Steganography is defined as ‘the art of hiding messages inside media files’, in other words, it is the way in which we can hide any message (text, image, audio, etc.) inside any file (.mp3, .wav, .png, etc.). This helps people to make sure that only those who know about the presence of the message can obtain it. There are many different methods of performing steganography, but the most famous are the LSB (Least Significant Bit) ones. This kind of method modifies the LSB of different bytes with a bit from the message that will be hidden .
History of Steganography:
The concept of steganography has been in use for centuries. In ancient times, text was written on wax poured on stone tablets. To hide the message the wax was scraped off, the message was inscribed directly onto the tablet and then the tablet was covered with a fresh layer of wax. To anyone inspecting the tablet, it was a blank tablet. On the receiving end the wax was scraped off to reveal the message.
In the 20th century, invisible inks were widely used. Fluids like vinegar, milk and fruit juices were used to write messages that could not be seen unless subjected to special treatment. When heated, these fluids turn dark and the message can be read.
The current form of this technique is also quite similar, the idea being to prevent the detection of a message by hiding it rather than distorting it… Figuratively speaking usually!
How it Works:
The “cover” is the medium which is used to hide the secret information. The information to be hidden can be a plain text message, a cipher text, another image, or anything that can be represented in binary.
Cover media can be a lot of things: text, images, audio and video. As images are the most commonly used medium, let’s look at that closer.
Images can be altered in the noisy areas with a lot of color variations so that the alterations are less obvious. The message can also be scattered randomly throughout the image.
Common methods of concealing data in digital images include:
- Least Significant Bit Insertion: This is a very popular method because of its simplicity. In this method, the LSB of each byte in the image is used to store the secret data. The resulting changes are too small to be recognized by the human eye. The disadvantage of this technique is that since it uses each pixel in an image, a lossless compression format like bmp or gif has to be used for the image. If lossy compression is used, some of the hidden information might be lost.
- Masking and Filtering: These methods hide information in a manner similar to paper watermarks. This can be done, for example, by modifying the luminance of parts of the image. It does change the visible properties of an image, but if done with care the distortion is barely discernable. This method is much more robust than LSB modification with respect to compression since the information is hidden in the visible parts of the image.
- Transformations: This is a more complex way of hiding information in an image. Various algorithms and transformations are applied on the image to make hide information in it. DCT (Direct cosine transformation) is one such method. DCT is used by the JPEG compression algorithm to transform successive 8 x 8 pixel blocks of the image, into 64 DCT coefficients each. Steganography tools can use the LSB of the quantized DCT coefficient can be used to hide information. In addition to DCT, images can be processed with fast Fourier transformation and wavelet transformation. Other image properties such as luminance can also be manipulated .
Types of Steganography:
- Image Steganography
- Document Steganography
- Folder Steganography
- Video Steganography
- Audio Steganography
- Whitespace Steganography
- Web Steganography
- Spam/Email Steganography
- DVDROM Steganography
- Natural Text Steganography
- Hidden OS Steganography
- C++ Source Code Steganography
Steganalysis: It is the process of discovering the existence of the hidden information within a cover medium. It is the reverse process of steganography. It is one of the attacks on information security in which an attacker, called steganalyst, tries to detect the hidden messages embedded in images, text, audio and video carrier mediums using steganography.
Steganalysis contains two aspects: the detection and distortion of messages. In detection phase, the analyst observes the relationship between the steganography tools, stego-media, cover and message. In distortion phase, the analyst either manipulates the stego-media to extract the embedded message or removes it altogether.
Steganalysis Methods: Steganalysis is classified into six types:
- Stego-only attack
- Known-stego attack
- Known-message attack
- Known-cover attack
- Chosen-message attack
- Chosen-stego attack
Steganography Detection Tools:
- Gargoyle Investigator Forensic Pro
- StegAlyzerAS, etc .
- Olguin, J. (2017) ‘An easy introduction to steganography’ [Online] (https://www.trustwave.com/Resources/SpiderLabs-Blog/An-Easy-Introduction-to-Steganography/) Accessed on 18/7/2018.
- Paladion (2005) ‘All about steganography’ [Online] (https://www.paladion.net/blogs/all-about-steganography) Accessed on 18/7/2018.
- CHFI Module 5 ‘Defeating Anti Forensic Techniques’.