Presentation is loading. Please wait.

Presentation is loading. Please wait.

Survey on Information Assurance TEL 581 Presented by Viswesh Prabhu Subramanian Gregory Michel Lincoln Jean Louis Steganography.

Similar presentations


Presentation on theme: "Survey on Information Assurance TEL 581 Presented by Viswesh Prabhu Subramanian Gregory Michel Lincoln Jean Louis Steganography."— Presentation transcript:

1 Survey on Information Assurance TEL 581 Presented by Viswesh Prabhu Subramanian Gregory Michel Lincoln Jean Louis Steganography

2 Agenda  History  Introduction  Steganography Techniques  Limitations  Detection  Attacks  Conclusion

3 Have you ever wanted to hide something from: Your friends? Your family? The Government?

4 If the answer is yes, then you need to learn about Steganography Steganography is the study of hiding information http://plus.maths.org/issue21/features/singh/Pixels.jpg

5 History  Thousands of years ago, the Greeks used steganography to hide information from their enemies.  One hiding method was to engrave a message in a block of wood, then cover it with wax, so it looked like a blank wax tablet. When they wanted to retrieve the message, they would simply melt off the wax. Content source: www.cs.bham.ac.uk/~mdr/teaching/modules03/security/students/SS5/Steganography.ppt http://www.securitytribe.com/~v ertigo/sig-giu-5-tinypayload- hex.gif

6 History  440 B.C. Histiaeus shaved the head of his most trusted slave and tattooed it with a message which disappeared after the hair had regrown. To instigate a revolt against Persians.  1 st and 2 nd World Wars German spies used invisible ink to print very small dots on letters. Microdots – Blocks of text or images scaled down to the size of a regular dot.  Current Special inks are used to write a hidden messages on bank notes. Industry demands for digital watermarking and fingerprinting of audio and video.

7 Introduction Steganography Protection against detection (data hiding) Protection against removal (document marking) Watermarking (all objects are marked in the same way) Fingerprinting (identify all objects, every object is marked specific)

8 Why not Encryption? Steganography (hide existence of the secret message, but do not use encryption) Encryption (encrypt the message, but do not hide the message) Confidentiality Anybody can see both parties are communicating in secret. Suspicious. Ideally nobody can see both parties are secretly communicating. Innocent.

9 Steganography basics 01000001 = A 01000010 = B 01000011 = C 0 0 1 Bits One byte can be used to represent each letter of the alphabet. This is what is used in text files. 10011000 11111111 Bytes 00001000 Content source: www.cs.bham.ac.uk/~mdr/teaching/modules03/security/students/SS5/Steganography.ppt

10 Steganography basics 11111000 11001001 00000011 Pictures are made up of lots of little dots called pixels. Each pixel is represented as 3 bytes – one for red, one for green and one for blue. Each byte is interpreted as a number, which is how much of that colour is used to make the final colour of the pixel. 248 201 3 248 + 201 + 3 = Orange Colour

11 Steganography basics The difference between two colours that differ by one in either one red, green or blue value is impossible to see with the human eye. If we change the least significant (last) bit in a byte, we either add or subtract one from the value it represents. This means we can overwrite the last bit in a byte without affecting the colour it appears to be. 248 + 201 + 3 = Original Colour 247 + 201 + 3 = Red -1 248 + 201 + 4 = Blue +1

12 11111000 11001001 00000011 We can use images to hide things if we replace the last bit of every colour’s byte with a bit from the message. 01000001 Message: A Image with 3 pixels: 11111000 11001001 00000011 11111000 11001001 00000011 11111000 11001001 00000011 Pixel 1: Pixel 2: Pixel 3: Now we hide our message in the image: 11111000 11001001 00000010 Pixel 1: Pixel 2: Pixel 3: New image: 11111000 11001000 00000010 11111000 11001001 00000011

13 Basic Principle in Steganography Encoder Decoder Cover Image Secret Image Key Stego Object Original Cover Secret Image Communications Channel

14 Types of Steganography Fragile – Hidden information destroyed as soon as object is modified. – Useful in proving objects have not been manipulated and changed e.g. evidence in a court of law. Robust – It should be infeasible to remove the hidden data without degrading the perceived quality of the data. – Useful in copyright watermarking.

15 Steganography Techniques

16  Binary File Techniques  Text Techniques  Image Techniques  Sound Techniques  Other Techniques

17 Binary File Techniques  Used to protect copyright inside a binary program  Any changes to that binary file will cause the execution of it to alter  key generators and serial keys and no longer sufficient for copyrights purposes

18 Binary File Techniques  One method for embedding a watermark in a binary file works as follows. First, let’s look at the following lines of code that have been extracted from a binary file: a = 2; b = 3; c = b + 3; d = b + c;  The above instruction is simply equivalent to: b = 3;b = 3;b = 3; a = 2;c = b + 3;c = b + 3; c = b + 3;a = 2;d = b + c; d = b + c;d = b + c;a = 2;

19 Text Techniques  Can be achieved by: Altering text formatting Altering characteristics of characters.  The document is altered in a way that it is simply not visible to the human eye

20 Text Techniques  To embed information inside a document we can simply alter some of its characteristics  The codebook is a set of rules that tells the encoder which parts of the document it needs to change  These can be either the text formatting or characteristics of the characters Encoder Codebook Marked Documents

21 Text Techniques  Line Shift Coding Protocol  Word Shift Coding Protocol  Feature Coding Protocol  White Space Manipulation  Text Content

22 Line Shift Coding Protocol  Lines are shifted inside the document up or down by a small fraction (such as 1/300th of an inch) according to the codebook  These lines will become a control so that the computer can measure the distances between them  By finding out whether a line has been shifted up or down we can represent a single bit, 0 or 1.

23 Word Shift Coding Protocol  Based on the same principle as the line shift coding protocol  The codebook will simply tell the encoder which of the words is to be shifted and whether it is a left or a right shift  The decoding technique is measuring the spaces between each word and a left shift could represent a 0 bit and a right bit representing a 1 bit.

24 Feature Coding Protocol  The document is passed through a parser where it examines the document and it automatically builds a codebook specific to that document.  can use a number of different characteristics such as the height of certain characters, the dots above i and j and the horizontal line length of letters such as f and t.  Line shifting and word shifting techniques can also be used to increase the amount of data that can be hidden.

25 White Space Manipulation  White space can be manipulated so that bits can be stored  This is done by adding a certain amount of white space to the end of line  A program which uses this technique is SNOW [7], which is freely available.

26 Text Content  Information can hidden in conceal it in what seems to be inconspicuous text  The grammar within the text can be used to store information  Easy to spot but there are clever implementations, such as SpamMimic [9] which creates a spam email that contains a secret message.

27 Image Techniques  Simple Watermarking  LSB – Least Significant Bit Hiding (Image Hiding)  Direct Cosine Transformation

28 Simple Watermarking  Can be done by adding a pattern on top of an existing image  This method is only really applicable to watermarking, as the pattern is visible and even without the original watermark

29 Simple Watermarking http://upload.wikimedia.org/wikipedia/commons/thumb/6/60/Visible_digital_wate rmarking.jpg/450px-Visible_digital_watermarking.jpg

30 LSB – Least Significant Bit  The easiest way of hiding information in an image and yet it is surprisingly effective  It works by using the least significant bits of each pixel in one image to hide the most significant bits of another

31 LSB – Least Significant Bit  STEPS: 1. First load up both the host image and the image you need to hide 2.Chose the number of bits you wish to hide the secret image in. The more bits used in the host image, the more it deteriorates 3.Create a new image by combining the pixels from both images e.g. Host Pixel: 10110001 Secret Pixel: 00111111 New Image Pixel: 10110011

32 LSB – Least Significant Bit

33 Direct Cosine Transformation 1. First the image is split up into 8 x 8 squares 2. Next each of these squares is transformed via a DCT, which outputs a multi dimensional array of 63 coefficients 3. A quantizer rounds each of these coefficients, which essentially is the compression stage as this is where data is lost 4. Small unimportant coefficients are rounded to 0 while larger ones lose some of their precision 5. At this stage you should have an array of streamlined coefficients, which are further compressed via a Huffman encoding scheme or similar 6. Decompression is done via an inverse DCT.

34 Spread Spectrum  Spread Spectrum  MIDI

35 Sound Techniques  Spread spectrum systems encode data as a binary sequence which sounds like noise but which can be recognised by a receiver with the correct key  Used by the military since the 1940s because the signals are hard to jam or intercept as they are lost in the background noise

36 MIDI  Good places to hide information due to the revival this format has had with the surge of mobile phones, which play MIDI ring tones  Steganography in MIDI takes advantages of the Program Change message in the midi file which basically changes the type of instrument being played on a certain channel.

37 MIDI  Each PC message can contain a number from 0 to 127  String together the necessary number of PC messages to contain the hidden data.

38 Limitations

39  Both parties must agree on the method used.  If they don’t, the receiving party may not know that there is a hidden message.  The size of the medium being used to hide the data.  In order for steganography to be useful the message should be hidden without any major changes to the object it is being embedded in. This leaves limited room to embed a message without noticeably changing the original object.

40 Detection

41 Steganalysis  The art of detecting Steganography. This involves detecting the use of Steganography inside of a file.  Does not deal with trying to decrypt the hidden information inside of a file, it just attempts to discover it.  Detection can be either passive or active. Passive – Just attempt to discover it. Active – Attempt to retrieve the hidden information.

42 Detection Methods for detecting Steganography are:  Viewing the file and comparing it to another copy of the file found on the Internet (eg. a picture file).  Look for (disturbings of) patterns.  Line heights and whitespaces.  Examine color palette.  Size of the image.  Last modified date.  Listening to the file (audio file).  Listen for disturbances.  Size of file.  Date last modified.

43 Detection Methods for detecting Steganography are:  Video files  Visible signals (gestures, movements)  Same techniques as with images  Same techniques as with audio  Using utilities.  Xsteg (Linux based)  Stegdetect  Steganography Analyzer Artifact Scanner (StegAlyzerAS)  Steganography Analyzer Signature Scanner (StegAlyzerSS)

44 Attacks

45 Basic Attacks  Introduce timing errors.  This is done by adjusting the synchronization chip signal which causes the embedded data to be lost.  Change the Length of audio.  Altering the length of a piece of audio without changing the pitch. This can be an effective attack on audio files.

46 Attacks Robustness Attacks:  Attempts to diminish or remove the presence of a watermark.  If a series of minor distortions are applied the watermark can be lost while the image remains largely unchanged.  Whatever changes have been made will likely be acceptable to pirates or other persons who do not usually require high quality copies.  A utility that utilizes this technique is Stirmark. E.g..E.g..

47 Attacks Robustness Attacks (cont)  Cepstrum analysis.  Echo hiding.  Echo hiding is a technique used to encode zeros and ones by adding echo signals distinguished by different values for their delay and amplitude to an audio signal.  Decoding can be done by detecting the initial delay using the auto-correlation of the cepstrum of the encoded signal.  If the echo can be detected then it can be removed by inverting the formula used to add it.

48 Attacks Presentation Attacks:  Modifies the content of the file in order to prevent the detection of the watermark. Mosaic attack  Takes advantage of size requirements for embedding a watermark.  By splitting the marked file into small sections the mark detection can be confused. E.g..E.g..

49 Attacks Interpretation Attacks  Interpretation attacks involve finding a situation in which the assertion of ownership is prevented.  Prevents mark detection being unable to tell which mark came first if multiple marks are found.  If the owner publishes a document, d + w (where d is the original and w is the watermark) a pirate can add a second watermark w’ and claim that the document is his and that the original was d + w - w’.

50 Attacks Implementation Attacks  Software used to implement steganographic techniques needs to be secure.  If the mark detection software is vulnerable it may be possible for attackers to deceive it.  Digimarc, one of the most widely used picture marking schemes was attacked using a weakness in the implementation.

51 Conclusion  As Steganography becomes more widely used in computing there are issues that need to be resolved.  There are a wide variety of different techniques with their own advantages and disadvantages  Many currently used techniques are not robust enough to prevent detection and removal of embedded data.

52 Conclusion For a system to be considered robust it should have the following properties:  The quality of the media should not noticeably degrade upon addition of a mark.  Marks should be undetectable without secret knowledge, typically the key.  If multiple marks are present they should not interfere with each other.  The marks should survive attacks that don’t degrade the perceived quality of the work.

53 Conclusion  As attacks are found that work against existing techniques, it is likely that new techniques will be developed that overcome these deficiencies.  The continuing use of digital media will drive development of new techniques and standards for watermarking are likely to be developed.  techniques used by law enforcement authorities to detect embedded material will improve as they continue to try and prevent the misuse of Steganography.

54 References  http://www.cs.bham.ac.uk/~mdr/teaching/modules03 /security/students/SS5/Steganography.pdf  http://www.infosecwriters.com/text_resources/pdf/St eganography_AMangarae.pdf  http://en.wikipedia.org/wiki/Steganography  http://niels.xtdnet.nl/papers/practical.pdf


Download ppt "Survey on Information Assurance TEL 581 Presented by Viswesh Prabhu Subramanian Gregory Michel Lincoln Jean Louis Steganography."

Similar presentations


Ads by Google