ABSTRACT
STEGANOGRAPHY
The word Steganography comes from the Greek words Steganós (Covered) and Graptos (Writing). Steganography is the science of hiding information in media based data. The modern day sense of the word usually refers to information or a file that has been concealed inside a digital Picture, Video or Audio file.
There are several tools which are used for steganography like MP3stego, GIFshuffle, wbstego etc.
There are several tools which are used for steganography like MP3stego, GIFshuffle, wbstego etc.
INTRODUCTION
Since the rise of the Internet one of the most important factors of information technology and communication has been the security of information. Cryptography was created as a technique for securing the secrecy of communication and many different methods have been developed to encrypt and decrypt data in order to keep the message secret. Unfortunately it is sometimes not enough to keep the contents of a message secret, it may also be necessary to keep the existence of the message secret. The technique used to implement this, is called steganography. Steganography is a subject which is rarely touched upon by most IT Security Enthusiasts. Most people don't see Steganography has a potential threat, some people don't even know what Steganography is.
Steganography is the art and science of hiding information in ways that prevent the detection of hidden messages. In short we can say that Steganography is the practice of hiding private or sensitive information within something that appears to be nothing out of the usual. This is accomplished through hiding information in other information, thus hiding the existence of the communicated information.
Steganography comes from the Greek words Steganós (Covered) and Graptos (Writing). The most common use of Steganography is to hide a file inside another file. Modern steganography's goal is to keep hidden message's mere presence undetectable, but steganographic systems because of their invasive nature, leave behind detectable traces in the cover medium. Even if secret content is not revealed, the existence of it can be guessed because modifying the cover medium changes its statistical properties, so eavesdroppers can detect the distortions in the resulting stego medium's statistical properties. When information or a file is hidden inside a carrier file, the data is usually encrypted with a password.
Steganography is often confused with cryptology because the two are similar in the way that they both are used to protect important information. The difference between the two is that Steganography involves hiding information so it appears that no information is hidden at all. Steganography and cryptography are cousins in the spy craft family. Cryptography scrambles a message, so that it cannot be understood. Steganography hides the message, so it cannot be seen. If a person or persons views the object that the information is hidden inside of he or she will have no idea that there is any hidden information, therefore the person will not attempt to decrypt the information. Steganography in the modern day sense of the word usually refers to information or a file that has been concealed inside a digital Picture, Video or Audio file. What Steganography essentially does is exploit human perception, human senses are not trained to look for files that have information hidden inside of them, although there are programs available that can do what is called Steganalysis (Detecting use of Steganography.)
DESCRIPTION
HISTORY:Throughout history, Steganography has been used to secretly communicate information between people. Some examples of use of Steganography in past times are:
1. One of the oldest examples of steganography dates back to around 440 BC in Greek History. Herodotus, a Greek historian from the 5th Century BC, revealed some examples of its use in his work entitled "The Histories of Herodotus". One elaborate example suggests that Histaeus, ruler of Miletus, tattooed a secret message on the shaven head of one of his most trusted slaves. After the hair had grown back, the slave was sent to Aristagorus where his hair was shaved and the message that commanded a revolt against the Persians was revealed. In this example, the slave was used as the carrier for the secret message, and anyone who saw the slave as they were sent to Aristagorus would have been completely unaware that they were carrying a message. As a result of this, the message reached the recipient with no suspicion of covert communication ever being raised.
2. During World War 2 invisible ink was used to write information on pieces of paper so that the paper appeared to the average person as just being blank pieces of paper. Liquids such as urine, milk, vinegar and fruit juices were used, because when each one of these substance is heated they darken and become visible to the human eye.
3. Another method used in Greece was where someone would peel wax off a tablet that was covered in wax, write a message underneath the wax then re-apply the wax. The recipient of the message would simply remove the wax from the tablet to view the message.
4. In the Second World War the Microdot technique was also developed by the Germans. Information, especially photographs, was reduced in size until it was the size of a typed period. Extremely difficult to detect, a normal cover message was sent over an insecure channel with one of the periods on the paper containing hidden information. Today steganography is mostly used on computers with digital data being the carriers and networks being the high speed delivery channels.
DIFFERENCE BETWEEN STEGANOGRAPHY & CRYPTOGRAPHY:
Some people might think that there is no difference between steganography & cryptography as both are used for data hiding. But there are mainly two differences between steganography & cryptography. They are mentioned below:
- In cryptography it hides the contents of the message from an attacker, but not the existence of the message. Where as in steganography it even hide the very existence of the message in the communicating data.
- Consequently, the concept of breaking the system is different for cryptosystems and stegosystems.
- A cryptographic
system is broken when the attacker can read the secrete message.
- Whereas the Breaking of a steganographic system has two stages:
The attacker can detect that steganography has been used & the attacker is able to read, modify or remove the hidden message.
TERMINOLOGIES OF STEGANOGRAPHY:
Before continuing, we will briefly define the terminologies used in the "stego-sciences". There are some terminologies which are mentioned below:
- payload-The message to be hidden is called the payload.
2. Carrier File - A file which has hidden information inside of it is called Carrier File. It is also called cover object. Ex: image, audio file, video file etc..
- stego object- The result of embedding the payload into the cover object is called the stego object.
- embedding rate- If the size of the message and the size of the cover can be quantized in one form or another, then we can define the embedding rate
(also called the encoding density) as the ratio of these sizes (payload over cover). In digital systems, the size of both objects is usually measured in bits.
- Stego-Medium – The medium in which the information is hidden.
- Steganalysis – The process of detecting hidden information inside of a file.
MODERN STEGANOGRAPHY:
The famous example of modern steganography is The prisoner's problem.
There are two prisoners named Alice and Bob. Alice want to transmit some secret message to Bob. One steganalyst may just want to know whether Alice and Bob are communicating, where as another steganalyst may want to know how Alice and Bob are communicating so that they can impersonate Alice and send Bob false messages.
The role of the steganalyst can be defined in 2 categories – passive & active.
Passive steganalysts intercept a Work as it is passed through the communications channel, and then tests it to identify whether it contains a secret message or not. If no secret message is detected, the Work will be allowed to continue through the communications channel. However, if a secret message is detected, the steganalyst will block the transmission and Bob will not receive the secret message. However, the fact that Bob does not receive the message he was waiting for may lead him to suspect that a steganalyst has successfully broken the communication, and therefore they will often change the algorithm and resend the message again.
- Active steganalyst:
An active steganalyst differs from a passive steganalyst because if the existence of a secret message is found, the active warden would modify the Work such that the integrity of the message is broken. This modification may be achieved by compressing the image in the hope that some important pixel values alter the secret message data. Most steganographic techniques assume a passive steganalyst, and therefore the stegogramme is not designed to survive modifications such as these. With this method, Bob will still receive the Work, but when he extracts the message he will find it does not make sense.
STEGANOGRAPHY GENERAL DIAGRAM & DESCRIPTION:
General Diagram:
The entire process of steganography for images can be presented graphically as:
Description:
In terms of development, Steganography is comprised of two algorithms, one for embedding and one for extracting. The embedding process is concerned with hiding a secret message within a cover Work, and is the most carefully constructed process of the two. A great deal of attention is paid to ensuring that the secret message goes unnoticed if a third party were to intercept the cover Work. The extracting process is traditionally a much simpler process as it is simply an inverse of the embedding process, where the secret message is revealed at the end.
1. Secret message - usually a text file that contains the message you want to transfer
2. Cover Work - used to construct a stegogramme that contains a secret message.
The next step is to pass the inputs through the Stego-system Encoder, which will be carefully engineered to embed the message within an exact copy of the cover Work, such that minimum distortion is made; the lower the distortion, the better the chances of undetectability. The stego-system encoder will usually require a key to operate, and this key would also be used at the extraction phase. This is a security measure designed to protect the secret message. Without a key, it would be possible for someone to correctly extract the message if they managed to get hold of the embedding or extracting algorithms. However, by using a key, it is possible to randomise the way the stegosystem encoder operates, and the same key will need to be used when extracting the message
so that the stegosystem decoder knows which process to use. This means that if the algorithm falls into enemy hands, it is extremely unlikely that they will be able to extract the message successfully.
The resulting output from the stego-system encoder is the stegogramme, which is designed to be as close to the cover Work as possible, except it will contain the secret message. This stegogramme is then sent over some communications channel along with the key that was used to embed the message. Both the stegogramme and the key are then fed into the stego-system decoder where an estimate of the secret message is extracted. Note that we can only ever refer to the output of the extraction process as an estimate because when the stegogramme is sent over a communications channel, it may be subjected to noise that will change some of the values. Therefore, we can never be sure that the message extracted is an exact representation of the original. Also, the recipient will obviously never know what the original message was, and so they have nothing to compare it to when it is extracted.
- Cover text (cover-data - cover-object): is an original unaltered message.
- Embedding process: in which the sender tries to hide a message by embedding it into a (randomly chosen) cover-text, usually using a key, to obtain a stego-text (stego-data or stego-object). The embedding process can be described by the mapping E: C ´ K ´ M ® C.
Where,
C is the set of possible cover- and stego-texts.
K is the set of keys.
M is the set of messages.
- Recovering process: in which the receiver tries to get, using the key only, not the cover text, the hidden message in the stego text.
The recovery process can be seen as mapping D: C ´ K ® C.
- Security requirement: is that a third person watching such a communication should not be able to find out whether the sender has been active, and when, in the sense that he really embedded a message in the cover -text. In other words, stego texts should be indistinguishable from cover texts.
Basic types of stego system:
There are three basic types of stego systems:
· Pure stegosystems - no key is used. · Secret-key stegosystems - secret key is used.
· Public-key stegosystems - public key is used.
- Pure stegosystem S = á C, M, E, D ń, where C is the set of possible cover texts, M is the set of secret messages, |C| ł |M|, E:C ´ M ® C is the embedding function and D:C ® M, is the extraction function, with the property that D(E(c, m)) = m, for all m Î M and c Î C.
- Security of the pure stegosystems depends completely on its secrecy.On the other hand, security of other two stegosystems depends on the secrecy of the key used.
- Secret-key (asymetric) stegosystem S = á C, M, K, EK, DK ń, where C is the set of possible covertexts, M is the set of secret messages with |C| ł |M|, K is the set of secret keys, EK:C ´ M ´ K ® C, DK:C ´ K ® M with the property that DK(EK(c, m, k),k) = m for all m Î M , c Î C and k Î K.
- Public key steganography: Similarly as in case of the public-key cryptography, two keys are used: a public-key E for embedding and a private-key D for recovering.
- It is often useful to combine such a public-key stegosystem with a public-key cryptosystem. For example, in case Alice wants to send a message m to Bob, encode first m using Bob's public key eB, then make embedding of eB(m) using process E into a cover and sends the resulting stegotext to Bob, who recovers eB(m) using D and then decrypts it, using decryption function dB.
IMPORTANT PROPERTIES & CONDITIONS:
Properties:
1.
Freedom to choose cover image: With many different image file formats used on the Internet, it might seem suspicious that only one type of file format is continuously communicated between two parties. The most powerful steganographic algorithms thus possess the ability to embed information in any
Freedom to choose cover image: With many different image file formats used on the Internet, it might seem suspicious that only one type of file format is continuously communicated between two parties. The most powerful steganographic algorithms thus possess the ability to embed information in any
type of file. This also solves the problem of not always being able to find a suitable image at the right nmoment, in the right format to use as a cover image.
2. Independence of hidden message and digital object used as cover.
3. Embedding capacity or payload.
Conditions:
1.
Security of the hidden communication.
Security of the hidden communication.
2. Size of the payload: steganography aims at hidden communication and therefore requires sufficient embedding capacity.
3. Robustness against malicious and unintentional attacks: Statistical steganalysis is the practice of detecting hidden information through applying statistical tests on image data. Many steganographic algorithms leave a 'signature' when embedding information that can be easily detected through statistical analysis. To be able to pass by a warden without being detected, a steganographic algorithm must not leave such a mark in the image as be statistically significant.
4. Perceptability:
The stegogramme that is produced after embedding a secret message should not be altered such that it is visually obvious that information has been embedded. In fact, the resulting image should be so similar to the original that if you compare both side by side, you should not be able to see any difference at all between the two.
The stegogramme that is produced after embedding a secret message should not be altered such that it is visually obvious that information has been embedded. In fact, the resulting image should be so similar to the original that if you compare both side by side, you should not be able to see any difference at all between the two.
STEGANOGRAPHY CARRIERS:
There are several carriers which are used in steganography within which we can hide our data. Some of them are mentioned below:
Now a day we have attractive multimedia object that we can use as carrier & within which we can hide our hidden message or data. For example image file, audio file, video file etc..
Steganography In Images:
When hiding information inside images the LSB (Least Significant Byte) method is usually used. To a computer an image file is simply a file that shows different colors and intensities of light on different areas of an image. The best type of image file to hide information inside of is a 24 Bit BMP (Bitmap) image.
The reason being is this is the largest type of file and it normally is of the highest quality. When an image is of high quality and resolution it is a lot easier to hide and mask information inside of. Although 24 Bit images are best for hiding information inside of due to their size some people may choose to use 8 Bit BMP's or possibly another image format such as GIF, the reason being is that posting of large images on the internet may arouse suspicion. It is important to remember that if you hide information inside of an image file and that file is converted to another image format, it is most likely the hidden information inside will be lost.
Steganography In Audio:
When hiding information inside Audio files the technique usually used is low bit encoding which is some what similar to LSB that is generally used in Images. The problem with low bit encoding is that it is usually noticeable to the human ear, so it is a rather risky method for someone to use if they are trying to mask information inside of an audio file. Spread Spectrum is another method used to conceal information inside of an audio file. This method works by adding random noises to the signal the information is conceal inside a carrier and spread across the frequency spectrum. Echo data hiding is yet another method of hiding information inside an audio file. This method uses the echoes in sound files in order to try and hide information. By simply adding extra sound to an echo inside an audio file, information can be concealed. The thing that makes this method of concealing information inside of audio files better than other methods is that it can actually improve the sound of the audio inside an audio file.
Steganography In Video:
When information is hidden inside video the program or person hiding the information will usually use the DCT (Discrete Cosine Transform) method. DCT works by slightly changing the each of the images in the video, only so much though so it's isn't noticeable by the human eye. To be more precise about how DCT works, DCT alters values of certain parts of the images, it usually rounds them up. For example if part of an image has a value of 6.667 it will round it up to 7. Steganography in Videos is similar to that of Steganography in Images, apart from information is hidden in each frame of video. When only a small amount of information is hidden inside of video it generally isn't noticeable at all, however the more information that is hidden the more noticeable it will become.
Steganography In Documents:
Steganography can be used in documents? Yes it's true!
The use of Steganography in documents works by simply adding white space and tabs to the ends of the lines of a document. This type of Steganography is extremely effective, because the use white space and tabs is not visible to the human eye at all, at least in most text/document editors. White space and tabs occur naturally in documents, so there isn't really any possible way using this method of Steganography would cause someone to be suspicious. The most popular piece of software used to perform this type of Steganography is a piece of software called SNOW.
Many other options in the modern communication systems which are used as carriers are:
1. Text files 4. Network Packets
2. Software 5. Disk space
3. Hidden partition 6. Circuitry
STEGANOGRAPHY TECHNIQUES:
There are n numbers of methods which are used in steganography.
Images Steganography Methods:
Image steganography has been widely studied by researchers. There are a variety of methods used in which information can be hidden in images. Some of them are described here:
1. Replacing Least Significant Bit(LSB):
In image steganography almost all data hiding techniques try to alter insignificant information in the cover image. For instance, a simple scheme proposed by Lee et al., is to place the embedding data at the least significant bit (LSB) of each pixel in the cover image. The altered image is called stego-image. Altering LSB doesn't change the quality of image to human perception but this scheme is sensitive a variety of image processing attacks like compression, cropping etc.
In image steganography almost all data hiding techniques try to alter insignificant information in the cover image. For instance, a simple scheme proposed by Lee et al., is to place the embedding data at the least significant bit (LSB) of each pixel in the cover image. The altered image is called stego-image. Altering LSB doesn't change the quality of image to human perception but this scheme is sensitive a variety of image processing attacks like compression, cropping etc.
2. Replacing moderate significant bit: Chan et al. showed how to use the moderate significant bits of each pixel in the cover image to embed the secret message. This method improves sensitivity to modification, but it degrades the quality of stego-image.
3. Transform domain techniques: Other familiar data hiding techniques use the transformation domain of digital media to hide information discussed by Chang et al. and Hsu et al. Functions such as the discrete cosine transform (DCT) and the discrete wavelet transform (DWT) are widely applied by them. These methods hide the messages in the significant areas of the cover image, which makes them robust against compression, cropping and other image processing attacks.
4. Palette-based method: Palette based images, for example GIF images, are another popular image file format commonly used on the Internet. By definition a GIF image cannot have a bit depth greater than 8, thus the maximum number of colours that a GIF can store is 256. GIF images are indexed images where the colours used in the image are stored in a palette, sometimes referred to as a colour lookup table. Each pixel is represented as a single byte and the pixel data is an index to the colour palette. The colours of the palette are typically ordered from the most used colour to the least used colours to reduce lookup time. GIF images can also be used for LSB steganography, although extra care should be taken. The problem with the palette approach used with GIF images is that should one change the least significant bit of a pixel, it can result in a completely different colour since the index to the colour palette is changed. If adjacent palette entries are similar, there might be little or no noticeable change, but should the adjacent palette entries be very dissimilar, the change would be evident. One possible solution is to sort the palette so that the colour differences between consecutive colours are minimized. Another solution is to add new colours which are visually similar to the existing colours in the palette. This requires the original image to have less unique colours than the maximum number of colours (this value depends on the bit depth used). Using this approach, one should thus carefully choose the right cover image. Unfortunately any tampering with the palette of an indexed image leaves a very clear signature, making it easier to detect. A final solution to the problem is to use greyscale images. In an 8-bit grey scale GIF image, there are 256 different shades of grey. The changes between the colours are very gradual, making it harder to detect.
Audio setganography methods:
1. Low bit encoding 4. Echo data hiding
2. Spread spectrum method 5. Tone insertion
3. Phase decoding
Other methods are as follows:
- Coding methods
-Quantizing, dithering
-Error correcting codes
- Statistical methods
-use hypothesis testing
- Cover generation method
-fractals
- Statistical techniques
- Distortion method
Now let us study LSB method in detail.
Image Processing:
An image file is merely a binary file containing a binary representation of the color or light intensity of each picture element (pixel) comprising the image.
The simplest approach to hiding data within an image file is called Least Significant Bit (LSB) insertion.
Least significant bit (LSB) insertion is a common, simple approach to embedding information in a cover image. The least significant bit (in other words, the 8th bit) of some or all of the bytes inside an image is changed to a bit of the secret message. When using a 24-bit image, a bit of each of the red, green and blue colour components can be used, since they are each represented by a byte. In other words, one can store 3 bits in each pixel. An 800 × 600 pixel image, can thus store a total amount of 1,440,000 bits or 180,000 bytes of embedded data.
In this method, we can take the binary representation of the hidden data and overwrite
the LSB of each byte within the cover image. If we are using 24-bit color, the amount of change
will be minimal and indiscernible to the human eye. As an example, suppose that we have three
adjacent pixels (nine bytes) with the following RGB encoding:
In this method, we can take the binary representation of the hidden data and overwrite
the LSB of each byte within the cover image. If we are using 24-bit color, the amount of change
will be minimal and indiscernible to the human eye. As an example, suppose that we have three
adjacent pixels (nine bytes) with the following RGB encoding:
10010101 00001101 11001001
10010110 00001111 11001010
10011111 00010000 11001011
Now suppose we want to "hide" the following 9 bits of data (the hidden data is usually compressed prior to being hidden): 101101101. If we overlay these 9 bits over the LSB of the 9 bytes above, we get the following (where bits in bold have been changed):
10010101 00001100 11001001
10010111 00001110 11001011
10011111 00010000 11001011
Note that we have hidden 9 bits successfully, but at a cost of only changing 4, or roughly 50%, of the LSBs according to the embedded message. This description is meant only as a high-level overview. Since there are 256 possible intensities of each primary colour, changing the LSB of a pixel results in small changes in the intensity of the colours. These changes cannot be perceived by the human eye - thus the message is successfully hidden. With a well-chosen image, one can even hide the message in the least as well as second to least significant bit and still not see the difference. In the above example, consecutive bytes of the image data – from the first byte to the end of the message – are used to embed the information. This approach is very easy to detect. A slightly more secure system is for the sender and receiver to share a secret key that specifies only certain pixels to be changed. Should an adversary suspect that LSB steganography has been used, he has no way of knowing which pixels to target without the secret key. In its simplest form, LSB makes use of BMP images, since they use lossless compression. Unfortunately to be able to hide a secret message inside a BMP file, one would require a very large cover image. Nowadays, BMP images of 800 × 600 pixels are not often used on the Internet and might arouse suspicion. For this reason, LSB steganography has also been developed for use with other image file formats.
Similar methods can be applied to 8-bit color but the changes, as the reader might imagine, are more dramatic. Gray-scale images, too, are very useful for steganographic purposes. One potential problem with any of these methods is that an adversary who is looking can find them. In addition, there are other methods besides LSB insertion with which to insert hidden information.
STEGANOGRAPHY ATTACKS:
There are several kind of attacks can be made by steganalyst on data. Some of them are mentioned below:
- Stego-only attack: in this attack only the stego-object is available for stegoanalysis
- Known cover attack: in this kind of attack the original cover-object and stego-object are both available for steganalyst.
- Known message attack: Sometimes the hidden message may become known to the stegoanalyser. Analyzing the stego-object for patterns that correspond to the hidden message may be beneficial for future attacks against that system. (Even with the message, this may be very difficult and may even be considered equivalent to the stego-analysis.)
- Chosen stego attack: in this kind of attack the stegoanalysis generates a stego-object from some steganography tool or algorithm from a chosen message. The goal in this attack is to determine corresponding patterns in the stego-object that may point to the use of specific steganography tools or algorithms.
- Known stego attack: in this attack the steganography algorithm is known and both the original and stego-objects are available.
STEGANOGRAPHY APPLICATIONS:
There are several applications of steganography. Some of them are mentioned below:
- To have secure secret communications where cryptographic encryption methods are not available.
- To have secure secret communication where strong cryptography is impossible.
- In some cases, for example in military applications, even the knowledge that two parties communicate can be of large importance.
- The health care, and especially medical imaging systems, may very much benefit from information hiding techniques.
STEGANOGRAPHY TOOLS & LINKS:
- MP3Stego
- JPHide and JPSeek
- BlindSide Cryptographic Tool
- gIFShuffle
- WbStego
- StegoVideo
STEGANOGRAPHY SITES:
Popular sites for Steganography information:
CONCLUSION
Could steganography be used by terrorists ????
A MESSAGE FROM LADEN AFTER FEW DAYS…..
SUB:- MY PICTURE.
- It was speculated that the Terrorists that supposedly carried out the September 11th 2001 terrorist attacks used the Internet for various purposes.
- The only people that seem to be pushing the idea that Terrorists are using the Internet and technologies such as Steganography are the people that support the idea that Al-Qaeda (saying it even exists) is a global sophisticated network of Terrorists that is constantly plotting to kill people in the western world.
- People should be focusing on the important aspects of Steganography, such as what it is really used for, instead of believing propaganda put out by the media.
REFERENCES
- WEB LINKS:
diit.sourceforge.net
- PDFs:
AN OVERVIEW OF IMAGE STEGANOGRAPHY
By: T. Morkel 1, J.H.P. Eloff 2, M.S. Olivier 3
Steganography FAQ
By: Aelphaeis Mangarae [Zone-H.Org]
March 18th 2006
Image Steganography and Steganalysis
By: Philip Bateman & Dr. Hans Georg Schaathun
Prepared by VISHAL DAVE
No comments:
Post a Comment