LECTURE 12 Steganography Notes

Steganography

• Definition: Art and science of hiding communication.

  • Greek words: Steganos = covered, Graphein = to write.

  • Steganography = covered (hidden) writing

    Art and science of communicating in a way which

    hides the existence of the communication from

    anyone apart from the sender and receiver

Classic Techniques

• Invisible ink.

• Null cipher.

• Grid overlay.

• Microdots. (Messages photographed and reduced to the size of a printed

  full-stop)

Modern Steganography

• Hides data in digital media (images, audio, video, etc.) without causing suspicion.

Terminology

• The transport medium – Is called CARRIER or COVER

• The secret message – Is called PAYLOAD

• Carrier + Payload – Is called STEGO COVER or

  STEGO MEDIUM or

  STEGO IMAGE or

  STEGO FILE

How good is a steganography technique

Determined by

• 1. Amount of data that can be stored inside the carrier without changing its noticeable properties, i.e., without changing

• 2. Robustness and undetectability

• Resistance to carriers’ normal processing methods

  • Ability to remain undetected apart from sender & receiver.

Types of Steganography

• It is about obfuscating communication taking place rather than the content of the communication itself

• But, it is possible to protect the content of the communication, i.e., the payload

  – In this case, sender and receiver have to share a (public)

  key called STEGO KEY

  (Payload can be protected with a stego key.)

Steganography Examples

(1) Exploiting JPEG EOF tag: Payload is included after the end-of-file tag. When the stego image is viewed using any photo editing application, it will just display the picture (i.e., JPEG carrier), ignoring anything that comes after the EOF tag

• – However, when the stego image is opened in Notepad, for example, the payload will be visible

  → Issue: Not resistant to stego image editing

• (2) Exploiting EXIF header: append the Payload in an image carrier’s EXIF, its metadata.

  EXIF (Extended File Information) is metadata generated by

  digital cameras, i.e., metadata about the image and its

  source located at the header of the image file

  – E.g., make & model of the camera that took the picture & time taken

• (3) Exploiting HTML tag: The comment HTML tag is not displayed in the browser

  – Providing a good opportunity to hide data and commands

Multimedia Domains

Images (and multimedia in general) can be coded in two main domains

• Spatial domain: Represented in a 2D matrix/ Direct pixel manipulation.

  • Easy to apply, limited compression.

  • Pros: 1. easy to apply spatial filtering and image enhancement

    – 2. Changes are visible

    – 3. Straightforward operations

    • Cons: 1. limited ability to compact/compress image

    • File formats that use this approach – e.g., BMP, PNG, WAV

• Frequency domain: Image data is transformed into frequency components

  – Achieved through mathematical transformations,

  • Efficient compression, complex.

  • Pros: 1. powerful for analysis of image’s frequency content

    – 2. Enabling efficient image compression

    – 3. Enabling noise reduction

    – 4. Allows global understanding of an image

    • Cons: 1. dealing with frequencies is harder from a technical

    point-of-view

    • File formats that use this approach – all compressed – e.g., JPEG, MP4, MPEG

Steganography Techniques

Least Significant Bit (LSB)

• Exploits subtle color intensity differences. (Our eyes do not recognize subtle differences)

• the LSB steganography method exploits that fact to encapsulate a payload into an image carrier. Can hide a lot/ multiple bits per pixel.

• Works best with Natural images with lot of variation in colours

• Limitations: LSB relies on every single bit of information in the stego

  image being preserved

  – (a)If the image is converted to a format that uses the

  frequency domain (such as JPEG), the payload is lost

  – (b)Even simple image changes such as smoothing, colour palette optimisations, and contrast adjustments cause loss of the payload

  >> Therefore, LSB lacks robustness!

Audio Steganography

• It is possible to apply the LSB method to audio carriers since the bit modifications will usually do not create auditable changes to the original sounds

• Take advantage of human weakness to hear sounds at Inaudible frequencies. i.e., any frequency > 20.000 Hz

Video Steganography

• uses LSB-based methods.

Detection & Digital Forensics

• 1. Traces of steganography software.

• 2. Location of pairs of Carrier/stego file ie analysis (size, timestamp, etc.).

• 3. Keyword search,

• 4. suspect background- e.g., skills, profession, hobby

• 5. Detection of Stego keys

Advances / Conclusion

• Modern steganography uses transformed domains (e.g., DCT)- Frequency coefficients are ‘manipulated’ to embed the hidden information

• LSB is a common steganography technique.