Steganography

ABSTRACT


Steganography, literally meaning “secret writing”, involves hiding a data file in another innocuous-looking file. From the time of Herodotus in Greece, to the defense mechanisms of today, steganography has been used to deny one’s adversaries the knowledge of message traffic.

Steganography is the art and science of writing hidden messages in such a way that no one apart from the intended recipient knows of the existence of the message; this is in contrast to cryptography, where the existence of the message is clear, but the meaning is obscured. hence, it is said to be the advanced cryptography.

The advantage of steganography is that it can be used to secretly transmit messages without the fact of the transmission being discovered. Using encryption can identify the sender and the receiver. Thus, steganography has a double layer of protection: first, the file itself is hidden and second, the data in it is encrypted. A person, group, or company can have a web page containing secret information meant for another.

In this paper, a detailed analysis of steganography is made. The history of steganography is briefly dealt with. How steganography works is examined, keeping in mind Bender’s specifications. Data hiding is implemented in two different media; audio and image files. Each offers challenges and solutions to these challenges are analyzed. The main characteristics of steganographic software are discussed, together with the various forms of steganographic methods. Steganalysis, the science of detecting steganography is touched upon. The weaknesses of steganography are also described, together with measures for improvement. The paper concludes by taking a look at the potential of steganography and the changes it can bring about as the future of network security.




WHAT IS STEGANOGRAPHY?
The word Steganography comes from the Greek name “stegnos” (hidden or secret) and “graphy” (writing or drawing) and literally means hidden writing. Steganography uses techniques to communicate information in a way that is hidden.
Steganography is the dark cousin of cryptography, the use of codes. While cryptography provides privacy, steganography is intended to provide secrecy. Privacy is what you need when you use your credit card on the Internet -- you don't want your number revealed to the public. For this, you use cryptography, and send a coded pile of gibberish that only the web site can decipher. Though your code may be unbreakable, any hacker can look and see you've sent a message. For true secrecy, you don't want anyone to know you're sending a message at all. For this, you use Steganography.
The most common use of Steganography is hiding information, image or sound within the information of another file by using a stegokey such as password is additional information to further conceal a message.

STEGANOGRAPHY AND CRYPTOGRAPHY:
Cryptography provides confidentiality of the message but not secrecy. In other words, the encoded message can be seen but cannot be understood. The message has a “key”, which is the only way it can be decrypted. If the message is being passed through human spies, the chances of the key falling into enemy hands is very high once suspicion has been aroused.
However, with steganography, since the message is hidden, we cannot know that a secret message even exists. The container file holds the secret message. Everyone can and will see the container file, but no one can make out that a message is hidden beneath it. If the message is passed either through human spies or through digital means, the code cannot be found without a passphrase, which only the sender and receiver have. Steganography can augment cryptography by obscuring communication and preventing the enemy from knowing a communication is being sent. Steganography should not be considered as a replacement for cryptography. The two mutually complement and complete each other.

HISTORY OF STEGANOGRAPHY:
Steganography has a long and colourful history. The idea behind steganography is pretty ancient, but it has been given a new lease of life with the advent of computers. Steganography has been widely used in historical times, especially before cryptographic systems were developed. Examples of historical usage include:
Hidden messages in wax tablets, on messenger's body: also in ancient Greece. Herodotus tells the story of a message tattooed on a slave's shaved head, hidden by the growth of his hair, and exposed by shaving his head again. Hidden messages on paper written in secret inks under other messages or on the blank parts of other messages. Later, steganography was used in various forms, until as recently as World War II. The Germans invented the “microdot”, which was a photograph the size of a dot, but with the clarity of fully type-written text. It could hold a large amount of information.
Other private codes used invisible ink. This would dry up after the message was written and would not be visible until it was exposed to heat. With the Computer age, steganography has been given a marvelous boost. Old methods like hiding data in images have been digitized and modernized through the computer.


¨ Protection Against Detection:
Most of steganography is used in protection against detection. This can be done by hiding info in user data or volatile data. The latter model is called data hiding in network model architecture. For example, in the OSI reference model, data is sent through packets. Covert channels can be established using the control data to send info that is hidden. At the receiver, the information is stripped off. Information files stay on the hard drive unless specifically deleted.

¨ Watermarking:
Steganography can be used to place a hidden trademark in music, images and software using a technique called “watermarking”. Watermarking techniques are more integrated into the image, so they can be applied without fear of destruction due to lossy compression. Watermarking extends image information and becomes an attribute of the cover information, providing copyright details.

.
A watermarked picture

Steganography is used to conceal files in various forms of data. This is done in three different media: text, images and audio signals. Steganography can and is being used widely in these media.
IMAGE STEGANOGRAPHY:
Image steganography has truly advanced with the invention of fast, powerful computers. Software is easily available for processing and hiding of data images. Images can also be retrieved very easily. Least Significant Bit Insertion is the most well-known image steganography technique. It is simple, easy to create and also easy to apply.

1. Image without embedded picture 2. Image with embedded steganographic picture.

Embedded picture in image 2


Embedded Map In The Image
Masking and filtering hide information by marking an image in a manner similar to paper watermarks. By masking a faint image with another in order to make the first non-perceptible, we exploit the fact that the human eye cannot detect faint changes in a visual image. Masking techniques are more suitable for use in lossy JPEG images than in LSB insertion because of their relative immunity to compression and cropping.

STEGANOGRAPHY IN AUDIO:
This is a very risky and challenging approach, as the human auditory system can detect even very minor changes in sound in a wide range. Random noise can be sensed easily. The four primary methods are:
¨ Low-bit encoding: Binary data can be stored in the Least Significant Bits of the sound files (similar to the image files). For example, channel capacity is 1kb per second per Hz. Therefore, if we have 8kHz sequence, the capacity is 8kbps.
¨ Phase coding: This works by substituting the phase of an audio segment with a reference phase that represents data.
¨ Spread spectrum: The encoded data is spread as much as possible over the frequency spectrum. In Direct Sequence Spread Spectrum, the signal is spread by multiplying it by a certain maximal length pseudorandom sequence, called a chip.
¨ Echo data hiding: Echo data hiding embeds data into a signal by using an echo. The data is hidden by varying three parameters of the echo: initial amplitude, decay rate and offset or delay.

CHARACTERISTICS OF STEGANOGRAPHIC SOFTWARE:
Steganographic software enables information to be hidden in graphic, sound and apparently blank media. Examples include data sent through images and pictures. Image steganography is most effectively handled by JPEG software. JPEG uses lossy encoding to compress its data. JFIF files are used for output. JFIF consist of both lossy and lossless stages. The information to be passed is hidden between these stages. File compression in JPEG is its greatest advantage. Large images in unlimited colours can be stored in relatively small files. Another example could involve data sent through sound or audio files. Various steganographic software packages available in the market are very recent and include Hide-&-Seek, StegosDos, White Noise, etc. in all versions; the messages are encrypted before being embedded, in order to provide an increased layer of protection.
FORMS OF STEGANOGRAPHY:
Many forms of steganography were devised and implemented. This includes methods like blindside, S-Mail and Scramdisk.
¨ Blindside: This is an application of steganography that allows one to conceal a file or a set of files within a standard computer image. This involves some very easy steps to store the data file. Encrypted passwords are used for authorization to access data.
¨ S-Mail: This encrypts any data in a very difficult-to-decrypt kind of way and then hides it in EXE or DLL files. The EXE file is then sent through the internet, via e-mail, to the recipient.
¨ Scramdisk: this allows the creation and use of a virtual encrypted data drive. On an existing hard drive, first an encrypted password is entered and data files are stored in the virtual drive. The recipient needs to first access the hard drive with the correct passphrase, without which the drive is inaccessible, and then the data can be extracted.

STEGANALYSIS:
This is the science of detecting hidden messages. A rising field today, it aims to discover and render useless all covert messages. A public watermark detector has been developed as an oracle to estimate a secret spread watermark. The image is first degraded and then random signals are added to completely wash out the watermark. Steganalysis is getting more and more advanced, in an effort to combat steganography.

WEAKNESSES OF STEGANOGRAPHY:
Ø Steganography is not without its disadvantages. However, these can be corrected and once implemented; it can strengthen the core of steganography.
Ø Most data hiding methods take advantage of human perceptual weaknesses, but they have weaknesses of their own. However, these can be individually rectified.
Ø One major drawback of steganography is that, unlike cryptography, it requires a lot of overhead to hide relatively few bits of data. However, it fares no worse than cryptography and is still the preferred medium.


Steganography was in the news lately, as an advanced means of secret communication. It has its obvious advantages, as an almost unbreakable system, and is complemented by cryptography. It can slip important communication without anyone knowing. Soon, we can have artists, musicians and authors using steganography to fight piracy. It can be used to track infringement of copyrights in a digital medium and can work wonders on the internet.

Steganography, if fallen into wrong hands, can create tremendous damage. It was in the news lately, as being the form by which Osama Bin Laden communicated with his associates, via Al-Jazeera television images. The US government recently released a public statement, declaring that “terrorist organizations are hiding maps, photographs of their targets and instructions for terrorist activities on chat rooms, bulletin boards and other websites using steganography”. The famous copyright infringement case against Napster, the online music website, was filed after using steganographic methods.

Currently in the news, steganography is finding increasing uses. It can be used to protect copyrights, prevent piracy and work in the transfer of top-secret data from place to place. Once its relatively minor disadvantages are rectified, steganography will be found to have amazing potential in the days to come.

REFERENCES:
[1]. Neil F Johnson, “Steganography”.
[2]. William Stallings, “Network and Interwork Security”.