CSE 3482Introduction to Computer Security
Instructor: N. Vlajic, Winter 2017
http://www.marw0rm.com/steganography-what-your-eyes-dont-see/
Learning Objectives
Upon completion of this material, you should be able to:
• Identify various motivations and implementation approaches to information hiding.
• Describe the basic concepts and uses of digitalsteganography.
• Explain the key principles pertaining to four common types of digital steganography: plaintext, image,audio and datagram.
• Enlist the common uses of digital watermarking.
• Explain the difference between digital watermarkingand digital fingerprinting.
Introduction
• WHO Protects Information in Digital Age & WHY? companies: to protect trade secret & intellectual property
governments: to protect classified information
individuals: to hide sensitive information from others or from authorities
Introduction (cont.)
• Information Protection in Digital Age – techniques of digital information protection can be grouped in twomajor categories:
Information Encryption the presence of information is ‘obvious’, but the content is
‘scrambled’ using a crypto-key, so it becomes meaningless
no matter how ‘unbreakable’, encrypted message will arosesuspicion
Information Hiding the goal is not just to prevent others from accessing hidden
information, but to make others unaware of the very existenceof the hidden information
Introduction (cont.)
Example: Encryption vs. Information Hiding
Introduction (cont.)
• Information Protection in Digital Age
Information Protection
Steganography Watermarking Fingerprinting
Information Hiding(data not visible)
Encryption(data visible but encrypted)
Introduction (cont.)
• Techniques of Information Hiding Steganography steganography – Greek word for “concealed writing”
art and science of hiding information in some cover mediafor the purpose of protecting information confidentiality
digital steganography – cover media: image, text, audio, video
Watermarking also aims to make information invisible, but for the purpose
of protection of intellectual property
Fingerprinting embedding user-unique marking to different copies of content
for the purpose of tracking of intellectual property
Introduction (cont.)
Example: Watermarking vs. Digital Fingerprinting
http://itslab.inf.kyushu-u.ac.jp/research/fingerprint.html
http://www.cse.unt.edu/~smohanty/Publications_Others/Mohanty_Masters_Thesis_Spring1999.html
Information Hiding:Steganography
Classical Steganography
• History of Steganography – the need to protectinformation from unsolicited access, by making itobscure, precedes our digital age
in ancient Greece, a message would be tattooed on theshaved head of a messenger; the hair would be grown over
in era of printed press, different typefaces were used to‘encode’ a message
in WW2, the French resistance used invisible ink (e.g., wax)to write messages on the back of regular currier
ahzemllyo
Digital Steganography
• Digital Steganography process of hiding information in digital multimedia files
and in network packets
elements of digital steganography system include cover media (C ) that will hold the hidden data
secret message (M) - may be plain text or any other type of data
stego function (Fe) and its inverse (Fe-1)
an optional stego-key (K) or password to hide and unhide the message
stego object (S) = cover media + secret message
receiver
Digital Steganography (cont.)
Example: Steganography of ‘Image inside an Image’
sender
Digital Steganography (cont.)
• What Makes Steganography Work? digital steganography takes advantage of
1) space redundancy in cover media2) data redundancy in cover media in combination with
inherent weaknesses of human perception
e.g., in computer/text file steganography, information canbe hidden in unused areas of the file/text
e.g., in image steganography, information can be embeddedin the Least Significant Bits (LSBs) of an image (introduced change is insignificant for human eye)
e.g., in audio steganography, information can be embeddedin high frequencies of audio spectrum (human ear is insensitiveto slight variations in high audio frequencies)
Digital Steganography (cont.)
Plaintext Still Imagery
Digital Steganography
• Techniques of Digital SteganographyBased on Type of Cover Media
Audio and Video
Datagram
most popular
Plaintext Steganography
1.1) Plaintext Steganography:Use of Selected Characters in Cover Media sender sends a
1) text message = stego object2) a series of integer number = key
secret message is hidden within the respective positions of subsequent words in cover media
The weather is sunny and wonderful. They have gone running at the beach.2 2 1 1 2 2 1 1 4 1 0 0 2He is not here.
Example: Plaintext Steganography with Selected Characters
Plaintext Steganography (cont.)
1.2) Plaintext Steganography:Line Shifting or Word Shifting in Cover Media e.g., lines are shifted down by a small fraction shift present = 1, shift not present = 0
e.g., words are shifted right by a small fraction shift present = 1, shift not present = 0
encoded bits are extracted and compared againsta predefined Codebook
Example: Plaintext Steganography with Line ShiftingIF you can keep your head when all about youAre losing theirs and blaming it on you,
If you can trust yourself when all men doubt you,But make allowance for their doubting too;If you can wait and not be tired by waiting,Or being lied about, don't deal in lies,Or being hated, don't give way to hating,And yet don't look too good, nor talk too wise:
If you can dream - and not make dreams your master;If you can think - and not make thoughts your aim;If you can meet with Triumph and Disaster
And treat those two impostors just the same;If you can bear to hear the truth you've spokenTwisted by knaves to make a trap for fools,Or watch the things you gave your life to, broken,And stoop and build 'em up with worn-out tools:
If you can make one heap of all your winningsAnd risk it on one turn of pitch-and-toss,And lose, and start again at your beginningsAnd never breathe a word about your loss;If you can force your heart and nerve and sinew
To serve your turn long after they are gone,And so hold on when there is nothing in youExcept the Will which says to them: 'Hold on!‘
If you can talk with crowds and keep your virtue,
Or walk with Kings - nor lose the common touch,If neither foes nor loving friends can hurt you,If all men count with you, but none too much;If you can fill the unforgiving minuteWith sixty seconds' worth of distance run,Yours is the Earth and everything that's in it,And - which is more - you'll be a Man, my son!
Plaintext Steganography (cont.)
Codebook:00000 – a00001 – b00010 – c00011 – d00100 – e00101 – f00111 – g01000 – h01001 – i01011 – j01111 – k10000 – l10001 – m
10010 – n10011 – o10100 – p10101 – q10110 – r10111 – s11000 – t11001 – u11010 – v11011 – w11100 – x11101 – y11110 – z
0100000100100001000010011
hello
Image Steganography
Image Steganography
Example: Digitized Image any image can be digitized – i.e., represented by a discrete
set of same-color points / display elements
How can we improve the quality of digital images?
By decreasing the sizeof display elements
(increase resolution).
Image Steganography (cont.)
• Digital Image –a 2D (NxM) array/grid of m-bit pixels
• Pixel – fundamental same-color display elementin a digital image
each pixel is made up of one or more bits monochrome image: pixel = 1 bit =>
(black/white) grayscale image: pixel = 8 bits =>
256 shades of gray RGB image: pixel = 24 bits =>
8 bits for each – red, green, blue => 16777216 different color shades
Image Steganography (cont.)
Example: Pixels in Grayscale Image
Image Steganography (cont.)
Example: RGB Image
http://www.freeonlinephotoeditor.com/
Image Steganography (cont.)
Example: Image Size
What is the size (in kbytes and KBytes) of a grayscale imagecomprising 200x300 pixels?
200 x 300 x 8 = 480000 bits= 60000 bytes= 60 kbytes= 58.59 KBytes
kbyte = 103 bytes = 1000 bytesKByte = 210 bytes = 1024 bytes
http://jan.ucc.nau.edu/lrm22/pixels2bytes/calculator.htm
Image Steganography (cont.)
• Bits in a Pixel – relative importanceof different pixels is different LSB – least significant bit – last bit MSB – most significant bit – 1st bit
10100011
LSB carries the least information – it changesmost rapidly
MSB carries the most information – it changesleast rapidly
Image Steganography (cont.)
Example: LSB(s) and Human Eye
R = 10010 = 01100100 G = 15010 = 10010110B = 20010 = 11001000
R = 10210 = 01100110 G = 15210 = 10011000B = 20210 = 11001010
R = 13010 = 01111000 G = 15010 = 10010110B = 23010 = 11100110
http://jumk.de/color-calculator/
2.1) Image Steganography:Use of Least Significant Bit (LSB) easiest and surprisingly effective way of hiding
information in an image LSB(s) of each pixel is/are used to hide the most
significant bits of another image algorithm:
(1) load up host image and image to hide(2) choose the number of bits you whish to hide
the secret image in=> better quality of hidden image => more distortion in cover image
(3) to get original image back, pick out the LSBsaccording to the number used in (2)
Image Steganography (cont.)
more bits used
http://cgi.csc.liv.ac.uk/~leszek/COMP526/week4/comp526-3.pdf
Image Steganography (cont.)
Example: Embedding Process using only one LSB
Image Steganography (cont.)
Example: ’Image in Image’ with LSBNumber of LSB used = 4
Encoding:
Decoding:
Cover Secret Stego Image Recovered Image
Image Steganography (cont.)
Number of LSB used = 1
Cover Secret Stego Image Recovered Image
fewer LSB bits used => ‘hiding’ capacity low –better stego-image worse recovered image
Example: ’Image in Image’ with LSB
Image Steganography (cont.)
Number of LSB used = 7
Cover Secret Stego Image Recovered Image
more LSB bits used => ‘hiding’ capacity high –worse stego-image better recovered-image
Example: ’Image in Image’ with LSB
Image Steganography (cont.)
• Pattern of LSB Embedding – secret bits can beembedded in LSBs of cover image in two ways: sequentially simple embedding & extraction of secret bits statistics of cover image abruptly changed - easy to detect
randomly the key to generate pseudorandom numbers must be sent secret bits scattered throughout cover image - hard to detect
Image Steganography (cont.)
What is a better place to hide secret bits:- same-color background- part of image with lots of detail ???