Lecture 13 Steganalysis and Watermarking
Steganalysis
Definition: Process of detecting secret messages within steganographic methods.either by simply detecting the presence of a secret message or by extracting and potentially destroying it (Andriotis et al., 2013)
– Steganalysis is sometimes simply called attacks
– Similar concept to cryptanalysis for cryptology
Goal: to detect the existence of hidden communications (i.e., the existence of a secret message) and ideally but NOT necessarily extracting the secret message
Steganography defeat Techniques
Some ways to remove a payload (secret message)
when the steganography method used is not sophisticatedlike LSB (Least Significant Bit)
1.Compression,
2.image resizing,
3. color palette change,
4. luminescence change,
5. filtering,
6. Random noise insertion,
7. property modification.
Most steganographic methods leaves traces in the
stego media
– (a) Therefore, changing their statistical properties
– (b ) A lot of steganalysis techniques are based in the detection
of these statistical changes
– (c ) Steganography tools might also add particular traces or
patterns/signatures
Steganalysis detection Techniques
Detection: Statistical analysis to find anomalies e.g., entropy increase.
Statistical analysis [1]
– Uses statistical properties & filtering to look for statistical
anomalies according to a norm
– E.g., when a carrier contains a payload (e.g., added via LSB), the
randomness of the carrier bits changes, and the difference can
be detected
• This means that the entropy (randomness) usually gets higher
Steganalysis Tools/Algorithms:
When embedding secret information into a carrier/cover
media, usually:
Detect entropy increase, 2. decrease in color/DCT (Discrete Cosine Transform) coefficient frequency differences, 3. iNCREASE in similar adjacent colors.Steganalysis Challenges:
Challenges in detecting deviations from the norm in some statistical properties:
1. high number of False positives,
2. norm definition very complex,
3.It is possible, after the hiding process, to use additional
techniques to make the result closer to any norm (Making detection more difficult)
payload size dependency (smaller payloads are harder to detect)
very media dependency.
Steganalysis Classification
1. Anomaly-based: Histogram & statistical analysis, file property changes, visual/audible changes/distortions.
2. Signature-based: Patterns/traces/signatures consistent with the of specific tools used
Steganalysis Tools:
Steganalysis tools are able to identify different
steganography schemes
– E.g., LSB, Invisible Secrets, Camouflage, appendX, Fuse, StegoExpose, Stegodetect
Steganalysis meets Cryptanalysis:
Confidentiality of the secret message may be enforced when a stego key is used to protect it
– This aids in hiding the secret, but isn’t encreyption
• The secret message can be further protected with standard encryption of the raw payload prior to embedding
• Revealing the secret message may involve
– Brute force to get the password
– Cracking the stego key and bypass encryption
Watermarking
Definition: Protecting intellectual property via embedded marks in media files.
Used for ownership/authenticity proof, copyright protection, content authentication.
– The mark can be used to proof ownership or authenticity
– Crucial mechanism used for copyright protection and
content authentication
Watermarking Types:
Visible
Invisible
Watermarking Applications:
Source of leaked movie identification
Digital rights management (DRM)
Broadcast monitoring.
Watermarking Modules:
Watermarking is intended to be detectable under certain circumstances, either by humans or by algorithms (i.e., invisible to humans).
Watermarking Embedding module → Watermark detection & decoding modules.
Robustness a major requirement:
Classification of watermarking techniques according to the level of robustness offered
1. Robust: watermark is designed to resist host signal manipulations; usually employed in Intellectual Property Rights (IPR) protection applications
2. Fragile: Vulnerable to modification; easy to implement., used for authentication by user
3. Semi-fragile: designed to be Robust against selected manipulations.
Robustness Attacks:
Geometric attacks aim to destroy the synchronization between a watermark and a detector.” (destroy synchronization /Removal (eliminate watermark).
Removal attacks aim to eliminate the watermark without knowledge of the watermarking algorithm and key.”
Characteristics:
1. Watermark should cause minimal impact on the original media, i.e., minimal degradation
2. The watermark should be related to the original media, i.e., related to its ownership, its distribution, its use
Techniques:
Similar to techniques used in steganography, using
– Spatial domain: matrix of pixels of a media file
– Frequency domain: frequency spectrum/coefficients of a media file via some sort of transformation, e.g.,
• Discrete Fourier Transform (DFT)
• Discrete Cosine Transform (DCT)
• Wavelet Transform (WT)
Watermarking vs. Steganography
Similarities: Both classified under data hiding/multimedia forensics and use common techniques. They are distinct but related disciplines in the field of digital image processing
– Often classified under “data hiding” and “multimedia forensics”
– Steganography is also considered as an “anti-forensics” approach
– They use common techniques and may be subject to similar attacks
BUT there are Differences:
Watermarking vs Steganography – Comparison Table
Feature
Watermarking
Steganography
Detection
Intended to be detectable
Intended to be undetectable
Purpose
Protect intellectual property
Conceal information
Alteration
Minimal impact on the original image
Subtle changes to hide data
Visibility
Often visible
Hidden and imperceptible