Presentation is loading. Please wait.

Presentation is loading. Please wait.

Topic 10a Introduction to Steganography 454 NOTE: some of the enclosed information was adapted from slides created by Professor Gary C. Kessler of Champlain.

Published byWilla Nelson Modified over 8 years ago

Similar presentations

Presentation on theme: "Topic 10a Introduction to Steganography 454 NOTE: some of the enclosed information was adapted from slides created by Professor Gary C. Kessler of Champlain."— Presentation transcript:

1 Topic 10a Introduction to Steganography 454 NOTE: some of the enclosed information was adapted from slides created by Professor Gary C. Kessler of Champlain College.

2 454 Objectives Describe steganography and outline the main categories of steganographic technique Describe how steganography has been used in history and might be used by terrorists today Show some examples of linguistic and technical steganography Explain approaches to detection of hidden messages

3 454 The art and science of writing hidden messages in such a way that no one, apart from the sender and intended recipient, suspects the existence of the message.

4 454 Generally involves hiding information Text hidden within text Images hidden within images Text or images hidden within executable files

5 454 Two components Carrier Data file that is openly available – should offer no clue that other data are hidden Payload Data that is hidden within carrier

6 454 The recipient Should know how to recognize the carrier Should know how to extract the payload from the carrier

7 454 Steganography vs Encryption An encrypted file gives away the fact that possibly important data is enclosed Methods can then be used to attempt to decrypt the enclosed data A steganographic carrier should look innocent, and give no clue that it contains hidden data It can then be made available through public methods, and only the intended recipient will recognize it for what it is

8 454 How steganography works

9 454 The Stegosystem:

10 454 Stego-system Criteria Cover data should not be significantly modified i.e. perceptible to humans The embedded data should be directly encoded in the cover & not in wrapper or header. Embedded data should be immune to modifications to cover. If distortion cannot be eliminated, error- correcting codes may need to be included

11 454 Hidden messages in history In ancient Greece messages were written on tablets then covered by wax – the wax was melted to reveal the message During WW2 the French Resistence sent messages on backs of couriers using invisible ink Crew members of the USS Pueblo, held prisoner by North Korea, communicated in sign language to discredit photos showing them smiling and comfortable

12 454 Steganography techniques:

13 454 Linguistic Steganography Involves modification to linguistic systems A message is hidden within another message

14 454 Semagrams The hidden message is hidden in visual cues Visual semagram The message is hidden in an image Example: A picture of a town square where the time on a clock tower indicates time for a bomb to go off

15 454 Visual semagram The message is hidden in an image Another example: Slight changes in a text font, or in text size or spacing could indicate the hidden message

16 454 Text semagram The message is hidden in format of text Example: Slight changes in a text font, or in text size or spacing could indicate the hidden message A barometer begins measurements at 1400 feet altitude during a storm front Message: ‘bomb at 4 am’

17 454 Open codes The message is hidden the communication according to some pre-arranged method Jargon Code: Use of special terminology with hidden meaning to recipient Example: The library is now open and has 200 paperbacks Message: Pot is available at $200 per ounce

18 454 Covered ciphers Null cipher: Simple method such as taking first letter of each word Example: News Eight Weather: Tonight increasing snow. Unexpected precipitation smothers eastern towns. Be extremely cautious and use snowtires especially heading east. The [highway is not] knowingly slippery. Highway evacuation is suspected. Police report emergency situations in downtown ending near Tuesday First letter of each word reveals message Newt is upset because he thinks he is President.

19 454 Another null cipher example: Message sent by British during WW1: PRESIDENT'S EMBARGO RULING SHOULD HAVE IMMEDIATE NOTICE. GRAVE SITUATION AFFECTING INTERNATIONAL LAW. STATEMENT FORESHADOWS RUIN OF MANY NEUTRALS. YELLOW JOURNALS UNIFYING NATIONAL EXCITEMENT IMMENSELY. APPARENTLY NEUTRAL'S PROTEST IS THOROUGHLY DISCOUNTED AND IGNORED. ISMAN HARD HIT. BLOCKADE ISSUE AFFECTS PRETEXT FOR EMBARGO ON BYPRODUCTS, EJECTING SUETS AND VEGETABLE OILS.

20 454 Another null cipher example: Message sent by Germans during WW1: PRESIDENT'S EMBARGO RULING SHOULD HAVE IMMEDIATE NOTICE. GRAVESITUATION AFFECTING INTERNATIONAL LAW. STATEMENT FORESHADOWS RUIN OF MANY NEUTRALS. YELLOW JOURNALS UNIFYING NATIONAL EXCITEMENT IMMENSELY. APPARENTLY NEUTRAL'S PROTEST IS THOROUGHLY DISCOUNTED AND IGNORED. ISMAN HARD HIT. BLOCKADE ISSUE AFFECTS PRETEXT FOR EMBARGO ON BYPRODUCTS, EJECTING SUETS AND VEGTABLE OILS Message: PERSHING SAILS FROM N.Y. JUNE 1

21 454 Covered ciphers Grille cipher: Involves laying a grille over the text to reveal the letters of the message..

22 454 Covered ciphers Another form of grille cipher:.

23 454 Spam as a vector for covered ciphers Spam (unwanted e-mail) can be a wonderful resource for covered ciphers. Most people get so much spam that they simply delete it, or use automated methods of isolating it (spam filters) The ‘Spam Mimic’ program constructs a cover message from a specified embedded message. It includes options for encoding with a password, encoding as fake PGP, and encoding as fake Russian

24 Spam Mimic Meet at Main and Willard at 8:30 * http://www.spammimic.com/

25 454 Dear Friend, This letter was specially selected to be sent to you ! We will comply with all removal requests ! This mail is being sent in compliance with Senate bill 1621 ; Title 5 ; Section 303 ! Do NOT confuse us with Internet scam artists. Why work for somebody else when you can become rich within 38 days ! Have you ever noticed the baby boomers are more demanding than their parents & more people than ever are surfing the web ! Well, now is your chance to capitalize on this ! WE will help YOU sell more & SELL MORE. You can begin at absolutely no cost to you ! But don't believe us ! Ms Anderson who resides in Missouri tried us and says "My only problem now is where to park all my cars". This offer is 100% legal. You will blame yourself forever if you don't order now ! Sign up a friend and your friend will be rich too. Cheers ! Dear Salaryman, Especially for you - this amazing news. If you are not interested in our publications and wish to be removed from our lists, simply do NOT respond and ignore this mail ! This mail is being sent in compliance with Senate bill 2116, Title 3 ; Section 306 ! This is a ligitimate business proposal ! Why work for somebody else when you can become rich within 68 months ! Have you ever noticed more people than ever are surfing the web and nobody is getting any younger ! Well, now is your chance to capitalize on his. We will help you decrease perceived waiting time by 180% and SELL MORE. The best thing about our system is that it is absolutely risk free for you ! But don't believe us ! Mrs Ames of Alabama tried us and says "My only problem now is where to park all my cars". We are licensed to operate in all states ! You will blame yourself forever if you don't order now ! Sign up a friend and you'll get a discount of 20% ! Thanks ! Dear Salaryman, Your email address has been submitted to us indicating your interest in our briefing ! If you no longer wish to receive our publications simply reply with a Subject: of "REMOVE“ and you will immediately be removed from our mailing list. This mail is being sent in compliance with Senate bill 1618, Title 6, Section 307. THIS IS NOT A GET RICH SCHEME. Why work for somebody else when you can become rich within 17 DAYS ! Have you ever noticed more people than ever are surfing the web and more people than ever are surfing the web ! Well, now is your chance to capitalize on this ! WE will help YOU turn your business into an E- BUSINESS and deliver goods right to the customer's doorstep ! You are guaranteed to succeed because we take all the risk ! But don't believe us. Ms Simpson of Wyoming tried us and says "Now I'm rich, Rich, RICH" ! We assure you that we operate within all applicable laws. We implore you - act now ! Sign up a friend and you'll get a discount of 50%. Thank-you for your serious consideration of our offer.. The resulting spam from this message:

26 454 Technical steganography Also called ‘digital steganography’ Takes advantage of methods for digital encoding of information.

27 454 LSB substitution Allows message to be encoded into a graphic Takes advantage of way that raster graphics are encoded into digital files.

28 454 LSB substitution Raster graphics are encoded with numbers that indicate various levens of red, green and blue Also called RGB.

29 454 LSB substitution Often each of the levels of R, G and B are in three individual bytes The least significant bits of these bytes can be substituted without a human noticing a major change to the image.

30 454 LSB substitution 24-bit color Called ‘True Color’ 1 pixel requires three bytes, each representing level of red/green/blue (RGB) color. 16,777,216 (224) possible colors/image

31 454 LSB substitution 8-bit color Also True Color, but... Image contains a palette with up to 256 (28) unique colors, each of which is denoted by a 24-bit RGB value Each pixel requires 1 byte to point to palette entry

32 454 LSB substitution Example: Hide "G" (01000111) in 3 pixels Original data 10010101 00001101 11001001 10010110 00001111 11001011 10011111 00010000 11001011 Stego data 10010100 00001101 11001000 10010110 00001110 11001011 10011111 00010001 11001011

33 + = Example: Copyright Fabian A.P. Petitcolas, Computer Laboratory, University of Cambridge http://www.cl.cam.ac.uk/~fapp2/steganography/image_downgrading/ TOP SECRET

34 Sacrificing 2 bits of cover to carry 2 bits of secret image Original ImageExtracted Image

35 Sacrificing 5 bits of cover to carry 5 bits of secret image Original ImageExtracted Image

36 454 LSB Steganography works best in cover files with high energy: Bright colors High volume

37 454 Audio Steganography There are various methods for hiding data in an audio file Embedding audio message in very high or very low frequencies Slight manipulation of LSB Adding what appears to be noise to the file

38 454 Steganography tools: Primary carrier files are image and audio formats Any type of binary file can be hidden Examples: S-Tools: Designed for lossless compression; hides information inside BMP,GIF, or WAV files using LSB overwriting (password used for LSB randomization and encryption) Gif-It-Up: Designed for lossless compression; hides information inside GIF files using LSB overwriting JP Hide-&-Seek: Designed for lossy compression; hides information inside JPEG files using LSB overwriting of DCT coefficients Camouflage: Append hidden file to carrier file

39 Examples Hide map in: 1.GIF file (Gif-It-Up) 2.JPEG file (JP Hide- &-Seek) 3.WAV file (S-Tools) 4.JPEG file (Camouflage)

40 Steganography Tools Gif-It-Up: Gif files LSB Substitution Encryption JP Hide-&-Seek: JPEG files LSB Overwriting Blowfish Crypto S-Tools: Gif, BMP, WAV files LSB Substitution Encryption – DES, IDEA Password Stegdetect: JPEG files Camouflage: JPEG files

41 Example 1 -GIF File (Gif-It-Up)

42

43 Example 1 -GIF File Properties

44 Example 1 - GIF File Palettes

45 Example 2 - JPEG File (JPHS)

46 Example 2 - JPEG File Properties

47 Example 3 -WAV File (S-Tools)

48 Example 3 -WAV Spectrum Analysis

49 Combating Stegonography WetStone Technologies' (Commercial): Gargoyle (née StegoDetect): Finds remnants of stego (or other malware) software Stego Suite (Stego Analyst, Stego Break, Stego Watch): Applies statistical methods on suspect files to determine probability that stego was employed, a guess as to the algorithm employed, and attempts to break the password Neils Provo (Outguess.org): stegdetect: Detects stego in JPEG images using several algorithms

50

51

52 stegdetect

53 454 Is steganography still used? According to an article in USA Today (Feb 5, 2001) steganography is being employed by Al Queda to hide messages in pornographic images on the Web http://www.usatoday.com/life/cyber/tech/200 1-02-05-binladen.htm

54 454 Is steganography still used? A search for hidden images on the Internet, by Niels Provos and Peter Honeyman (Univ. of Michigan) uncovered 1 hit It was an image created by ABC news for a report on steganography – and contained the hidden image of a B-52 bomber They used the ‘Steganography Detection Framework’ program http://www.citi.umich.edu/u/provos/stego/abc.html

55 454 Summary: Steganography is a set of methods for hiding one set of data in another set of data If done correctly it can be difficult to detect The vast array of images, audio files and binary files on the Web make this an effective tool for secret message transfer Tools exist for detecting hidden messages, but these rely on an understanding of methods used and are not foolproof

Download ppt "Topic 10a Introduction to Steganography 454 NOTE: some of the enclosed information was adapted from slides created by Professor Gary C. Kessler of Champlain."

Similar presentations

Copyright 2003, Marchany Hiding Text in MP3 Files Randy Marchany VA Tech Computing Center Blacksburg, VA 24060.

Copyright 2003, Marchany Hiding Text in MP3 Files Randy Marchany VA Tech Computing Center Blacksburg, VA
Steganography University of Palestine Eng. Wisam Zaqoot April 2011 ITSS 4201 Internet Insurance and Information Hiding.

Steganography University of Palestine Eng. Wisam Zaqoot April 2011 ITSS 4201 Internet Insurance and Information Hiding.
Steganograp hy By : Uday Deep Singh (IT-2 / 7 th Sem) “The Art Of Hiding Content In Images” 1.

Steganograp hy By : Uday Deep Singh (IT-2 / 7 th Sem) “The Art Of Hiding Content In Images” 1.
F5 A Steganographic Algorithm

F5 A Steganographic Algorithm
Computers Talk Binary. nd/Binary_Conversion/Binary_to_Text.asp Send me a polite or write me a polite coded.

Computers Talk Binary. nd/Binary_Conversion/Binary_to_Text.asp Send me a polite or write me a polite coded.
An Introduction to Steganography

An Introduction to Steganography
Steganography and Network Security

Steganography and Network Security
Khan, Mohammed Minhajuddin

Khan, Mohammed Minhajuddin
Steganography Techniques and Countermeasures with Images, Text, and Audio  First speaker – Chris Kleeschulte  Second speaker – David Miller  Third speaker.

Steganography Techniques and Countermeasures with Images, Text, and Audio  First speaker – Chris Kleeschulte  Second speaker – David Miller  Third speaker.
Security 3 Distributed Systems Lecture # 16. Overview Steganography Digital Watermarking.

Security 3 Distributed Systems Lecture # 16. Overview Steganography Digital Watermarking.
Overview of Digital Stenography

Overview of Digital Stenography
Steganography Detection Brittnee Morgan December 22, 2004 HPR 108B.

Steganography Detection Brittnee Morgan December 22, 2004 HPR 108B.
CSCI 530L Steganography and Steganalysis. Administrative issues If you have not yet signed up for a Lab Section, do so now. Most lab sections are full.

CSCI 530L Steganography and Steganalysis. Administrative issues If you have not yet signed up for a Lab Section, do so now. Most lab sections are full.
Steganography Rayan Ghamri.

Steganography Rayan Ghamri.
One possible way to encode information in text is print it in two slightly different typefaces. The secret message is decoded by ignoring one of the typefaces.

One possible way to encode information in text is print it in two slightly different typefaces. The secret message is decoded by ignoring one of the typefaces.
Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #12 Computer Forensics Analysis/Validation and Recovering Graphic.

Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #12 Computer Forensics Analysis/Validation and Recovering Graphic.
Steganography By Robert Summitt and Jiten Patel. What is Steganography It is the art and science of writing a message in a way to where the only the recipient.

Steganography By Robert Summitt and Jiten Patel. What is Steganography It is the art and science of writing a message in a way to where the only the recipient.
Steganography Ryan Sacksteder. Overview What is Steganography? History Forms of Steganography Image Based Steganography Steganalysis Steganography’s Future.

Steganography Ryan Sacksteder. Overview What is Steganography? History Forms of Steganography Image Based Steganography Steganalysis Steganography’s Future.
STEGANOGRAPHY. C ONTENTS Defination Steganography History Steganalysis Steganography v/s Cryptography Steganography Under Various Media Steganographic.

STEGANOGRAPHY. C ONTENTS Defination Steganography History Steganalysis Steganography v/s Cryptography Steganography Under Various Media Steganographic.
CS 5888C5 8S A PRODUCTION JONATHAN ERDMANHEAD TROJAN MANN WARM PILL SNOTPORTMAN WILLS ETHNIC URCHINSERIC HUTCHINS STEPHEN LIANGA PENIS LENGTH.

CS 5888C5 8S A PRODUCTION JONATHAN ERDMANHEAD TROJAN MANN WARM PILL SNOTPORTMAN WILLS ETHNIC URCHINSERIC HUTCHINS STEPHEN LIANGA PENIS LENGTH.

Similar presentations

Ads by Google