live in an insecure world where unwanted people can access your personal information
(like e-mails or personal documents) and often use it against you. The word steganography
is derived from the Greek words “stegos” meaning “cover” and “grafia” meaning “writing”
defining it as “covered writing” [1].
We all know the purpose of steganography: to hide data into other data. In contrast
to cryptography, where the enemy is allowed to intercept and do modification in messages
without being able to violate certain security guaranteed by a cryptosystem, the goal of
steganography is to hide messages inside other messages in a way that does not allow
any enemy to even detect the presence of the intended message. In a digital world,
steganography and cryptography are both intended to protect information from unwanted
parties. Both steganography and cryptography are excellent means to accomplish this but
neither technology alone is perfect and both can be broken. It is for this reason that most
experts would suggest to add multiple layers of security by using both. When steganography
and cryptography are combined, it becomes much more secure way of communication. A
message sent secretly in an encrypted form is much more secure than a “plain text” message
sent by secret means or a clearly sent encrypted message; there are some cases in which
steganography can take the place of cryptography [2].
1.1 History of steganograpHy
The first noted use of this technology dates back to Greek times when messages were
carved into walls or tablets, which were then covered in wax to hide the original carving.
2
This process would effectively hide the underlying message, thus protecting the data from
the casual observer. Even during World War II invisible ink was used to write information on
pieces of paper so that just being blank pieces of paper appeared to normal person.
Another method used in Greece was to select messengers and shave their head.
They would then write a message on their head. Once the message had been written the
hair was allowed to grow back. After the hair grew back the messenger was sent to deliver
the message, The recipient would shave off the messenger’s hair to see the secret. Now that
some 2000+ years have passed, people have turned to digital technologies to help them hide
sensitive data. Radio and TV messages, from World War II to today, can be used to hide
coded or hidden messages. Some government sources suspect that Osama bin Laden’s pre-
recorded videos that are re-played on TV stations around the world contain hidden messages
[3].
1.2 DetaileD look on steganograpHy
To start, let’s look at what a theoretically perfect secret communication
Steganography would consist of. To illustrate, we will use three characters named Alice,
Bob and Eve. Alice wants to send a secret message (M) to Bob using a random (R) harmless
message to create a cover (C) which can be sent to Bob without raising suspicion. Alice
then changes the cover message (C) to a stego-object (S) by embedding the secret message
(M) into the cover message (C) by using a stego-key (K). Alice should then be able to send
the stego object (S) to Bob without being detected by Eve. Bob will then be able to read
the secret message (M) because he knows the stego-key (K) used to embed it into the cover
message (C). As Fabien A.P. Petitcolas points out, “In a ‘perfect’ system, a normal cover
should not be distinguishable from a stego-object, neither by a human nor by a computer
looking for statistical patterns.” In practice, however, this is not always the case. In order
to embed secret data into a cover message, the cover must contain a sufficient amount of
redundant data or noise. There are numerous methods used to hide information inside of
image, audio and video files. A few of them are explained briefly incoming subsection [4].
3
1.2.1 encoding Secret Messages in images
Steganography can be used in a large amount of data formats in the digital world of
today. The most popular data formats used are .gif, .jpeg, .mp3, .txt are .bmp, .doc and .wav.
Almost any plain text, cipher text, image and any other media that can be encoded into a
bit stream can be hidden in a digital image. The following formula (Equation 1.1) provides
description of the pieces of the steganographic process:
cover medium + hidden data + stego_key = stego_medium
In this context, the cover medium is the file in which we will hide the hidden data,
which may also be encrypted using the stego_key. The resultant file is the stego_medium
which is typically an image/audio/video file [3].
1.2.2 encoding Secret Messages in text
Encoding secret messages in text can be a very challenging task. This is because text
files have a very small amount of redundant data to replace with a secret message. Another
drawback is the ease of which text based Steganography can be altered by an unwanted
parties by just changing the text itself or reformatting the text to some other form (from .txt
to .pdf, etc.) Line-shift encoding involves actually shifting each line of text vertically up or
down by few centimeters. Word-shift encoding works in much the same way that line-shift
encoding works, only we use the horizontal spaces between words to equate a value for the
hidden message. This method of encoding is less visible than line-shift encoding but requires
that the text format support variable spacing [3].
1.2.3 encoding Secret Messages in audio
Encoding secret messages in audio is the most challenging technique to use when
dealing with Steganography. Spread Spectrum is method used to hide information inside of
an audio file. This method works by adding random noises to the signal the information is
hidden inside a carrier and spread across the frequency spectrum. Low-bit encoding embeds
(1.1)
4
secret data into the least significant bit (LSB) of the audio file. This method is easy to
incorporate but is very susceptible to data loss due to channel noise and resampling [3].
1.3 Contribution
The main purpose of my work is to show how steganography is used to hide the
occurrence of communication. I have come with new concept of using geometric object
intersection point to hide message in image. The Android module that I have developed can
be used to store personal password, information securely on individual phones. This Android
application can be used in business/military to exchange private data using android cell
phones.
1.4 book overview
As we move forward, Chapter 2 will cover the functional requirements like memory-
card, images in gallery should be present for android application and platform requirement
like matlab, android SDK integrated with eclipse IDE for proper working of application.
Chapter 3 will contain information about the technologies used in both modules and
reason to choose this technology in developing this application. Chapter 4 tells more about
steganography using various geometric objects like cone and hexagon and more about
various image formats and bitplanes. Chapters 5 and 6 explain the encoding and decoding
mechanisms in both modules in detail, and Chapter 7 concludes with future enhancements
and limitations.
5
chapter 2
requireMentS
The primary aim behind developing this tool is to understand how steganography
can be achieved using various geometric object with cover media being an image file. Upon
completion, this tool will help the students from mathematics as well as computer science
in learning more about geometric objects use in steganography. This software can also be
integrated into different application such as email client, http server etc. for creating images
with secret messages embedded. The requirements gathered have been further classified into
platform requirements and functional requirements.
2.1 platform requirements
The main objective in choosing the software development kit was that it should
be platform independent. So that the final product will have the capability to run on any
environment irrespective of the operating system either hardware or software.
The software should run as a stand-alone application/mobile application rather than a
web based software. Hence Java SDK with Google android instead of Java Enterprise Edition
has been chosen to be the appropriate language for writing the code. One of the module
was implement in Matlab. Matlab is useful in image processing when we require to extract
information from image.
2.2 funCtional requirements
The software should be able to read any image file as a cover media so that secret
message can be embedded into it. The intersection of geometric object with an image
should not induce additional complexity to the existing bit stream. The core principle of
steganography should be achieved. That is, message as well as its existence should be
6
concealed. The decoding application should be capable enough to decoded data blocks to get
back the original secret message is received.
2.3 Development tools
The tools that helped in developing my application for both the modules MATLAB
includes development tools that help me to implement my algorithm efficiently are:
MATLAB Editor - Provides standard editing and debugging features, such as setting 1. breakpoints and single stepping.
M-Lint Code Checker - Analyzes code and recommends changes to improve its 2. performance and maintainability.
MATLAB Profiler - Records the time spent executing each line of code.3.
The Android SDK includes a variety of custom tools that helped in developing mobile
applications on the Android platform.
Eclipse is a multi-language software development environment comprising an
integrated development environment (IDE) and an extensible plug-in system. It is written
primarily in Java and can be used to develop applications in Java and, by means of various
plug-ins, other languages including C, C++, Python, Perl, and PHP. The IDE is often called
Eclipse ADT,. The Eclipse SDK includes the Eclipse Java Development Tools (JDT),
offering an IDE with a built-in incremental Java compiler and a full model of the Java source
files.
Android Emulator: This emulator runs on user’s computer and behaves like a mobile
device. The Android emulator is an application that provides a virtual ARM mobile device on
which you can run your Android applications. You can choose what version of the Android
system you want to run in the emulator by configuring AVDs.
Android Development Tools Plug-in for the Eclipse IDE: Android Development
Tools (ADT) is a plug-in for the Eclipse IDE that is designed to give a powerful, integrated
environment in which to build Android applications. ADT extends the capabilities of Eclipse
to let you quickly set up new Android projects, create an application UI, add components
based on the Android Framework API, debug your applications using the Android SDK tools.
7
Dalvik Debug Monitor Service (ddms): Dalvik debug monitor service act as a middle
layer and it connect eclipse IDE with the user application. Every application running on
android emulator is running in as a separate process (See Figure 2.1).
The DDMS perspective can be chosen from the upper right or if not already opened
from the menu Window -> Open Perspective -> DDMS.
Log Cat (Import Package -android.util.Log) is basically the output window of all
messages from the Emulator. For example, if you add a System.out.println () to your source
code, it will appear here (see Figure 2.2).
Android Debug Bridge (ADB): By unpacking SDK, you can get ADB in tools folder.
It allows you to control and interface with your Android device.
Figure 2.1. davlik debug monitor.
8
Android SD Card: In Google android emulator sdcard is known as a storage space
for files, images, music files. When user download any file from browser or email, when user
receive an image or music file in MMS , the default location where he can save all these files
is inside emulator’s memory. But when ever user runs emulator this sdcard is disabled. If you
want to load MP3 files on a real Android phone, you will probably insert an SD card into the
phone. The emulator can emulate this. So, if user wants to use storage space provided by the
emulator, he needs to enable sdcard when making AVD for emulator.
To create an sdcard go to Windows Android SDK and AVD Manager (see
Figure 2.3).
Figure 2.2. Log cat view.
Figure 2.3. android SdK and aVd manager.
9
chapter 3
technoLogy
This chapter focuses on the technology used to develop the software and briefly
discusses about the supporting software, tools and IDE.
3.1 matlab
The first module of Steganography is built using Matlab- matrix laboratory. The
reasons behind choosing Matlab over other software languages include the following.
Matlab is simple, easy to implement and object oriented.•
Matlab provides high performance using its very large set of inbuilt functions. •
Matlab is a high-level language and interactive environment that enables you to • perform computationally intensive tasks faster than with traditional programming languages such as C, C++.
Development environment for managing code, files, and data.•
The Matlab language supports vector and matrix operations that are fundamental to
engineering. It enables fast development and execution of mathematical manipulations with
matrices, for understanding and teaching basic mathematical and engineering concepts.
3.2 google anDroiD
Android is an open-source platform developed by Google and the Open Handset
Alliance on which interesting and powerful new applications can be quickly developed
and distributed to many mobile device users. Some of Android-based devices are Motorola
DROID, HTC DROID ERIS, and Google Nexus. Android Development Tools (ADT) is a
plug-in for the Eclipse IDE that is designed to give you integrated environment in which to
build Android applications. ADT extends the capabilities of Eclipse to let you quickly set
up new Android projects, create an application UI, add components based on the Android
Framework API, debug your applications using the Android SDK tools, and even export
10
signed/unsigned APKs to distribute your application. Developing in Eclipse with ADT is the
fastest way to get started [5, 6].
Android applications written in Java, compiled Java code that is packaged into
an Android package known as an .apk file. Bundling application data in this way allows
applications to be easily distributed for installation on mobile devices. Indeed, the .apk file
is the file that users are required to download and all the code in an .apk is essentially one
application.
3.2.1 android architecture
Below is a brief explanation of components of android architecture [7] (see Figure 3.1).
3.2.1.1 appliCations
It makes the top most layer of android architecture. Built in applications like sms,
mms, contacts, browser are part of this layer. Also all the user application-code lies in this
section. These user applications, data and resource files make an android package. One of
the main features of Android is that the basic elements of applications can be shared. If
permissions are granted for these elements, it is possible to use already developed features
of other applications. For example, on application might make use of a great scrolling list of
images that you want to use for your application. If that scroller is made available to others
you can utilize that scroller rather than developing your own. Interestingly, your application
doesn’t use the code from the other application or even link to it. Instead, that piece of code
is started in the other application whenever the need should arise.
This means that Android has been designed to allow application processes to be
started when any part of it is needed. In other words, while most systems and applications
have a single entry point, or main function, Android applications rely on central components
that are instantiated and run when they are needed. There are 4 major types of Android
components: Activities, Services, Broadcast receivers, and Content providers. Applications
are comprised of components. Components interact using Intent messages. Recipient
components assert their desire to receive Intent messages by defining Intent filters [8] (see
Figure 3.2).
There are four types of components used to construct applications.
Firstly, activities in the system are managed in an activity stack .When a new activity
is launched it becomes on the top of the stack. Any previous activity will be below it and
won’t come to the top until the new one exists. Android runs each activity in a separate
process each of which hosts a separate virtual machine. As shown in Figure 3.3, the activity
can be in one of four states [9]:
Activity Activity Intent
Figure 3.2. activity.
12
Active: the activity started, is running and is in the foreground.•
Paused: the activity is running and visible but another activity is running on the top. • A paused activity is maintains state and member information but can be killed by the system in low memory situations.
Stopped: similar to paused but invisible.•
Dead: either the activity is not started or it was in pause or stop state and was • terminated by the system to free some memory or by asking the user to do so.
Second, service components provide for background processing when an application’s
activity leaves focus and another GUI application comes in the foreground.
Third, broadcast receiver components provide a general mechanism for asynchronous
events.
Fourth, content provider is for sharing of data between Applications [10].
3.2.1.2 appliCations framework
Main component of application framework is activity manager, resource manager,
package manager, notification manager. Activity manager manages the entire life cycle of
application and processes. Resource manager handles resources like binary files, layout-xml
files. Notification manager handles any notification when certain event occurs. For example
Figure 3.3. Life cycle of activity. Source: L. darcey and S. conder, “how to Build an android application, Step by Step.” ComputerWorld, august 30, 2010. http://www.computerworld.com/s/article/print/9181925/how_to_build_an_android_application_step_by_step?taxonomyname=app%20development& , accessed november 2010.
13
user gets SMS, alarm notification, low battery. All this event can be notify to the user either
by flashing screen or by vibrating or by certain ringtone.
3.2.1.3 libraries
This library provides basic common tasks which are used frequently in user
application. This library includes functions to handle date/time manipulation, functions
for string and number conversion, message passing, interprocess communication, database
handling, graphics classes, and media libraries. Android runtime consist of core libraries and
dalvik virtual machine.
3.2.1.4 linux kernel
This is the bottom layer of android architecture. It is used for memory management,
process management. You will never have access to this layer. This provides better
Every Android application runs in its own process, with its own instance of the Dalvik
virtual machine. Dalvik has been written so that a device can run multiple VMs efficiently.
The Dalvik VM executes files in the Dalvik Executable (.dex) format. It was designed
specifically for Android running in limited environment, where the limited battery, CPU,
memory and data storage are the main issues. Android gives an integrated tool “dx”, which
converts generated byte code from .jar to .dex file, after this byte code becomes much more
efficient to run on the small processors (see Figure 3.4).
.java
.class
.jar
.dex
Figure 3.4. Conversion from .java to .dex file.
14
3.2.3 application Behavior
Every application in Android runs as a separate process with a unique UID. The
UID of an application in Android protects its data. Programs cannot typically read or write
each other’s data, and sharing between applications must be done explicitly. Developers
can generate self-signed certificates to update their own applications without creat.ing
complicated interfaces and permissions to run an application on the Android phone.
3.2.4 android Limitation
The current security policy of Android works on a static level only during installation
to identify whether the application is permitted all the requested permissions from the user.
Thus we can say that Android applications built with the set of permissions that protect the
system from malicious applications [8].
15
chapter 4
Steganography uSing VariouS
geoMetric oBjectS
The goal of steganography is to hide the message into some other file in such a way
that an intruder is not capable to detect the actual data of exchange between the sender and
receiver. RGB (Red - Green - Blue) is the most famous color format used to store images in
computer world. Computers generally display RGB using 24-bit color. In the 24-bit RGB
color model there are 256 variations for each of the additive colors of red, green and blue.
Therefore there are 16,777,216 possible colors (256 reds x 256 greens x 256 blues) in the
24-bit RGB color model. If you were to change a few of these color numbers the resulting
picture would probably look a lot like the original image in fact, most people probably
couldn’t tell that you had changed the image at all. Of course, the resulting image will still
look mostly like the original one.
4.1 image Definition
In a computer, an image is an array of numbers that represent light intensities at
various points (pixels) in the image. A common image size is 640 by 480 and 256 colors (or
8 bits per pixel). Such an image could contain about 300 kilobits of data. Most images on the
Internet consists of a rectangular map of the image’s pixels where each pixel is located and
its color. These pixels are displayed horizontally row by row. Each bit represents two colors
because it has a value of 0 or 1. The more bits per pixel, the more colors can be displayed
Monochrome and Gray scale images use 8 bits for each pixel and are able to display 256
different colors or shades of grey. Gray-scale images are very good because the shades
gradually change from byte to byte. Many argue that gray-scale images render the “best”
results for steganography. Figure 4.1 is a palette containing 256 shades of gray [11].
16
Digital color images are typically stored in 24-bit files and it uses the RGB color
model, also known as true color. Let us say that we have a 24-bit image 1024 x 768. This
may produce a file over 2 megabytes in size (1024x768x24/8 = 2,359,296 bytes). 24-bit
images use 3 bytes per pixel. If information is stored in the least significant bit (LSB) of
each byte, 3 bits can be a stored in each pixel. The “stego” image will look identical to the
human eye, even if viewing the picture side by side with the original. Unfortunately, 24-bit
images are quite large. They would draw would draw attention when being transmitted across
a network. At that time compression would be beneficial but file compression may interfere
with the storage of information.
Lossless compression is preferred when there is a requirement that the original • information remain intact. The original message can be reconstructed exactly. This type of compression is mainly for GIF and BMP images.
Lossy compression-does not maintain the integrity of the original image while saving • space. This method is is mainly for JPG images [11].
4.2 bit-plane sliCing
Image enhancement is the process of making images more useful for example of
removing noise from images which makes images more visually appealing. Digital image
consists of pixel which can be represented by bits depending on the image type. Dividing an
Figure 4.1. gray-color palette. Source: e. hall, Computer Image Processing and Recognition, new york city: academic press, 1979.
17
image into bit plane is known as bit plane slicing. For example we have a gray scale image
where each pixel is of 8 bits. Dividing this image into 8 bit planes means plane 0 contains all
the least significant bits, plane 1 contain all the second least significant bits, plane 7 contain
all the most significant bits. This is a very important method in Image Processing. Plane
7 contains the majority of visually significant data. Other planes contribute to more subtle
details in an image. Incrementing a bit plane by 1 gives the final result half of a value of a
previous bit-plane. If the difference between the bits value between two bit planes is more
than there is more distortion in the image. In lossy media compression that uses bit-planes it
gives more freedom to encode less significant bit-planes and it is more critical to preserve the
more significant ones [1]. Adding up all the bit planes builds original image (Figure 4.2).
4.3 Cone-insertion algoritHm
A cone is pyramid with circular cross section. A solid shape with round base which
narrows to a point. The conics were first defined as the intersection of a right circular cone of
varying vertex angle; a plane perpendicular to an element of the cone. An element of a cone
is any line that makes up the cone [12] (see Figure 4.3).
In at least d positions, where d is the Hamming distance between the two codewords
and addition of any these codewords, e.g., c0 and c1, fetch a result say c2 which also is a
Figure 4.2. Bit-plane representation of 8-bit digital images.
18
codeword belonging to the same set C. In mathematical terms, Hamming distance is the
number of co-ordinates I which c0 and c1 disagree.
Depending the angle is less than, equal to, or greater than 90 degrees, we get ellipse,
parabola, or hyperbola respectively. Conics can be defined as follows. As shown in
Equation 4.1, given a line d and a point F not on d, conics is the locus of points P such that:
distance[P,F]/distance[P,d] = e, where e is a given constant
F is called the focus of the conic, d the directrix, and e the eccentricity. If 0 < e < 1,
the conics is an ellipse [13] (see Figure 4.4).
Assume that we are inserting the cone through all the 8 planes of the image,
Message is stored at the intersection of the cone and the image planes.1.
To increase the complexity cone is inclined, so the surface of intersection between 2. cone and the image planes is ellipse.
Figure 4.3. 3d representation of a cone. Source: a. Mehta, S. rampu, and a. Simionescu, “Black holes.” general geoscience and astrophysics, jacobs university, 2010. http://www.faculty.iu-bremen.de/course/fall02/c210101/students/Blackholes/Black%20holes%20and%20Schwartzschild%20geometry.htm, accessed november 2010.
(4.1)
19
Message is stored along the planes to make it difficult to detect.3.
Also pixels are shifted along each row of the image plane.4.
4.4 Hexagon-insertion algoritHm
A regular polygon is a polygon whose sides are all the same length, having all angles
same. The sum of the angles of a polygon with n sides, where n is 3 or more, is 180° × (n - 2)
degrees. In geometry, a hexagon is a one among polygon with six edges and six vertices. A
regular hexagon has all sides of the same length, and all internal angles are 120°. The longest
diagonals of a regular hexagon, connecting diametrically opposite vertices, are twice the
length of one side. The top view of hexagon looks like Figure 4.5 [14]. Message is stored at
the intersection of the hexagon and the image planes [15].
Figure 4.4. top view of cone on 8-bit planes.
20
Figure 4.5. graphical representation of hexagon. Source: tutornext, “properties of polygons.” tutornext, 2010. http://www.tutornext.com/properties-polygonspentagon-hexagon/1017, accessed novemer 2010.
21
chapter 5
encoding oF Steganography MeSSageS
In this paper, I have implemented Image steganography using two platform one in
Matlab and other in Android. In both we are Converting RGB image or colormap to grayscale
by eliminating the hue and saturation information while retaining the luminance. In Matlab
, cone shape is intersected on 8 bit planes of image, than shift operation is performed on the
image. In Matlab module we are reading text file to hide behind the message and in Android
module we are reading text file from resource folder and selecting image from photogallery
to use as cover object to hide. The message is also converted into bytes and is inserted at
intersection of geometric objects points and pixels of image. In Matlab, I have used cone as
geometric object for hiding message in image and for android module polygon name hexagon
is used. I have tried the combination of Steganography and cryptography for hiding message
by encrypting with AES algorithm to provide better security and more complexity.
5.1 flow of enCoDing meCHanism for matlab
In the previous chapter, we saw how images are converted into grey scale image than
image is divided into 8 bit planes. Also, I explained how cone gets intersect image. In Matlab
Module, Color image is initially converted into grey scale image. This grey scale image is
used as an input to the steganography. A bit plane of grey scale image is set of bits having the
same position in the respective binary numbers. For example, for 8-bit data representation
there is 8 bit-planes: the first bit-plane contains the set of the most significant bit and the
second bit-plane contains the second most significant bit and so on. All these image bit planes
are shifted by 1 bit and then cone is inserted into these 8 bit planes. Intersection point of cone
and image are then considered as a place where sender has to hide his secret message. So the
recipient of message can find the hidden message.
22
Figure 5.1 is flow chart of MATLAB module how stego image is formed.
5.1.1 cone insertion algorithm
In Matlab at the sender end, I have used cone as geometric object to hide message
into image. At the sender side user has already one image which he will use as cover
image. Original message is stored inside a text file. This plain text is feed as an input to the
steganography algorithm along with the cover image. Geometric object cone is used in
algorithm. Image is divided into bit planes. And then the intersection points of the cone and
the image is found to hide the plain text (see Figures 5.2 and 5.3).
5.1.2 code for inserting eclipse
Below is the code used for inserting eclipse on images in matlab.
% at each intersection point of cone and image the binary form of text will be inserted
Converting into Gray Scale Image
Reading Text File
Dividing Image into Bit Planes
Cone Insertion Algorithm for Hiding message
Stego File with
Hidden Message
Figure 5.1. Flow of encoding image steganographic process in matlab.
23
Loops=2;k=1; for i=1:4 [x,y]=Ellipse (128+((i-1)*128/16), 128, 128-((i-1)*128/8),100- ((i-1)*100/8)); x=double(uint8(x+1)) y=double(uint8(y+1))[a,b]=Ellipse (128+(((4+i)-1)*128/16), 128, 128-(((4+i)-1)*128/8),100- (((4+i)-1)*100/8)); a=double(uint8(a+1));b=double(uint8(b+1)); for j=1:length(x) if k >= length(val) break; else h(x(j),y(j))=val(k); k=k+1; h(a(j),b(j))=val(k); k=k+1;
Figure 5.2. Bit-planes of original image.
Figure 5.3. original image and stego image with hidden image.
h(x(j),2*((256*4)/(2*Loops))+y(j))=val(k); k=k+1; h(a(j),2*((256*4)/(2*Loops))+b(j))=val(k); k=k+1; h(x(j),3*((256*4)/(2*Loops))+y(j))=val(k); k=k+1; h(a(j),3*((256*4)/(2*Loops))+b(j))=val(k); k=k+1; end endend
figure,imshow(h),title(‘h’);; for i=1:256 for j=1:256*4 if mod((i-1)*shift+j,256*4) == 0; he(i,j)=h(i,256*4); else he(i,j)=h(i,mod((i-1)*shift+j,256*4)); end end endfigure,imshow(he),title(‘he’);
for i=1:4; for j=1:256; for k=1:256; bitplane1{i}(j,k)=he(j,256*(i-1)+k); end endendfor i=5:8 bitplane1{i}=bitplane{i};end for i=1:4 figure,imshow(bitplane1{i}),title(‘Stego images’); end
5.2 flow of enCoDing meCHanism for anDroiD
I have used 64 MB SD memory card in my android emulator to store images. In
my Android module, text file is read from resource folder and he can pick images from
25
image gallery of emulator as cover object to hide message (see Figure 5.4). The message
is encrypted using AES algorithm. Encryption is the process of changing data into a form
that can be read only by the intended receiver. To decipher the message, the receiver of the
encrypted data must have the proper decryption key.
Reading text file from resource
folder and displaying contents in
textbox
Select Image from Image
Gallery as cover object
Encypt text using AES Algorithm
with Random key generator
Hexagon Insertion Algorithm for
Hiding message in image
Stego File with Hidden
Message send via Email
Figure 5.4. Flow of ecoding image steganographic process in android.
26
5.2.1 aeS algorithm
Traditionally, the sender and the receiver use the same key to encrypt and decrypt
data. Also known as Advance Encryption Standard. It is a symmetric key algorithm. When
using symmetric algorithms, both parties share the same key for encryption and decryption.
To provide privacy, this key needs to be kept secret. It is not safe anymore when once
somebody else gets to know the key, A few well-known examples are: DES, Triple-DES,
BLOWFISH. AES has a fixed block size of 128 bits and uses one of three cipher key
strengths: a 128, 192, or 256-bit key. Depending on the key length the no of iterating round
are decided. No of round are 10 rounds if it is 128 bits, 12 rounds if it is 192 bits, 14 rounds
if it is 256 bits. The input and output of AES is sequence of 128 bit blocks. AES steps consist
of Substitution permutation network. The AES cipher is specified as a number of repetitions
of transformation rounds that convert the input plaintext into the final output of cipher text.
Each round consists of several processing steps, including one that depends on the encryption
key. Below is code for how key is generated to encrypt message using AES Algorithm and
how actually AES algorithm is used to encrypt plaintext [16].
// Get the Key Generator Key Generator kgen = KeyGenerator.getInstance (“AES”); Secure Random sr = SecureRandom.getInstance (“SHA1PRNG”); sr.setSeed (seed); kgen.init (128, sr); Secret Key skey = kgen.generateKey (); Byte [] raw = skey.getEncoded (); Return raw;
This code is written using Java/Android SDK, and the following topics will need to
be understood, before properly understanding how this method works.
5.2.2 Bytes
A byte is made of bits, 1s and 0s, 8 of them to be exact. And the 8 0s and 1s have a
decimal value, it is simply a case of transforming the binary (base 2) into decimal (base 10).
In Android at sender end, I have used hexagon as geometric object to hide message
into image.
private byte[] encode_text1(byte[] image, byte[] addition, int offset) { int tx=1,ty=1; int tx1=57,ty1=1; // End point 1 int tx2=170,ty2=1; // End point 2 int tx3=225,ty3=113; // End point 3 int tx4=170,ty4=225; // End point 4 int tx5=57,ty5=225; // End point 5 int tx6=1,ty6=113; // End point 6
The code for getting text from images in android follows:
private byte[] decode_text1(byte[] image)
34
{ int tx=1,ty=1; int tx1=57,ty1=1; // End point 1 int tx2=170,ty2=1; // End point 2 int tx3=225,ty3=113; // End point 3 int tx4=170,ty4=225; // End point 4 int tx5=57,ty5=225; // End point 5 int tx6=1,ty6=113; // End point 6 int lenmsg1 = Integer.parseInt(lenmsg); byte[] result = new byte[lenmsg1]; for(ty=1;ty<=result.length;) { for(tx=1;tx<=57;tx++) { if((fAB(tx,ty,tx1,ty1,tx2,ty2)*fBC(tx,ty,tx2,ty2,tx3,ty3)>0) && (fBC(tx,ty,tx2,ty2,tx3,ty3)*fCD(tx,ty,tx3,ty3,tx4,ty4)>0) && (fCD(tx,ty,tx3,ty3,tx4,ty4)*fDE(tx,ty,tx4,ty4,tx5,ty5)>0) && (fDE(tx,ty,tx4,ty4,tx5,ty5)*fEF(tx,ty,tx5,ty5,tx6,ty6)>0) && (fEF(tx,ty,tx5,ty5,tx6,ty6)*fFA(tx,ty,tx6,ty6,tx1,ty1)>0)) { break; } } int pt = (ty-1)*225+tx; result[ty-1] = image[pt]; for(tx=170;tx<=225;tx++) { if(!((fAB(tx,ty,tx1,ty1,tx2,ty2)*fBC(tx,ty,tx2,ty2,tx3,ty3)>0) && (fBC(tx,ty,tx2,ty2,tx3,ty3)*fCD(tx,ty,tx3,ty3,tx4,ty4)>0) && (fCD(tx,ty,tx3,ty3,tx4,ty4)*fDE(tx,ty,tx4,ty4,tx5,ty5)>0) && (fDE(tx,ty,tx4,ty4,tx5,ty5)*fEF(tx,ty,tx5,ty5,tx6,ty6)>0) && (fEF(tx,ty,tx5,ty5,tx6,ty6)*fFA(tx,ty,tx6,ty6,tx1,ty1)>0)))
33
Download The Stego Image With Hidden Message From Email
Apply The Hexagon Insertion Algorithm
Find Out The Encrypted Message And The Decrypt It
Original Message
Figure 6.1. Flow of decoding image steganographic process in android.
35
{ break; } } int pt1 = (ty-1)*225+tx; result[ty] = image[pt1]; ty=ty+2; } String st = new String(result); return result; }
Figure 6.2 illustrates the message after decoding an image file.
6.2 DeCoDing text in matlab moDule
A bit plane of a digital image is a set of bits having the same position in the
respective binary numbers. For example, for 8-bit data representation there are 8 bit-planes:
the first bit-plane contains the set of the most significant bit and the second bit-plane contains
the second most significant bit and so on. In the decoding process the gray scale image is
converted into 8-bit planes. All these image bit planes are shifted by 1 bit and then cone is
inserted into these 8 bit planes. Intersection point of cone and image are then considered as
36
a place where sender has hide his secret message. So the recipient of message can find the
hidden message. The code for getting text from images in matlab follows:
%get 8 bitplanes of image
for i=1:8 bitsd=bitget(image,i); bitsd = bitsd ~= 0; bitplaned{i}=bitsd; end
for i=1:4 for j=1:256 for k=1:256 helixd(j,256*(i-1)+k)=bitplaned{i}(j,k); end endend
%performing shift operation on the imageshift=1; for i=1:256; for j=1:256*4; if mod((i-1)*shift+j,256*4) == 0; h1(i,256*4)=helixd(i,j); else h1(i,mod((i-1)*shift+j,256*4))=helixd(i,j);
Figure 6.2. Message after decoding image file.
37
end end end
Loops=2;
%figure,imshow(h);
%getting back the inserted txt at the intersection point of image and cone back
k=1;for i=4:4:256; for j=4:4:(256*4)/(2*Loops); if k >= length(val); break; else val1(k)=h1(i,j); k=k+1; val1(k)=h1(i,((256*4)/(2*Loops))+((256*4)/(2*Loops))-j); k=k+1; val1(k)=h1(i,2*((256*4)/(2*Loops))+j); k=k+1; val1(k)=h1(i,3*((256*4)/(2*Loops))+((256*4)/(2*Loops))-j); k=k+1; end endend
code=zeros(length(val1)/8,8);p=0;q=0;r=1;for i=1:length(val1)/8 p=0; q=0; for j=1:8 code(i,j)=val1((i-1)*8+j); p=p+((2^(j-1))*(double(val1((i-1)*8+j)))); end str(r) = mod(p,255); r=r+1;
end
str=char(str);
%writing decoded text to file name unsecure.txt
dlmwrite(‘unsecure.txt’,str,’’);
38
chapter 7
concLuSion
Steganography is powerful and effective for communication of secret data. In some
countries, cryptography is not allowed to be applied in full application. They have put certain
restrictions due to security reasons. Steganography is very important in such situations. On
the other side, steganography alone is not secure entirely. Steganography when combined
with cryptography indeed becomes a powerful method of secure of communication. If
Steganography is broken then the attacker has to still break cryptography. One also needs to
implement steganography keeping in mind the various possible attacks.
The two modules showing the encoding and decoding techniques of storing the secret
message in a cover media work very effectively. The techniques discussed here to achieve
such kind of a covert communication is just an effort to show that practically any kind of
secret communication is possible in information security.
7.1 limitations
To validate in Matlab Module, we have already mentioned name of cover image to
be used in code and text file name to be read. In Android module , message from text file
is made to read and cover image is selected from picture gallery available in that particular
SD Card. In my application all images has to be jpeg file and for android application has
to be of at least 1024x768.The memory card is basic requirement for Android otherwise
application would not execute further. Sometimes Downloading Larger images from gmail
forces android phones to stay in busy mode. So my suggestion is to attach embedded image
manually with email.
39
7.2 future enHanCements
The existing application is a desktop application. The Java application runtime (.jar)
that is created using the eclipse IDE which is nothing but an archive which can be moved to
any workstation irrespective of the operating system that the workstation has and a single
click can easily install the entire system on the respective machine.
The result of Android module will be an .APK file which is the actual program binary
of application. However, the .APK file your compiler creates can only be used with the
emulator on your desktop PC/Mac. You cannot use the same .APK file to install and run your
app on your Android phone.
Google wants to protect its phone users from installing and running fraudulent
software on their devices. Therefore, each and every application needs to be signed with a
valid certificate that ensures where the application comes from. I am planning to signed the
application with my certificate using suitable private key and upload on open source Android
market to get feedback from Android phone user and see how many downloads occurs by
users to use this application.
Also the web support can be extended by adding MMS feature to the software where
the encoded stream can be mms to the receiver to get it decoded. This feature can make the
software really efficient. These kind of small additions can be tried for the software to make it
more interactive, user friendly and technically more sound and secure in combination of one
or the other. The results clearly show the considerable difference between the errors detected
in Mode 1 and Mode 2. Also in both the modes, as more number of bits per codeword is
encoded, the number of errors decreases at the receiver’s end. The numbers remain fairly
consistent for all the three cases in Mode 1, but for Mode 2 the difference between 1 stega bit
sent per codeword and 2 stega bits sent per codeword are large. This phenomenon is observed
due to the fact that the detection mechanism in Mode 2 becomes much more stringent and
expectation of erred bits is more accurate as we increase the bit frequency at the sender.
40
reFerenceS
T. Morkel , J.H.P. Eloff , and M.S. Olivier. An Overview of Image Steganography. [1] Department of Computer Science, University of Pretoria, South Africa, 2010. http://mo.co.za/open/stegoverview.pdf, accessed November 2010.
N. Sharma, N. Gupta, and J.S. Bhatia. An Encrypto-Stegno Technique Based Secure [2] Data Transmission System. Chandigrah, 2010. http://www.infosecwriters.com/text_resources/pdf/encrypto.pdf, accessed November 2010.
A. Mangarae. Steganography FAQ. Zone-H.org, March 18, 2006. http://[3] infosecwriters.com/text_resources/pdf/Steganography_AMangarae.pdf, accessed November 2010.
R. Bergmair. Towards Linguistic Steganography: A Systematic Investigation of [4] Approaches, Systems, and Issues. Keplerstrasse 3. http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.122.8569&rep=rep1&type=pdf, accessed November 2010.
J. Burns. Developing Secure Mobile Application. ISEC Parnters, October 2008. [5] https://www.isecpartners.com/files/iSEC_Securing_Android_Apps.pdf, accessed November 2010.
Wikipedia. Android. Wikipedia, 2010. http://en.wikipedia.org/wiki/ [6] Android(operating_system), accessed October 2010..
Zeukstek, Android Architecture. Zeukstek, 2010, http://blog.zeustek.com/2010/11/11/[7] android-architecture accessed November 2010.
R. Meier. Professional Android Application Development. New York: Wrox [8] Publication, 2008.
L. Darcey and S. Conder. How to Build an Android Application, Step by [9] Step, ComputerWorld, August 30, 2010. http://www.computerworld.com/s/article/print/9181925/How_to_build_an_Android_application_step_by_step?taxonomyName=App%20Development& , accessed November 2010.
M. Murphy. The Busy’s Coder Guide to Android Development. New York: [10] Commonware, 2009.
E. L. Hall. Computer Image Processing and Recognition. New York: Academic Press, [11] 1979.
A. Mehta, S. Rampu, and A. Simionescu, Black Holes. General Geoscience and [12] Astrophysics, Jacobs University, 2010. http://www.faculty.iu-bremen.de/course/fall02/c210101/students/BlackHoles/Black%20holes%20and%20Schwartzschild%20geometry.htm, accessed November 2010.
Wikipedia. Cone. http://en.wikipedia.org/wiki/Cone, accessed October 2010.[13]
41
Wikipedia. Hexagon. Wikipedia, 2010. http://en.wikipedia.org/wiki/Hexagon, [14] accessed October 2010.