VIEWS: 31 PAGES: 4 POSTED ON: 2/17/2011
STEGANOGRAPHY AND STEGANALYSIS Tayana Morkel Information and Computer Security Architecture (ICSA) Research Group Department of Computer Science University of Pretoria E-mail: firstname.lastname@example.org Can you see the difference? Since the rise of the Internet one of the most important factors of information technology and communication has been the security of information. From early times encryption was developed as a technique for securing the secrecy of communications. Many different methods have been developed to encrypt and decrypt data in order to keep the message secret. But lately it may not be enough to keep the contents of a message secret, it may also be necessary to keep the existence of the message secret. The technique used to implement this is called steganography. Steganography is not a new technology. It has been in use since ancient Greek times  and was extensively used in World War I and II . Since then the technology has evolved, but the idea has remained the same, the only difference being that today steganography is mostly used on computers with digital data being the carriers. Any form of electronic media such as audio files, image files, and even program files can be used as a carrier file for hidden information. Images are the most popular carrier file for steganography because of the abundance of images available on the Internet. Another reason is the fact that the way images are stored creates a great amount of redundant space which is the ideal place to hide information. Hiding information is done through a variety of algorithms that embed information, mainly on bit-level. Secret Steganography message encode Sender’s end Communication channel Secret Steganography message decode Receiver’s end Steganography is different from cryptography. Where cryptography focuses on keeping the contents of a message secret, steganography focuses on keeping the fact that a message exists secret. Steganography and cryptography are both excellent ways to protect information from unwanted parties but neither technology alone is perfect and can be broken. The strength of steganography is thus amplified by combining it with cryptography. First the secret message is encrypted and then it is embedded into other information. Research in steganography has mainly been driven by the lack of strength in cryptographic systems. Many governments have created laws to either limit the strength of a cryptographic system or to prohibit it altogether . Steganography can be used as an alternative to hide important information inside another file so that only the intended parties know that a message even exists. When someone must send a highly sensitive document over the Internet, steganography can be used to embed this document into another cover medium. Unfortunately with the good also comes the bad. Because steganography is a technology that enables users to hide messages from unintended recipients, it can also be used by criminals to hide messages from authorities. For example, steganography can have an bad influence on the practice of corporate espionage, where employees can embed sensitive information in a seemingly harmless document and smuggle it out of the company. There is also a possibility that criminals can use public domain websites, for example public auction sites, to communicate through hidden messages. None of these have been provenly used, but the fact that these possibilities exist makes it necessary to research the methods of detecting steganography. This method is called steganalysis. Where steganography focuses on ways to hide information, steganalysis is the technology used to detect hidden information. Steganographic algorithms sometimes leaves a signature in the file that is encoded. With this knowledge some secret messages can be extracted. For example: A digital image consists of a grid-type structure of pixels. Each pixel in turn consists of a series of bits to define what the color of that pixel should be. If one where to change the least significant bit (LSB) of a pixel the human visual system would not be able to detect the change. Many steganographic algorithms use this technique. The image on the left does not have any information embedded in it, while the image on the right uses the least significant bit methods to encode secret information. As one can see there is no visual difference between the two. When putting both images through a program that enhances the least significant bits of the image, the results are as follows: The effect that the changes in the least significant bit has on the image can clearly be seen when looking at the embedded image. When one now knows that steganography has been used on this image, one can take further steps to extract the information. List of references  Johnson, N.F., Steganography, http://www.jjtc.com  Krenn, R., Steganography and Steganalysis, http://www.krenn.nl/univ/cry/steg  Dunbar, B., Steganographic techniques and their use in an Open-Systems environment, SANS Institute 2002  Chandramouli, R., A mathematical approach to steganalysis, Proceedings of SPIE security and watermarking of multimedia contents IV, January 2002  Kessler, G. C., An Overview of Steganography for the Computer Forensics Examiner, Forensic Science Communications Volume 6 Number 3, July 2004  Silman, J., Steganography and Steganalysis: An Overview, SANS Institute 2001
"STEGANOGRAPHY AND STEGANALYSIS"