Steganography
-
Upload
sugandha-arya -
Category
Documents
-
view
355 -
download
0
Transcript of Steganography
Steganography
The Art of Covert Communication
Presented by LADA
Luiz, Angel, Dimitar and Andrew
Steganography 2
Covert Communication
What Is Steganography?
Steganography - \Steg`a*nog"ra*phy\,
n. [Gr. steganos (covered or secret) + graphy (writing or drawing).] The art of writing in cipher, or in characters which are not intelligible except to persons who have the key; cryptography.
Steganography v Cryptography
Both have been used throughout recorded history as means to protect information
Cryptographic techniques "scramble" messages so if intercepted, the messages cannot be understood
Steganography, in an essence, "camouflages" a message to hide its existence and make it seem "invisible" thus concealing the fact that a message is being sent altogether
History of steganography
Herodotus mentions it for the first time in his history Demeratus wanted to notify Sparta that Xerxes
intended to invade Greece
Shave the head of the messenger and tattoo the text on it
History of steganography
Another common form of invisible writing is through the use of Invisible inks- Common sources for invisible inks are milk, vinegar,
fruit juices and urine
With improvements in technologies new methods had to be discovered
- Some messages had to be "developed" much as photographs are developed with a number of chemicals in processing labs.
History of Steganography
During WWII miniscule dots of invisible ink were added directly above the letters of seemingly innocuous text.
In the resent century POW are known to have used the dots in letters in such as i & j and t & f to convey Morse code messages
flat . I just fall flat onto this.-- . . - -- . - -- . - .--. -. .. --. …. –m ee t m e t o n i g h t
Micro dots Microdots are photographs
the size of a printed period having the clarity of standard-sized typewritten pages.
The first microdots were discovered masquerading as a period on a typed envelope carried by a German agent in 1941.
Null ciphers (unencrypted messages)
Fishing freshwater bends and saltwater coasts rewards anyone feeling stressed. Resourceful anglers usually find masterful leapers fun and admit swordfish rank overwhelming anyday.
Secret message: Send Lawyers, Guns, and Money
Hiding information in plain text We explore new steganographic and
cryptographic algorithms and techniques throughout the world to produce wide variety and security in the electronic web called the Internet.
Secret message: Explore the world wide web Recent examples
Barcode images
Steganography 10
Covert Communication
Where the Hidden Data Hides? Where Did It Came From? Where It Is Going?
DNA When Steganography Inspires Terror
Who is Using Stego? Keeping Your Business Secure
Steganography 11
Hiding the Goods with Stego
Overview of Steganography The Growth of Steganography – modern data
compression, info theory, spread spectrum and crypto are brought together to satisfy the need for privacy on the Internet
Steganography in Use – powerful tool for secret communication
Flaws of Steganography – Stego is not perfect Algorithms are known Message is not encrypted
Steganography 12
Hiding the Goods with Stego Cont’
Variations of Stego Trojan Horses – sneak viruses or other malicious code Covert Channels – subclass of Stego
Two parties signal to each other without anyone else knowing they are communicating. (Holland Windmills )
Easter Eggs – hybrid between Trojan horses and Stego Hardware Keys – used for Copyright protection
Steganography 13
Hiding the Goods with Stego Cont’
Security and Steganography Confidentiality – network security Survivability – hiding data in TCP/IP headers
On a local Network you can use TTL (Time To Live) field Across the Internet though, each router will decrement the
TTL with one No Detection – Stego must be hard to find. Visibility – make sure that people can’t see any
changes to the host file in which data is hidden.
Steganography 14
Hiding the Goods with Stego Cont’
Principles of Steganography Types of Steganography
File Type – hide data in least significant bits of each pixel of .bmp image
Method of Hiding Injection – after EOF of audio file Substitution – replaces the insignificant info with covert Generation – creates new overt file from the covert
Steganography 15
Digital Watermarking
What is Digital Watermarking? Types of Digital Watermarking
Invisible Watermarking Visible Watermarking
Digital Watermarking and Stego Uses of Digital Watermarking Removing Digital Watermarking
Steganography 16
Steganography 101
Types of Steganography: Original Classification Scheme (how data is hidden)
Insertion-Based Algorithmic-Based Grammar-Based
New Classification Scheme (how and where data is hidden) Insertion-Based Substitution-Based Generation-Based
Steganography 17
Steganography 101
Types of Steganography: Insertion-Based – information is added that
increases the file Substitution-Based – substitute data for information
already in the file (overwriting) Generation-Based – the covert file created from
previous methods is used to create the overt file.
Steganography 18
Steganography 101
Color Tables: Images are composed of dots called pixels Each pixel gets its own color by combining
percentages of red, green and blue (RGB) Each of these colors has value from 0 to 255
Zero designates that the color is present 255 designates complete saturation of that color
RGB color model has 16,777,216 possible colors Total of 255x255x255
Steganography 19
Steganography 101
Color Tables Cont’: Examples:
255 0 0 is red 0 255 0 is green 0 0 255 is blue 0 0 0 is black 255 255 255 is white
Steganography 20
Steganography 101
Color Tables Cont’: Color Tables are used by
several stego techniques to hide data
Entry R G B
0 24 104 155
1 41 100 65
2 24 120 179
3 33 83 49
4 82 132 90
Steganography 21
Steganography 101
Products Implementing Stego S-Tools – freeware for hiding data in GIF or .bmp image files
or .wav files Hide and Seek J-Steg EZ Stego Image Hide Digital Picture Envelope Camouflage Gif Shuffle Spam Mimic
Steganography 22
Stego Files Across a Network
Uses and Techniques of Network Stego Hiding in Network Traffic – making your connection emulate
the often-used port 80 traffic (HTTP), your message might pass without raising anyone’s suspicions
Stego Combined with Viruses – hide a virus in .txt using Stego, avoiding detection. Later the virus could pull its payload from .txt and infect the system
Tracking Internet Usage – URL embedding, Hidden fields, Cookies. Online stalking (Cyberstalking) is used to mimic your behavior, leading to identity theft.
Steganography 23
Stego Files Across a Network
Network Stego Techniques Hiding in an Attachment – file-based stego is used to hide the
covert message in a file and attach it to some other form of network traffic (FTP, Web site posting)
Hiding Data in an E-mail Attachment – send spam mail to thousands of people, only the intended recipient will look for it
Transmitting Hidden Data with FTP – hide the secret data in picture and post it on FTP
Posting Stego to a Web Site – pictures posted on your Web site containing covert files.
Steganography 24
Stego Files Across a Network
Hiding in a Transmission Using Invisible Secrets to Hide and Transmit Data Camera-Shy
Hiding Data in Network Headers Using IP and TCP Headers for Stego UDP and ICMP Headers Covert TCP
Hiding in an Overt Protocol
Steganography 25
Stego Files Across a NetworkUsing IP and TCP Headers for Stego
Using IP Headers for Stego Hide data here
IP identification number is used to track packets that have to be defragmented.
Any number can be used and the protocol will still function properly.
4-bit version
4-bit IP header length
8-bit TOS 16-bit Total length (in bytes)
16-bit IP identification number3-bit flags
13-bit fragment offset
8-bit time to live (TTL)
8-bit protocol 16-bit header checksum
32-bit source IP address
32-bit destination IP address
options (if any)
data
Steganography 26
Stego Files Across a NetworkUsing IP and TCP Headers for Stego
Using TCP Headers for Stego Hide data here
Seq.& Acknow. numbers are used to indicate how much data is send/received.
Data can be hidden only at initial handshake (first packet). After that those fields are critical for valid communication
16-bit source port number 16-bit destination port number
32-bit sequence number
32-bit acknowledgement number
32-bit source IP address
32-bit destination IP address
options (if any)
data
Steganography 27
Cracking Stego and Crypto
Who’s Cracking What? Cracking Analysis
Cryptanalysis Steganalysis
The Role of Detection Detecting Encryption Randomness and Compression Detection and Image Files
Steganography 28
Cracking Stego and Crypto
Cracking Crypto: General Attacks
COA – Ciphertext-Only Attack KPA – Known Plaintext Attack CTA – Chosen Plaintext Attack CCA – Chosen Ciphertext Attack
Specific Attacks Brute-Force Attack Replay Attack Man-in-the-Middle Attack Meet-in-the-middle Attack Birthday Attack
Steganography 29
Cracking Stego and Crypto
Cracking Stego: Specific Techniques
S-Tools V4.0 Hide and Seek J-Steg EZ Stego StegDetect
General Techniques for Detecting Stego
Steganography 30
Cracking Stego and Crypto
Cracking Stego S-Tools V4.0 files with 8-bit color: Naturally 8-bit color files have few duplicated colors. Files that have data hidden with S-Tools have many duplicating
colors
Program called sdetect examines the color table of .bmp images for near duplicates and reports a measurement of duplication:
C:\Data\forest.bmp
File Name: forest.bmp
Actual size: 66146 Reported: 66146
C:\Data\forest_h.bmp
File Name: forest_h.bmp
Actual size: 66146 Reported: 66146
Duplicate colors: 2 Duplicate colors: 1046
Steganography 31
Developing Secure Communication Strategy
Secure vs. Secret The Roles of Crypto and Stego in Business
Why You Need Both Stego and Crypto Complimentary Services, providing more robust result
Crypto and Stego in Business today How Crypto and Stego Make You More Secure Developing Strategy Common Problems with Secure Technologies
Training the users Protecting your keys and passwords How detectable are yours stego tools
Steganography at Large
The Internet: A Climate for Deceit
Corporate Espionage Who’s Playing?
Information Attacks (software piracy) System Attacks ( Hidden viruses in e-mail)
Steganography at Large:Corporate Espionage
Who’s Playing? Freelance – independent hacker who steals and sells to
highest bidder Outsourced – a company hires info broker to steal
information from competition State-sponsored – governments use intelligence to
discover secret projects at foreign companies and offer it to their own countries to give them competitive edge
Steganography at Large:Corporate Espionage
June 1998 More than $11.4 Billion has been lost due to piracy. Over 25% of all software applications are pirated in the
U.S. As high as 95% in Southeast Asia and Eastern Europe.
Steganography at Large:Corporate Espionage
February 1, 2003 The release of The SoftwareShield System New Software Licensing System Embeds Sensitive Data Inside Images
through the use of Steganography. The SoftwareShield System has the ability to hide encrypted license
data inside images SoftwareShield primarily helps software developers who choose to
deliver or license their products in electronic format by the internet - for the obvious cost benefit while maintaining security.
Steganography at Large:
Option of using encrypted data hidden in the corners of images to license and protect their applications.
Doing this enables developers with the power to create demo, trial, copy-protected, leased, pay-per-use and many other editions of their software with a minimum of effort and a solid level of security.
www.softwareshield.com
Future of Steganography
To ban technology that could be used in an inappropriate manner would mean that few technologies could ever be released.
The more we look for where messages could be hidden, the more one realizes that the possibilities are limitless.
The Future of Steganography
Improving the Techniques Improved Resistance to Analysis How much You Can Hide? Improved Attack Tools
New and Improved Ways to Use Stegonography Law Enforcement Corporate Uses Illegal Uses
Future Legal uses
Proof of ownership (better watermarking of digital media)
Protection of property: physical and intellectual. With advances in Steganography, it is possible
that it could be used as a secure transmission medium.
Future Illegal Uses
Criminal Communications Automatically extract a hidden message with
minimal user intervention. Circumventing network censors
Porn behind audio or video files which are undetectable to censors
Computer Warfare Steganographically embedded Viruses
Free Wallpaper E-mail or audio/video clips
Conclusion
Steganography may have limited legitimate uses, with the exception of watermarking due to the abundance of other techniques.
Location of some form of Steganography will need techniques other than statistical profiling in order to truly decipher steganography on the web.
On the other hand, hiding an object in plain sight could sometimes be the best option.
Steganography 42
Credits
Cole, Eric - Hiding In Plain Sight ; Wiley Publishing, Inc. 2003 ISBN: 0-471-44449-9