An Application Based on Steganography

H.B. Karaman Computer Engineering Department

Gazi University Engineering Faculty Ankara, Turkey

hbkaraman@tccb.gov.tr

. Sa ro lu

Computer Engineering Department Gazi University Engineering Faculty

Ankara, Turkey ss@gazi.edu.tr

Abstract— In this study, the aim and application areas of steganography and steganalysis are briefly described. Kinds of techniques used in steganography are analyzed and compared to each other according to their simplicity and robustness. Then, methods used in steganalysis in order to detect various kinds of steganography such as text, image, audio, video and file system steganography are examined. Finally, a steganography application for the receptions of the Presidency of the Republic of Turkey is developed. The identity information of the guests are first encrypted, and then embedded in their photos using the LSB technique on BMP images. Original and stego images after the embedding process are compared to each other and the robustness of the application against steganalysis attacks is measured using VSL tool.

Keywords- Steganography, Steganalysis, LSB, Application.

I. INTRODUCTION Steganography is an alternative way of hiding

information in a cover media to prevent unintended recipients from being aware of communications.

Secret communication and watermarking are two main objectives of steganography being used. Watermarking is the process of signing digital media (images, texts, audios and videos) in order to protect intellectual property rights. It helps to insert a fingerprint to be recognized. Secret communications cover many methods to provide alternative solutions for images, audios, videos, etc.

Steganalysis deals with detecting or destroying the information hidden by steganography techniques. Various kinds of changes or corruptions occur in a stego-object (object created after applying steganography on the original object) compared to its original version. The fingerprints give opportunity to analyze and detect stego-objects. Passive and active steganalysis are the methods mainly used for these purposes of detecting or destroying messages in the media.

This paper is organized as follows. Section II expresses steganography and summarizes the techniques used in steganography. Section III gives brief explanation of steganalysis and its methods used for the analysis. Section IV introduces an application of steganography for Presidency of the Republic of Turkey. The work is concluded in Section V.

II. STEGANOGRAPHY Steganography is the science of hiding secret information

in an unsuspicious cover object. The goal of Steganography was defined by Johnson and Jajodia as “the goal of

steganography is to avoid drawing suspicion to the transmission of a hidden message. If suspicion is raised, then this goal is defeated.” [3].

Discovering the communication is the first attack to steganography since it is against the main goal of steganography. But it is possible to use steganography together with cryptography by encrypting the message before embedding it into a cover object. Using steganography and cryptography together to provide better information security is a hot topic [17-21].

Steganography techniques can be categorized as ‘fragile’ and ‘robust’ according to the strength of the stego-object against the steganalysis attacks [2, 10]. The stego-object, which does not lose its hidden message and its cover object is still recognizable after being exposed to multiple image processing techniques such as warping, cropping, rotating and blurring is defined as robust [3]. The others are fragile. Their hidden messages are lost under JPEG compression or they are completely destroyed after applying image processing techniques.

Text, image, html [22] and exe files [22], word processors, audio and video files are suitable and frequently used cover objects for steganography. When the literature reviewed, there have been many methods / techniques available for the files such as text, audio, video, picture [4, 6 and 7]. File systems [4] and TCP/IP packets [8] can also be used as cover objects. These techniques are summarized as follows in subsections:

A. Steganography in Text Files Hiding messages in text files is the easiest and oldest but

a fragile way of secret communication. Today, it is applied by changing the layout of a document, adding extra spaces and using hidden characters in text. The disadvantage of text steganography is its weakness against attacks. The extra spaces, lines and characters added could easily be detected by opening the text in a word processor. The hidden message will be lost if the document is reformatted [5]. Additional techniques for hiding messages in text files are given in [9].

B. Steganography in Image Files Images are the most common cover objects used in

steganography. Image steganograms can be fragile or robust according to the method applied on the image file [3]. Image steganography methods can be categorized as ‘Image domain methods’ and ‘Transform domain methods’. Image domain methods are easy to apply, but it is possible to create more robust stego-images with transform domain techniques.

2012 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining

978-0-7695-4799-2/12 $26.00 © 2012 IEEE

DOI 10.1109/ASONAM.2012.152

871

2012 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining

978-0-7695-4799-2/12 $26.00 © 2012 IEEE

DOI 10.1109/ASONAM.2012.152

839

Some of the popular image domain tools are ‘Hide and Seek’, ‘Mandelsteg’, ‘Steganos’, ‘StegoDos’, ‘S-TOOLS’, and ‘White Noise Storm’. Some of the transform domain tools are ‘Jpeg-Jsteg’, ‘JPHide’, ‘Outguess’, ‘PictureMarc’ and ‘SysCop’ [5].

Some of the techniques were briefly explained as follows:

1) Least Significant Bit Algorithm: This is the simplest method applied on image files. First, the message to be hidden is broken into pieces of 1 bit then the least significant bit of each pixel of the cover object is used to store the bits of the secret message. The change in cover object is invisible to naked eyes up to 4th LSB of the image. This technique is unsuccessful and visible to naked eyes, when the bits of the hidden message have more space to be placed than the cover image [10]. The LSB method is not a robust algorithm since it is easily corrupted when it is exposed to image processing techniques.

2) Patchwork Algorithm: It is a more complex method compared to LSB algorithm. First, two random pixels are selected from the image. Then, the brighter of the two is made brighter and the darker one is darker. The contrast change between these two pixels corresponds to a part of the bits of the hidden message [1,12]. The image remains undetectable under filtering attacks, even in the case of a few hundred changes in pixels [1].

3) Transform Domain Algorithms: Robust methods use transformation algorithms such as DCT (Discrete Cosine Transformation) or Wavelet Transformation. The message is hidden in significant areas of the cover image using the algorithms which make the stego-object more robust to image processing attacks than the LSB method [3]. A more detailed research on transform domain techniques can be found in [13].

C. Audio and Video Steganography Steganography with audio files are hard to detect because

little changes in an audio file can be perceived as a noise or degradation caused by the recording process. Steganography applications using audio files take advantage of this case [22]. The same algorithms such as LSB and Transform Domain algorithms can also be used in audio and video steganography. Since audio and video files are large in size, the extra spaces in their headers can also be used to hold hidden information [3].

III. STEGANALYSIS Steganalysis is the area of research which deals with

detection and extraction of information hidden in cover media by steganographic methods. Although it is a relatively recent branch compared to steganography, there is an increasing interest to steganalysis recently. A satisfying explanation of the goal of steganalysis was made by Johnson and Jajodia in their article “Steganalysis: The Investigation of Hidden Information”. The definition is:

“Our goal is not to advocate the removal or disabling of valid hidden information such as copyrights, but to point out approaches that are vulnerable and may be exploited to investigate illicit hidden information.” [3]

The types of steganalysis techniques are categorized in two main groups [14]. These techniques were explained below:

A. Detecting Hidden Information (Passive Steganalysis) Passive Steganalysis is the type of steganalysis which

aims to detect the presence of a hidden message in a stego-object, or to detect the steganography tool used to hide the message. Although it is hard to perceive the differences between a stego-object and its original version by naked eye, it is a reality that there always exist changes, distortions or anomalies in a stego-object with respect to its cover media. These changes, in other words fingerprints left by steganography, enables the steganalyst to determine that a file is a stego-object or not, even without comparing it to its original version.

1) Detecting Text Steganography: Hiding messages in text files, is the simplest and the most fragile method of steganography. So, detecting text steganography is also simple. The extra spaces, lines or hidden characters in a steganographic text file becomes visible and can easily be detected by opening it in a word processor.

2) Detecting Image Steganography: Steganalysis on images is usually made by detecting anomalies in characteristics of the image file such as change in file size and color palette, etc [15]. A steganalysis technique on image files is analyzing many stego-images and their original versions according to color composition, luminance and pixel relationships. Then, the resulting patterns are used in detecting unknown stego-objects [3]. Another technique on images is, analyzing the least significant bits in stego-objects. By applying LSB method in order to hide a message, randomness occurs in least significant bits of the cover object. And this randomness can easily be detected by statistical analysis of LSB’s on the cover object. It is also possible to detect stego-objects created by applying DCT method on JPEG images [15].

A method was suggested by Avc ba and his friends which aims to discriminate stego-images and cover images using image quality metrics and to automate the detection process [16].

3) Detecting File System Steganography: Steganography on file systems can be detected by using tools and utilities which analyze the file system and report the information hidden on unused partitions [3].

4) Detecting Steganography on TCP/IP Headers: Internet firewalls can be customized to catch the TCP/IP packets which contain information in their unused or reserved spaces [3].

872840

B. Defeating Steganograms (Active Steganalysis) Active Steganalysis covers the techniques used to disable

the secret communication, by extracting and damaging the hidden messages. Detecting the message is not always necessary, since the goal of steganography is already defeated when the existence of the message is detected [3]. So, although it is hard to extract the exact message from the stego-object, it is possible to corrupt the message it contains using various active steganalysis techniques.

1) Disabling Text Steganograms: The hidden messages in a text file can easily be destroyed by opening the file in a word processor and reformatting the text [5].

2) Disabling Image Steganograms: The simplest method of corrupting the hidden message is applying JPEG compression on the image, which is effective on steganograms created by LSB technique. The image remains visible to human eye, but the message embedded in the least significant bits of the image is lost after applying JPEG compression on the image.

Multiple image processing techniques can be applied in order to defeat steganograms created by transform domain tools, which are resistant to JPEG compression. These techniques include cropping, removing portions of the image, rotating the image, blurring, decreasing the contrast between pixels, sharpening, increasing the contrast between pixels, adding or removing noise, resampling, converting between bit densities [5]. A stego-image which is exposed to these kinds of changes loses its hidden message, at least a part of it.

Another technique to destroy the messages is, overwriting the existing hidden message by embedding another message into the image.

3) Disabling Audio and Video Steganograms: The same techniques with image steganalysis can be applied in steganalysis of audio files. And a combination of the techniques used in image and audio steganalysis can be applied on video files.

4) Disabling Steganograms in File Systems: It is always possible for operating systems, which do a lot of caching and creating of temporary files, to overwrite the partitions of the file system which contain hidden messages since those areas are supposed to be unused and free [3]. So, hiding messages in file systems are not so secure.

5) Disabling Steganograms in TCP/IP Headers: TCP/IP packets containing hidden information in their headers can be catched and filtered by firewalls. It is also possible for these headers to be overwritten during the routing process [3].

IV. IMAGE STEGANOGRAPHY APPLICATION FOR RECEPTIONS OF THE PRESIDENCY OF THE

REPUBLIC OF TURKEY In this study, a steganography algorithm is applied on

BMP images which are used in the Receptions of the Presidency of The Republic of Turkey. The identity information of the guests who are invited to the receptions is

hidden into their photos using this Steganography application. The LSB technique is used in the application and the information are encrypted before being hidden into the photos. By this way, the identity information of the guests became invisible and secure on the database and at the same time, the photos became watermarked.

The method used in the steganography of the photographs is the Least Significant Bit Method. In this method, the bits of the message to be hidden are inserted on the least significant bit of each byte of the original image. 24-bit bitmapped files (.bmp) are used for the application. 24-bit BMP files use 24-bit color which corresponds to 24 bits per pixel. In this case, the intensity of each primary colors Red, Green, Blue are represented by 8 bits. By using LSB insertion, a single bit of the message is inserted into the least significant bit of each byte a pixel contains.

For the implementation of the Project, Visual Studio Environment and C# programming language is used.

A. Steganography Algorithm The Main Steps of The Program: • The identity information of the guests entered

through the user interface are joined together in order to form the message structure.

• The length of the message is appended in front of the message as four bytes (number of bytes needed to store 32 bit integers).

• The message and the password entered by the user are sent to the cryptography algorithm in order to be encrypted before being inserted into the image.

• The encrypted message and the cover image are sent to the steganography algorithm in order to hide the message into the image.

• The decoding process is the reverse of the encoding process. The message is extracted from the image file after reading the 4 bytes containing the length of the message.

• Using the password user entered, the extracted message is decrypted by the decryption algorithm.

• The message is seperated into fields as identity information and represented to the user.

Pseudocode of the steganography algorithm is given in Fig. 1.

Figure 1. Pseudocode of the steganography algorithm used in the

application.

B. Demo for The Application A short demo representing the steps of the application is

given in Figures 2-5.

For each bit of the message Take a byte from the byte array of the original image Replace LSB of the byte with the bit of the message Store the recently created byte into byte array of the stego image

873841

Figure 2. Original picture and the path for the stego image are selected,

identity information and password are entered.

Figure 3. The information are hidden into the original image, and the stego image is created

Figure 4. The stego image is selected and password used for encryption is entered for the extraction process.

Figure 5. The identity information of the guest is represented after extracting the message from the stego-image

As you can see in Fig. 6, the difference between the original image and the stego-image is not visible to naked eye.

(a) (b)

Figure 6. Original and stego-images : (a) original image, (b)stego-image

C. Testing Robustness of the Application In order to test the robustness of our steganography

application, several steganalysis attacks were applied on the stego-image. For these tests, Virtual Steganographic Laboratory (VSL) tool is used [23]. This tool allows using and testing of several steganography and steganalysis methods. Both two types of techniques-active and passive steganalysis techniques were applied on our stego images. LSB-RS passive steganalysis technique was applied in order to detect if the image contains a hidden message or not. All of the other techniques used in this experiment are active steganalysis techniques aiming to destroy the hidden message. The active steganalysis techniques used in this study are as follows: Salt (white) and pepper (black) noise, JPEG compression, noise with Gaussian distribution, cropping of an image, image resizing, median filtering, gamma correction, Gaussian blurring and image sharpening.

Each of these techniques was tested one by one. After applying these image processing techniques on the stego-image, the resulting images were applied to our developed application for the extraction processes. The success rate of

874842

our application was measured according to the accuracy of the extracted message. The results of the tests are given in Table 1.

TABLE I. TEST RESULTS OF STEGANALYSIS TECHNIQUES

Steganalysis Technique Active / Passive Steganalysis

Success Rate of Our

Application Salt (white) and Pepper (black)

noise Active 3.75 %

JPEG compression Active 0 % Noise with Gaussian

distribution Active 0 %

Cropping of an image Active 0 % Image resizing Active 0 %

Median filtering Active 0 % Gamma correction Active 0 % Gaussian blurring Active 0 % Image sharpening Active 98.75 %

LSB-RS steganalysis Passive 0 %

According to the test results, it can be concluded that our

steganography technique is robust against image sharpening attacks, but it is fragile under all of the other attacks since LSB steganography technique, different from transform domain techniques, is not a robust algorithm when it is exposed to image processing techniques.

V. CONCLUSIONS This study presents an application to be used for the

receptions of the Presidency of the Republic of Turkey. By using this application, the identity information of the guests became invisible and secure on database, the identities and photos are joined together and became integrated, and the watermarking of the photos is carried out. The identity information of the guests are first encrypted, and then embedded in their photos using the LSB technique on BMP images. Original and stego images after the embedding process are compared to each other. Several steganalysis attacks are applied on stego images in order to test the robustness of the application. When the test results were analyzed, it was concluded that our application is fragile against all of the steganalysis techniques except image sharpening.

Considering the security level of this application, the approach presented in this study might be acceptable but if better protection is required, more robust steganography techniques such as transform domain techniques can be applied in our application in future studies.

ACKNOWLEDGMENT I would like to thank Professor eref Sa ro lu for his

valuable guidance and support throughout my studies.

REFERENCES [1] J. Watkins, “Steganography – Messages Hidden in Bits”, 2008. [2] S. Channalli and A. Jadhav, “Steganography – An Art of Hiding

Data”, International Journal on Computer Science and Engineering, vol.1(3): 137-141, 2009.

[3] N. F. Johnson and S. Jajodia, “Steganalysis: The Investigation of Hidden Information”, IEEE Information Technology Conference, September 1998.

[4] N.F. Johnson, S. Jajodia, "Exploring Steganography: Seeing the Unseen", IEEE Computer, vol. 31, no. 2, pp.26-34, February 1998.

[5] J. Silman, "Steganography and Steganalysis: An Overview", 2001. [6] R. Anderson, (ed.), Information hiding: first international workshop,

Cambridge, UK. Lecture Notes in Computer Science, vol. 1174, Berlin Heidelberg New York: Springer-Verlag, 1996.

[7] W. Bender, D. Gruhl, N. Morimoto and A. Lu, "Techniques for Data Hiding", IBM Systems Journal Vol. 35, No. 3&4. MIT Media Lab, pp. 313-336, 1996.

[8] T.G. Handel, M.T. Stanford, III. "Hiding Data in the OSI Network Model", In:[1] pp. 23-38, 1996.

[9] P. Wayner, Disappearing Cryptography, Chestnut Hill, MA: AP Professional, 1996.

[10] J. Cummins, P. Diskin, S. Lau and R. Parlett, “Steganography and Digital Watermarking”, School of Computer Science, The University of Birmingham, 2004.

[11] A. S. Tannenbaum, “Steganography Demo for Modern Operating Systems”, 2nd ed.

http://www.cs.vu.nl/~ast/books/mos2/zebras.html [12] F. A. P. Petitcolas, R. J. Anderson and M. G. Kuhn, "Information

Hiding - A Survey", Proceedings of the IEEE, special issue on protection of multimedia content, 87(7):1062-1078, July 1999.

[13] N.F. Johnson, Z. Duric, S. Jajodia, "The Role of Digital Watermarking in Electronic Commerce".

[14] R. Chandramouli and N. D. Memon, “Steganography Capacity: A Steganalysis Perspective”.

[15] J. R. Krenn, “Steganography and Steganalysis”, January 2004. [16] . Avc ba , N. Memon, B. Sankur, “Steganalysis Using Image Quality

Metrics”, IEEE Transactions on Image Processing, Vol.12, No. 2, February 2003.

[17] . Sagiroglu and M. Tunckanat, "A Secure Internet Communication Tool", Turkish Journal of Telecommunications, Vol.1, No.1, pp.40-46, 2003.

[18] . Sagiroglu, M.Tunçkanat and M.Altuner, "Kriptolojide Yeni bir Yakla m Resimli Mesaj", Telekomünikasyon Ekseni Dergisi, Telekomünikasyon Kurumu, Vol.2, p.22-24, January 2002.

[19] . Sa ro lu, M. Tunçkanat, “Gizli bilgilerin internet ortam nda güvenli olarak aktar m için yeni bir yakla m” Popüler Bilim Dergisi, Year.9, Vol.105, p.21-24, September 2002.

[20] M. Tunçkanat and . Sa ro lu, "Güvenli leti im çin Yeni Bir Yakla m: Resim çerisine Döküman Gizleme", GAP IV. Mühendislik Kongresi (Uluslararas Kat l ml ), Vol.1, p.665-668,

anl urfa, 6-8 January 2002 [21] . Sa ro lu and M. Tunçkanat, "Gizli bilgilerin elektronik ortamda

güvenli aktar m ", TBD 19. Bili im Kurultay , Beylikdüzü, stanbul, p.47-50, 3-6 September 2002.

[22] M. A. At c , Steganografik Yakla mlar n ncelenmesi, Tasar m ve Geli tirilmesi, Gazi Üniversitesi, Fen Bilimleri Enstitüsü, April 2005.

[23] P. Forczma ski and M. W grzyn, Open Virtual Steganographic Laboratory, International Conference on Advanced Computer Systems, ACS-AISBIS 2009.

875843