This paper aims to give a general introduction to steganography - what it is and some methods used for hiding data in text, image, video and audio. We will also take a look at steganalysis, which is the science of detecting steganography.
Steganographic methods Image methods There are many different methods of information hiding within an image. These methods range from least significant bit (LSB) or noise insertions, manipulation of image and compression algorithms, and modification of properties such as luminance. [3] Steganography is applied to images in order to hide sensitive information. The sensitive information is usually hidden behind an innocent looking document that is usually an image (e.g. BMP, GIF, and JPEG).
Steganography works by combining the message with a cover media such as a picture, which creates a stego-medium or stego-carrier. Use of a stego-key or a secret password may be required in addition to take extra measures against steganalysis attacks. Cover medium + embedded message + stego-key = stego-medium
The secret message is usually put inside the dark space of a picture or a white space of any text message. 'Carrier' or 'Container' is the first item that is needed for steganography. The graphic file can act as a host, which holds the secret message .The ‘carrier’ or container looks like a normal image and to the human eye the picture looks quiet normal and above suspicion.
The message the person wants to hide is placed within the carrier. To do this a steganographic technique is used. One of the easiest techniques is to “replace the least important bit (LSB) of each byte in the carrier with a single bit for the secret message”.
Other difficult methods, which include “selecting certain bytes to pixel mapping to maintain colour scheme, in images, hiding information in the coefficients of the discrete cosine, fractal or wavelet transform of an image, the applied duplicate functions that adapt bit pattern to a known statistical distribution.
The methods above make it easier to hide information in image files, thus making the document undetectable to the human eye. The ‘carrier’ or ‘container’ is referred to as stego-medium; there is possibility to encrypt the secret message within stego-medium so that the secret message is even more difficult to detect by anyone.[4]
Audio methods Audio is another way of hiding messages, such as telephone lines which are a very good way of passing hidden information. This can be done when a person is having a conversation and in the background there is a audio message that is also be carried out which has a sampling rate that is of a higher frequency, beyond the hearing capabilities of a human. The coded message can only be done at a particular stage of the conversation to get the message right. E.g. A noise environment (such as recording traffic in the street) permitted 350 characters per second to be transmitted. In a quieter environment it was only possible to insert about 20 characters per second without being noticed [5].
Hidden message can also be embed in echo form. The echoes are transmitted in a digital format that have different delays to represent ones and zeros, which are sent in different portions. These echoes have a delay less than a millisecond that forms a message, which can not be detected by the human ear.
In the music industry they are using steganography as a security measure to stop unauthorised copying. Stenographic functionality's allows you to hide security information into music files. Only authorised users will be able to access secret information, anyone else cannot gain access to the file.
Text methods One method to hide a message in text is word-shift coding. The horizontal locations of words are shifted within text lines, whilst the spacing appears normal to the eye.
Line-shift coding is another method. In this method, text lines are vertically shifted to encode the document uniquely. Encoding and decoding can generally be applied either to the format file of a document, or the bitmap of a page image. By moving every second line of document either 1/300 of an inch up or down, Brassil et al. [6] found that line-shift coding worked particularly well, and documents could still be completely decoded, even after the tenth photocopy. This method is probably the most visible.
Adding spaces and “invisible” characters to text provides a method to pass hidden information. An interesting way to see this is to add spaces and extra line breaks in an HTML file. Web browsers ignore these extra spaces and lines, but revealing the source of the web page displays the extra characters. [7]
In word-shift coding, the spacing between words in a line of justified text is altered. Codewords are coded into a document by shifting the horizontal locations of words within text lines, while maintaining a natural spacing appearance. When decoding this method it is necessary to have a copy of the original image.
Another way of hiding information is to put the information into unused space in file headers. TCP/IP packets have unused space in the packet headers. The TCP packet header has six unused bits, and the IP packet header has two reserved bits. Thousands of packets are transmitted with each communication channel, which provide an excellent means for covert communication. [12]
Video methods An example of steganographic video method can be used in video conferencing, where hidden data is embedded into video stream. The data or the speech data is compressed using vector quantization, into a digital video signal. Each video frame is transformed by an orthogonal wavelet transform.
Steganalysis Steganalysis is the term used for decoding or attacking a steganographic message so as that the hidden message is revealed. There are several ways to go about attacking a steganographic message. These ways are based upon the assumption that there is a suspicion of a hidden message within the transmitted media, or the steganalyst has tools to detect such an event.
A known stego attack is where the original cover-object and the stego-object are known along with the steganography algorithm tool. The stego-object could be an image with a message behind it. The original cover-object could be the original media that has not been altered.
A stego-only attack is where only the stego-object is known. A chosen stego attack is when the availability of the steganographic tool and the stego object are at hand. A steganographic tool is used to implement and detect hidden information.
A known message attack is the analysis of known patterns that correspond to hidden messages, which may help against attacks in the future.
A known cover attack is when the original cover-object and the stego object are both available to decipher the message.
A chosen message attack. The steganalyst generates a stego-object from some steganography tool or algorithm from a chosen message. The goal in this attack is to determine corresponding patterns in the stego-object that may point to the use of specific steganography tools or algorithms. (This is the most powerful attack)
How steganography is currently used within the industry sector
Steganography is extensively used throughout industry, their are many industrial sectors that use steganography such as Law Enforcement, Media, Networking and Protection of authors work. Many companies offer steganography tools that are used to protect sensitive information. However it is vital that Law Enforcement have these tools, so that they can decrypt unlawful intercepted communication and secret messages, if they lack these tools then society is threatened.
Conclusion
In this research paper, we offer an introductory look at steganography. We gave a historical background to steganography. We describe several methods for hiding data in images, audio, text and video. We gathered our research from different sources across the Internet. We found that as this is a relatively new area in digital technology, any books written on the subject where not available within our research scope.
The security with using steganography comes largely from the fact that people do not know the message exists. An untrained person in the art of detecting hidden information would not have the knowledge or quite possibly the equipment to decrypt or even detect such a message. With all the transmission of data across the Internet, it would be very difficult to scan every image and data file. There is simply not enough processing power.
The most common problem with current information hiding methods is that the original media is somewhat distorted, making it more apparent that there is a hidden message. This distortion normally cannot be removed.
Another problem with steganography is that once it is realised that there is a hidden message within the media that is used for communication, it is normally relatively easy to extract the message. The only answer is to create new steganographic methods that cannot be easily detected.
Going back to ancient times people have used steganographic techniques to pass messages. Today’s technological advances provide an ideal means for steganographic methods to exist. We think that steganography will play an increasing role in the future of secure communication in the "digital world." It is the ideal way to send covert messages within various digital forms.
[1] http://issue.gmu.edu/~csis
[2] http://www.cs.uct.ac.za/courses/CS400W/NIS/papers99/dsellars/stego
[3] N.F. Johson and sushil jajodia, Steganalysis: the investigation of hidden information, 1998
[4] http://www.survivorship.org/html/update_stack_7.html
[5] D.Grover, Computer law and security report, Vol. 14 no. 2 1998, Elsevier Science Ltd.
[6] J. Brassil, S. Low, N. Maxemchuk, and L. O'Garman. Electronic marking and identification techniques to discourage document copying. In IEEE Infocom 94, pages 1278-1287, 1994
[7] P. Wayner, disappearing cryptography, 1996
