1 / 68

eCrime and Steganography

eCrime and Steganography. Lecture & Demonstration. Origins of Steganography. Steganography Origins From the Greek Roots “Steganos” or Covered “Graphie” or Writing “Covered Writing” First Known Usage

tyrone-todd
Download Presentation

eCrime and Steganography

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. eCrime and Steganography Lecture & Demonstration

  2. Origins of Steganography • Steganography Origins • From the Greek Roots • “Steganos” or Covered • “Graphie” or Writing • “Covered Writing” • First Known Usage • The early Greeks and Persians used several forms of covered writing to conceal the communication of secret or covert messages • Origins date back as far 2,500 years ago

  3. Demaratus of Ariston was exiled in Persia, and while there, he received news that Xerxes had decided to invade Greece. He decided that he must get word of the pending invasion to Sparta. Since discovery of such an act meant certain death, he decided that he must conceal the message. He scraped the wax off a pair of wooden folding writing tablets and carved a warning message in the wood. He then covered the wood with a fresh coat of wax. The tablet was passed by the sentries without raising any suspicion and was delivered to and read by the Greeks. Origins of Steganography WAX TABLET

  4. Origins of Steganography • Null Cipher Messages • Most notably this method was used during World War I by the Germans • Text based steganography has taken on several forms PRESIDENT’S EMBARGO RULING SHOULD HAVE IMMEDIATE NOTICE. GRAVE SITUATION AFFECTING INTERNATIONAL LAW, STATEMENT FORESHADOWS RUIN OF MANY NEUTRALS. YELLOW JOURNALS UNIFYING NATIONAL EXCITEMENT IMMENSELY PRESIDENT’S EMBARGO RULING SHOULD HAVE IMMEDIATE NOTICE. GRAVE SITUATION AFFECTING INTERNATIONAL LAW, STATEMENT FORESHADOWS RUIN OF MANY NEUTRALS. YELLOW JOURNALS UNIFYING NATIONAL EXCITEMENT IMMENSELY PERSHING SAILS FROM NY JUNE 1

  5. Dangers of Steganography • Steganography vs. Encryption • Steganography and Encryption each have distinct purposes • Encryption • Keeps information private by using a mathematical algorithm which renders the contents unreadable unless you possess a specific key allowing you to decipher the message • Encrypted objects are typically easy to identify or detect • The existence of the message is obvious, however the content is obscured • Steganography • Hides the actual existence of a message or hidden data • Hides information in plain sight by exploiting weaknesses of our human senses

  6. Dangers of Steganography Encryption Steganography

  7. CP Apply Stego Covert Message Send Message With Innocuous Attachment password Firewall Carrier Image password Reveal Stego Revealed CP Steganography E-Mail Communication

  8. Who knows about this technology?

  9. How big is the problem?

  10. Who knows about it? source google.com

  11. How global is the problem? A R A B I C

  12. How global is the problem? C H I N E S E

  13. How global is the problem? G E R M A N

  14. How global is the problem? K O R E A N

  15. How global is the problem? C R O A T I A N

  16. How global is the problem? J A P A N E S E

  17. Steganography How does it work?

  18. Human Sight Characteristics Poor detection and identification of differing shades of color Poor recognition of high intensity shades (i.e. bright blue and violet shades of color) Human Hearing Characteristics Very sensitive to noise and distortion Imperceptible in detecting slight amplitude shifts Imperceptible in detecting slight phase shifts How is this possible?

  19. Palette Images • Map to a pre-defined color on a table • Pixel represented by table lookup value 2 2http://www.webstyleguide.com/graphics/displays.html

  20. RGB or True Color Images 4 • True Color images • Typically represented by 24 bits • 8 bits for each color (red, green, blue) • 16.7M possible colors (28 x 28 x 28) • Each pixel holds color triplet 4http://www.webstyleguide.com/graphics/displays.html

  21. Least Significant Bit (LSB)Steganography Applied to RGB Color Images

  22. 1 0 1 1 0 1 0 1 0 1 0 LSB Substitution – bit 0 LSB Substitution Individual Colors Before After Combined Color 0 RED Before After GREEN 1 1 0 0 0 1 1 0 1 1 1 0 0 0 0 1 BLUE

  23. 1 0 1 1 0 1 0 1 0 1 0 LSB Substitution bit 0 and 1 LSB Substitution Individual Colors Before After Combined Color 1 RED Before After GREEN 1 1 0 0 0 1 0 0 1 1 1 0 0 0 1 1 BLUE

  24. 0 1 0 LSB Substitution bits (0-3) LSB Substitution Individual Colors Before After Combined Color 1 0 1 1 1 0 1 0 1 RED Before After GREEN 1 1 0 0 1 0 0 0 1 1 1 0 1 1 1 1 BLUE

  25. Visual Analysis

  26. Visual Analysis

  27. Visual Analysis

  28. Digital Audio • CD Audio • Typically referred to as wave audiofiles • Wave audio is an uncompressedset of samples • Each samples is represented as a16-bit value • Binary • 0000 0000 0000 0000 – 1111 1111 1111 1111 • Hex • 0000 - FFFF • Decimal • -32768 to +32767 • Each sample is collected at a frequency of 44.1 Khz or 44,100 times per secondbased on Nyquist’s theorem 5 “Nyquist's theorem: A theorem, developed by H. Nyquist, which states that an analog signalwaveform may be uniquely reconstructed, without error, from samples taken at equal time intervals. The sampling rate must be equal to, or greater than, twice the highest frequencycomponent in the analog signal” 5http://www.its.bldrdoc.gov

  29. Digital Audio - Dangers • Audio based steganography has the potential to conceal more information • Audio files are generally larger than images • Our hearing can be easily fooled • Slight changes in amplitude can store vast amounts of information • Many sources and types makes statistical analysis more difficult • Greater amounts of information can be embedded without audible degradation

  30. LSB in Action Steganography Demonstration

  31. Known Methods of Steganography CovertChannels 24-Bit LSBEncoding ColorPaletteModification EncodingAlgorithmModification WordSubstitution FormattingModification DataAppending

  32. Known Methods of Steganography DataAppending Typically modifies the cover file by appendingdata after the standard end-of-file marker ExampleProgram Camouflage

  33. Data Appending Example Carrier Image Hidden Data

  34. Original Carrier File Data Appending Example End of File Markers Hidden Data Camouflage Hidden Message

  35. Camouflage in Action Demonstration

  36. Known Methods of Steganography FormattingModification Works by making subtle modification to text and/or line spacing in standard documents Invisible Secrets ExampleProgram

  37. Carrier File Hidden Data Formatting Modification Example

  38. Formatting Modification Example HASH 7E62 FC70 65FE 8095 7796 23DC 697D CBDF EEEC 3E07 HASH D350 E408 495B D1A4 2FDB 6A54 6C34 2F94 DE8F 89E5 Modified Carrier File Original Carrier File

  39. Formatting Modification Example Original Carrier File Modified Carrier File

  40. Known Methods of Steganography WordSubstitution Automatically create “spam” like messages that actually contain hidden data Spam Mimic – Web based steganography tool WordSubstitution http://www.spammimic.com/

  41. Message to Encode Word Substitution Example

  42. Spam encoded message Spam mimic

  43. Spam mimic

  44. Spam mimic

  45. Known Methods of Steganography ColorPaletteModification Typically applied to 8-BIT images such as GIF or 8 BIT BMP files. The technique modifies the color palette and the associated colors in the image to embed data Gif-it-Up ExampleProgram

  46. Color Palette Modification Example Carrier Image HiddenData

  47. Color Palette Modification Example Carrier Image Covert Message

  48. Known Methods of Steganography 24-Bit LSBEncoding The LSB method makes subtle changes to each pixel of the image. The changes are undetectable through visual inspection for most images ExampleProgram Example Program : S-Tools Version 4.0

  49. MP3 perceptual noise shaping (PNS) Modification JPEG Discrete Cosine Transform (DCT)Modification Known Methods of Steganography EncodingAlgorithmModification

More Related