Presentation is loading. Please wait.

Presentation is loading. Please wait.

An Introduction to Steganography

Published byJevon Wardlow Modified over 9 years ago

Similar presentations

Presentation on theme: "An Introduction to Steganography"— Presentation transcript:

1 An Introduction to Steganography
Chao-Hsien Chu, Ph.D. College of Information Sciences and Technology The Pennsylvania State University University Park, PA 16802 Theory Practice Learning by Doing

2 Thanks! This presentation was adapted from the slides created by Professor Gary C. Kessler of Champlain College.

3 Overview Different Ways of Hiding Data The role of steganography
Null ciphers and grammar-based stego Color and sound encoding LSB substitution Examples with GIF, JPEG, and WAV

4 Ways of Hiding Data Deleted and recovered
Change file extension – File signatures Hide data in file property (Drive slack). Data carving / salvaging Layered graphic files Hiding data in executable Files Cryptography Steganography Differences ?

5 Hiding Data in Executable Files - Hydan
Hides data in a Windows or Linux binary file. Takes advantage of redundancies in i386 assembler. E.g., A + B vs. A - (-B) Can hide one byte in ~110 instruction bytes Maintains size of carrier file

6 Problem Scenario Alice and Bob are in male/female prisons and want to communicate to make an escape plan. Willie warden would let them communicate but would monitor the communication. A solution needs to be found out such that the communication would seem to be innocent to person who is not aware that “something lies beneath it”.

7 Steganography Covered writing
Embedding information in given media without making any visible changes to it. Poor cousin of cryptography till recently. stego_medium = cover_medium + hidden_data + stego_key

8 Steganography Uses in History
Dates back several millennium: Wax tablets Messages tattooed on scalps. Dots on top of ‘i’ and ‘j’ Deliberate misspellings or Error Microdots, invisible ink, microfilm. Could hide an image under another image in a PPT file or text in same color as background Digital steganography can hide information in image, video, or audio files -- or just about any binary file. Primary legitimate use is "digital watermarking"

9 Modern Day Applications
Avoid third party snooping Security reinforcement layer to cryptography Hiding copyright info: digital watermarks and fingerprinting (growing due to web piracy) Data encapsulation : data and still images

10 Digital Watermarking Digital watermarking is a subset of stego:
Used to protect ownership of intellectual property Characteristics: Usually involves a small amount of repetitive data Watermark not necessarily hidden Watermark can be removed without disrupting integrity of original file

11 The Process of Steganoggraphy
Carrier + Steganography medium Hidden Message = + Steganography key

12 Stego Inverse Function fE-1
Steganographic Model Stego Key (K) Stego Key (K) Stego Function fE Stego Inverse Function fE-1 Cover C Embedded (E) Embedded (E) Stego S Sender Recipient The Stegosystem

13 Stego-system Criteria
Cover data should not be significantly modified i.e. perceptible to human perception system. The embedded data should be directly encoded in the cover & not in wrapper or header. Embedded data should be immune to modifications to cover. Distortion cannot be eliminated so error-correcting codes need to be included whenever required.

14 Classification of Steganography Techniques

15 Classification of Steganography Techniques

16 Steganography Methods and Tools
LSB Encoding » S-Tools Grammar selection » spammimic, hydan Covert Channels » Covert TCP Data Appending » Camouflage Color Palette Modification (8-bit) » E.g., S-Tools, Gif-It-Up Format Modification » Invisible Secrets Encoding Algorithm Modification » J-Steg, JP Hide-&-Seek, MP3 Steno

17 8-bit vs. 24-bit Color 24-bit color is True Color
1 pixel requires three bytes, each representing level of red/green/blue (RGB) color. Color of this line is denoted 0xbf-1d-98 [i.e., Red=191 (0xbf), Green=29 (0x1d), Blue=152 (0x98)] 16,777,216 (224) possible colors/image 8-bit color is alsoTrue Color, but... Image contains a palette with up to 256 (28) unique colors, each of which is denoted by a 24-bit RGB value Each pixel requires 1 byte to point to palette entry

18 Encoding Voice Pulse Code Modulation
Human ear detects 20-20,000 Hz; sampling rate is twice highest frequency Voice uses 28 quantization levels; music uses 216 levels Voice samples 8 kHz, music up to 44.1 kHz

19 LSB Substitution LSB substitution overwrites the least significant bit of target bytes Example: Hide "G" ( ) in 3 pixels Original data Stego data Note that only 50% of the stego bits actually change!

20 Example of Null Ciphers
Null cipher hides message in the text of another message. E.g., messages sent by Germans during WW I PRESIDENT'S EMBARGO RULING SHOULD HAVE IMMEDIATE NOTICE. GRAVE SITUATION AFFECTING INTERNATIONAL LAW. STATEMENT FORESHADOWS RUIN OF MANY NEUTRALS. YELLOW JOURNALS UNIFYING NATIONAL EXCITEMENT IMMENSELY. APPARENTLY NEUTRAL'S PROTEST IS THOROUGHLY DISCOUNTED AND IGNORED. ISMAN HARD HIT. BLOCKADE ISSUE AFFECTS PRETEXT FOR EMBARGO ON BYPRODUCTS, EJECTING SUETS AND VEGETABLE OILS.

21 Answer of Null Ciphers PRESIDENT'S EMBARGO RULING SHOULD HAVE IMMEDIATE NOTICE. GRAVESITUATION AFFECTING INTERNATIONAL LAW. STATEMENT FORESHADOWS RUIN OF MANY NEUTRALS. YELLOW JOURNALS UNIFYING NATIONAL EXCITEMENT IMMENSELY. APPARENTLY NEUTRAL'S PROTEST IS THOROUGHLY DISCOUNTED AND IGNORED. ISMAN HARD HIT. BLOCKADE ISSUE AFFECTS PRETEXT FOR EMBARGO ON BYPRODUCTS, EJECTING SUETS AND VEGTABLE OILS PERSHING SAILS FROM N.Y. JUNE 1

22 Spam as a Stego Medium Dear Friend , This letter was specially selected to be sent to you ! We will comply with all removal requests ! This mail is being sent in compliance with Senate bill 1621 ; Title 5 ; Section 303 ! Do NOT confuse us with Internet scam artists . Why work for somebody else when you can become rich within 38 days ! Have you ever noticed the baby boomers are more demanding than their parents & more people than ever are surfing the web ! Well, now is your chance to capitalize on this ! WE will help YOU sell more & SELL MORE . You can begin at absolutely no cost to you ! But don't believe us ! Ms Anderson who resides in Missouri tried us and says "My only problem now is where to park all my cars" . This offer is 100% legal . You will blame yourself forever if you don't order now ! Sign up a friend and your friend will be rich too . Cheers ! Dear Salaryman , Especially for you -this amazing news . If you are not interested in our publications and wish to be removed from our lists, simply do NOT respond and ignore this mail ! This mail is being sent in compliance with Senate bill 2116 , Title 3 ; Section 306 ! This is a ligitimate business proposal ! Why work for somebody else when you can become rich within 68 months ! Have you ever noticed more people than ever are surfing the web and nobody is getting any younger ! Well, now is your chance to capitalize on this . We will help you decrease perceived waiting time by 180% and SELL MORE . The best thing about our system is that it is absolutely risk free for you ! But don't believe us ! Mrs Ames of Alabama tried us and says "My only problem now is where to park all my cars" . We are licensed to operate in all states ! You will blame yourself forever if you don't order now ! Sign up a friend and you'll get a discount of 20% ! Thanks ! Dear Salaryman , Your address has been submitted to us indicating your interest in our briefing ! If you no longer wish to receive our publications simply reply with a Subject: of "REMOVE" and you will immediately be removed from our mailing list . This mail is being sent in compliance with Senate bill 1618 , Title 6 , Section THIS IS NOT A GET RICH SCHEME . Why work for somebody else when you can become rich within 17 DAYS ! Have you ever noticed more people than ever are surfing the web and more people than ever are surfing the web ! Well, now is your chance to capitalize on this ! WE will help YOU turn your business into an E-BUSINESS and deliver goods right to the customer's doorstep ! You are guaranteed to succeed because we take all the risk ! But don't believe us . Ms Simpson of Wyoming tried us and says "Now I'm rich, Rich, RICH" ! We assure you that we operate within all applicable laws . We implore you -act now ! Sign up a friend and you'll get a discount of 50% . Thank-you for your serious consideration of our offer .

23 Spam Mimic Meet at Main and Willard at 8:30
*

24 Masking and Filtering Hide information by marking an image in a manner similar to paper watermarks. Watermarking techniques integrate a data in image Faint but perceptible signal is covered by another one that makes the first non-perceptible to human eye. No destruction of data with image compression. Used widely for digital watermarking and fingerprinting. Used for hiding a image within another.

25 Masking and Filtering Cover pixel : 01011100
Secret image pixel: Resultant pixel: (3+5) The contribution of each pixel can be varied to achieve desired effect.

26 Sending a Steganographic Message

27 = + TOP SECRET Example: Copyright Fabian A.P. Petitcolas,
Computer Laboratory, University of Cambridge

28 Sacrificing 2 bits of cover to carry 2 bits of secret image
Original Image Extracted Image

29 Sacrificing 5 bits of cover to carry 5 bits of secret image
Original Image Extracted Image

30 Where Stego Works Best Steganography works best in cover files with high energy: Bright colors High volume

31 Sample Stego Tools There are over 300 free and commercial stego tools:
Primary carrier files are image and audio formats Any type of binary file can be hidden Examples S-Tools: Designed for lossless compression; hides information inside BMP,GIF, or WAV files using LSB overwriting (password used for LSB randomization and encryption) Gif-It-Up: Designed for lossless compression; hides information inside GIF files using LSB overwriting JP Hide-&-Seek: Designed for lossy compression; hides information inside JPEG files using LSB overwriting of DCT coefficients Camouflage: Append hidden file to carrier file

32 Examples Hide map in: GIF file (Gif-It-Up) JPEG file (JP Hide-&-Seek)
WAV file (S-Tools) JPEG file (Camouflage)

33 Steganography Tools S-Tools: Gif-It-Up: JP Hide-&-Seek: Stegdetect:
Gif , BMP, WAV files LSB Substitution Encryption – DES, IDEA Password Gif-It-Up: Gif files LSB Substitution Encryption JP Hide-&-Seek: JPEG files LSB Overwriting Blowfish Crypto Stegdetect: JPEG files Camouflage: JPEG files

34 Example 1 -GIF File (Gif-It-Up)

35 Example 1 -GIF File Properties

36 Example 1 - GIF File Palettes

37 Example 2 - JPEG File (JPHS)

38 Example 2 - JPEG File Properties

39 Example 3 -WAV File (S-Tools)

40 Example 3 -WAV Spectrum Analysis

41 Example 4 - JPEG File (Camouflage)

42 Example 4 - Binary Analysis

43 Combating Stego WetStone Technologies' (Commercial):
Gargoyle (née StegoDetect): Finds remnants of stego (or other malware) software Stego Suite (Stego Analyst, Stego Break, Stego Watch): Applies statistical methods on suspect files to determine probability that stego was employed, a guess as to the algorithm employed, and attempts to break the password Neils Provo (Outguess.org): stegdetect: Detects stego in JPEG images using several algorithms

44

45

46 stegdetect

47 Stego Watch Session setup for examining files on a local drive

48 Stego Watch: Display after examining files on local drive

49 Stego Watch - File details

50

51 Additional References
Arnold, Schmucker, & Wolthusen, Techniques and Applications of Digital Watermarking and Content Protection, Artech House Publishers, July 2003. Johnson, Duric, & Jajodia, Information Hiding: Steganography and Watermarking -Attacks and Countermeasures, Springer, July 11, 2006. Wayner, Disappearing Cryptography, 2/e, Morgan Kaufmann, April 2002. Neil Johnson, Steganography & Digital Watermarking page ( GCK, stego links ( securityurl.html#crypto) Stego Archive (

Download ppt "An Introduction to Steganography"

Similar presentations

Copyright 2003, Marchany Hiding Text in MP3 Files Randy Marchany VA Tech Computing Center Blacksburg, VA 24060.

Copyright 2003, Marchany Hiding Text in MP3 Files Randy Marchany VA Tech Computing Center Blacksburg, VA
Steganography University of Palestine Eng. Wisam Zaqoot April 2011 ITSS 4201 Internet Insurance and Information Hiding.

Steganography University of Palestine Eng. Wisam Zaqoot April 2011 ITSS 4201 Internet Insurance and Information Hiding.
Steganograp hy By : Uday Deep Singh (IT-2 / 7 th Sem) “The Art Of Hiding Content In Images” 1.

Steganograp hy By : Uday Deep Singh (IT-2 / 7 th Sem) “The Art Of Hiding Content In Images” 1.
F5 A Steganographic Algorithm

F5 A Steganographic Algorithm
Computers Talk Binary. nd/Binary_Conversion/Binary_to_Text.asp Send me a polite or write me a polite coded.

Computers Talk Binary. nd/Binary_Conversion/Binary_to_Text.asp Send me a polite or write me a polite coded.
Introduction to Watermarking Anna Ukovich Image Processing Laboratory (IPL)

Introduction to Watermarking Anna Ukovich Image Processing Laboratory (IPL)
Information Hiding: Watermarking and Steganography

Information Hiding: Watermarking and Steganography
An Introduction Steganography with A Case Study of Steganalysis

An Introduction Steganography with A Case Study of Steganalysis
Khan, Mohammed Minhajuddin

Khan, Mohammed Minhajuddin
1 Adnan Gutub Computer Engineering King Fahd University of Petroleum & Minerals Saudi Arabia A Novel Arabic Text Steganography Method Using Letter Points.

1 Adnan Gutub Computer Engineering King Fahd University of Petroleum & Minerals Saudi Arabia A Novel Arabic Text Steganography Method Using Letter Points.
Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Validation and Recovering Graphic Files and Steganography September 19, 2014.

Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Validation and Recovering Graphic Files and Steganography September 19, 2014.
“The Art of Hiding Data”

“The Art of Hiding Data”
Security 3 Distributed Systems Lecture # 16. Overview Steganography Digital Watermarking.

Security 3 Distributed Systems Lecture # 16. Overview Steganography Digital Watermarking.
-Archana Sapkota -Deepti Reddy Steganography 1 CS691 Summer 2009.

-Archana Sapkota -Deepti Reddy Steganography 1 CS691 Summer 2009.
Overview of Digital Stenography

Overview of Digital Stenography
Cryptography (continued). Enabling Alice and Bob to Communicate Securely m m m Alice Eve Bob m.

Cryptography (continued). Enabling Alice and Bob to Communicate Securely m m m Alice Eve Bob m.
Survey on Information Assurance TEL 581 Presented by Viswesh Prabhu Subramanian Gregory Michel Lincoln Jean Louis Steganography.

Survey on Information Assurance TEL 581 Presented by Viswesh Prabhu Subramanian Gregory Michel Lincoln Jean Louis Steganography.
Digital Watermarking. Introduction Relation to Cryptography –Cryptography is Reversibility (no evidence) Established –Watermarking (1990s) Non-reversible.

Digital Watermarking. Introduction Relation to Cryptography –Cryptography is Reversibility (no evidence) Established –Watermarking (1990s) Non-reversible.
Steganography Detection Brittnee Morgan December 22, 2004 HPR 108B.

Steganography Detection Brittnee Morgan December 22, 2004 HPR 108B.
Steganography Rayan Ghamri.

Steganography Rayan Ghamri.

Similar presentations

Ads by Google