CALIFORNIA STATE UNIVERSITY, NORTHRIDGE APPLICATIONS OF STEGANOGRAPHY

Transcription

1 CALIFORNIA STATE UNIVERSITY, NORTHRIDGE APPLICATIONS OF STEGANOGRAPHY A thesis submitted in partial fulfillment of the requirements for the degree of Master of Science in Software Engineering By Alireza Behrouzi Shad December 2011

2 The thesis of Alireza Behrouzi Shad is approved: Professor Richard Covington Date Date Date California State University, Northridge ll

3 ACKNOWLEDGEMENT I would like to thank Dr. Mcilhenny for his support and guidelines throughout this work. I would also like to thank Dr. Covington and Dr. Gabrovsky for their efforts as committee members. Finally, I would like to express my gratitude to the members of my family, especially my wife, for their tremendous support and encouragement. 111

4 TABLE OF CONTENTS S... 1~2Lt11re IJ2ll5e 11 Acknowledgement iii Table of Contents IV Al>straLct vi Chapter 1: Introduction Chapter 2: Overview Steganography vs. Cryptography Types of Media Carriers Storage Formats Imaging Storage Formats AudioNideo Storage Formats Text Storage Formats TCPIIP Storage Formats Processing Image Processing Audio Processing Text Processing TCPIIP Processing. 21 Chapter 3: Algorithms Imaging Algorithms LSB Steganography Color Cycle Steganography Random Bits Steganography Fridrich Method Audio Algorithms LSB Coding EAS Parity Coding Phase Coding Spread Spectrum.._ Tone Insertion Echo Hiding Texting Algorithms Particular Characters in Words HTML Documents Line and Word Shifting IV

5 Abbreviations and Spaces Semantic and Character Feature Methods Arabic and Persian Letter Method Font-Size Change Method Color Change Method TCPIIP.Algorithms TCPIIP Header Fields Linux OS Evaluation General Comparisons Preferred Stego-.Algorithm Chapter 4: Steganalysis Chapter 5: Proposed Method Chapter 6: Conclusion References v

6 ABSTRACT APPLICATIONS OF STEGANOGRAPHY By Alireza Behrouzi Shad Master of Science in Software Engineering Steganography is an ancient science and the art of hiding information. Its counterpart, steganalysis, on the other hand, is the skill of detecting the hidden information. The growth of the Internet in recent decades created a battle field for both stego-counterparts, which resulted in profound influence on information security. In both sides of the battle, different and stronger tools have been developed to better meet the needs for the information security. The enhancement of these tools would benefit not only the national security and intelligence community, but also provide a wide range of services and applications used for peaceful purposes. The flexible process and the simple implementation of some of the steganographic methods offer various options for the users of this technology, and they can select the one that fits their needs. There is, however, a great difference between steganography and cryptography, as the former tries to hide the very existence of the secret message, while the latter only scrambles the information without hiding it. VI

7 Secure communication and transmission of vital information are the essential needs of today's business environment, as well as the national security and intelligence community. This might be one of the important reasons for increasing significance of steganography m applications like banktransactions and battlefield communications, as conveying crucial information to intended recipients, while preventing access to others. Vll

8 CHAPTER 1 INTRODUCTION Steganography is the art and the science of concealing the presence of secret information with no risk of detection. Using stranographic methods, the message is written in a way that its existence is obscured. This technology provides information-secrecy in such way that no one can even suspect the existence of the message except the sender and the intended recipient. The word "steganography" means "covered writing". It has a Greek origin taken from the terms "steganos", which means "covered", and "graphein", "to write". The history of hiding messages, "steganography", goes back to around 500 BC [1] [20]. The ancient Persians and Greeks used to tattoo important messages on the heads of the messengers, who were dispatched when their hair grew back. Masking and invisible inks were also used to write or draw secret text or drawings within letters (Figure 1). The term "steganography", however, was first used in 1499, in a book on magic, called "Steganographia" by Johannes Trithemius [1]. This technique had also many implications during WWII, when it was used by the spies of different countries to send and receive hidden messages. Using invisible inks and Morse code to write messages are examples of this technique that was used during WWII [1]. With the growth of the Internet and rising multimedia techniques since 1990s however, this ancient technique has gained esteem resulting in more computer based data-hiding using various digital media formats. Text, image, 1

9 video, audio, and other digital media formats may be used in order to convey information under cover, and conceal the very existence of data being exchanged in today's digital world. Digital watermarking is one of the most common applications of steganography [21]. It is a replication of a sign, text or an image authenticating the source, and embedding signatures proving copyright or ownership of a document. Steganalysis, on the other hand, is the skill of detecting and breaking steganography through various examinations. Steganography_ and its counterpart steganalysis encompass a vital rule in the 21st century. The tremendous growth of the Internet during the recent decades, along with its availability for almost anyone around the world, has created a battle field for both stego-counterparts to profoundly influence information security [14]. The challenge of one side is transmitting higher capacity information secretly with the use of better technology and media, while the attempt of the other is to better prepare for detecting malicious secret data. In both sides of the battle, different tools have been developed to better meet the needs of a widely open environment like the Internet. Stronger countermeasures on both sides have been emerging as many simple methods were defeated. The enhancement of these tools would benefit not only the national security and intelligence community, but also provide a wide range of services and applications used for peaceful purposes, such as multimedia integration, 2

10 reliable storage and data-transmission, as well as copyright and digitalproperty protection. [14]. The main objectives of steganography, however, include efficient data transmission and information security, along with sufficient capacity for data-hiding. Usually, one is achieved by compromising the other. The attempt of increasing the capacity for hiding information results in tumbling the level of data-security. On the other hand, the increased data-secrecy results in lower capacity for information-hiding. So the fundamental search for a way to convey higher capacity data without being detected is an ongoing process, as one side attempts to overcome the other. In addition to capacity and data-security, robustness and transparency are also among the most important characteristics of steganography. These are the essential attributes of all steganographic algorithms, which must be analyzed vigorously for a stego-system in order to be able to transmit secret information from one point to another. Capacity, as the first attribute, refers to the amount of data that can be inserted into a carrier medium without producing perceptible distortion [23]. The second characteristic, security, relates to the capabilities of a stego-algorithm to prevent an intruder from easily finding the secret information. The third characteristic, robustness, evaluates the capability of the stego-file to resist against an intentional or unintentional attack. And finally, transparency measures the amount of perceptible distortion of a carrier medium after embedding secret information 3

11 [25]. Transparency is measured in particular with audio steganography, where the visible and transparent existence of a digital watermark or digital signature might help to increase the protection of the property and copyright [8]. Nevertheless, this study attempts to compare a few recently developed algorithms, along with various tools and digital media used for informationhiding, in order to provide an in-depth understanding about steganography. It will also analyze the existing steganographic algorithms in terms of their attributes (i.e. capacity, security, robustness, and transparency) to propose the most secure way of transmitting high capacity of hidden information with lowest risk of detection. Figure 1: Ancient use of Invisible Ink and Masking 4

12 CHAPTER2 OVERVIEW 2.1. Steganography vs. Cryptography Despite the differences between cryptography and steganography, however, each of these techniques is being used, separately or together, to increase the level of information security. One of the major distinctions between these two techniques is that cryptography allows for scrambling the information in a way that if intercepted or exposed by an intruder, it will be difficult or impossible to understand or decode. Yet, it will draw suspicion. On the other hand, steganography conceals the existence of the secret information entirely, and unlike cryptography, the conveyed information draws no suspicion at all [2][21]. This in fact, is one of the core benefits of steganography as opposed to cryptography, in which steganographic information will never draw any attention, while cryptographic messages arise suspicion, no matter how scrambled or unbreakable they are (Figure 2). "The intent of steganography is to conceal the presence of a message. The intent of encryption is to scramble a message so that it is indecipherable to all but the intended recipients." [3] 5

13 Figure 2: Steganography vs. Cryptography Bob Vessellinago Allee's private key &sa=x&ei=kj ATr rkyliialx WiAw&sqi=2&ved=OCCUQsAQ#hl=en&tbm=isch&sa=l&q=image+steganography&pbx=l&oq=image+steganography&aq=f&aqi=& aql-&gs sm-e&gs upi=oioioi10254ioioioioioioioioiioio&bav=on.2,or.r gc.r pw.. cf.osb&fp=c3ab5dld87a308a2&biw=1280&bih=709 For double protection, however, steganography and cryptography are used in conjunction, forming a hybrid technique, "Stego-Cryptography", to secure the information even further. "Both Steganography and Cryptography are excellent means by which to accomplish [information security] but neither technology alone is perfect and both can be broken. It is for this reason that most experts would suggest using both to add multiple layers of security." [4]. With the stego-cryptography method, first the message is encrypted and then hidden within a carrier, like an image file, so that if discovered the interceptor has to first find the suspicious file or information, which is a difficult task per se, and then decrypt it. Using cryptography and steganography together, as a hybrid stego-cryptographic system, the compressing of an image file will take much less space and reduce the size of the transmitting data. Applying compression and encryption in conjunction will also make the package look casual and far less suspicious than a normal steganographic message [ 4]. 6

14 In general, steganography is used for information security. It makes messages to appear as something else and impossible to detect with naked eye (Figure 3). Hidden images or covered text using invisible inks between the visible lines are just few examples among many steganographic applications. "Modern information hiding technology is an important branch of information security. The redundancy of digital media, as well as the characteristic of human visual system, makes it possible to hide messages." [5]. Hiding messages and conveying information securely over the Internet is one of the major intents of utilizing and optimizing the steganographic and cryptographic techniques. With the current technology trend and the growth of the World Wide Web, the main concern is to be able to communicate securely, conduct secure e commerce, as well as to prevent software piracy. To achieve such secrecy and efficiency in an open environment like the Internet, using cryptography alone may not be sufficient. Applying cryptography alone does not provide the 7

15 strong data secrecy that may be necessary for an open environment. Therefore steganography is employed- alone or in most cases in conjunction ' with cryptography- due to the lack of strengths in cryptography Types of Media Carriers In general, earners or cover-media used for steganography can be broken down to graphics, sound, text, and executables. Computer based steganography allows information to be concealed in digital media like digital images, video/audio files, texts, and transmission protocols (i.e. TCPIIP). Making some insignificant changes to some digital carriers allows for data hiding and secure transmission of information. Digital steganography may utilize any type of electronic interaction including coding inside a transport layer, digital text or image, vides/audio file, and programs. The hidden data can be embedded within these types of digital carriers by replacing them with the 'noise' or extra spaces that exist in these carriers. This so called 'noise' can be the very insignificant bits of colors in an image file that are not visible to human eyes, or very small echoes and sound delays within a audio file not detectable by human ears [6]. The process of hiding information adds some extra noise to the medium, which could draw attention. Therefore, the redundancy and randomness of data, and the amount of original existing noise in a digital media would help to prevent detection of the file containing 8

16 a hidden message. Moreover, the same medium or carrier can not be used repeatedly, because it may raise suspicions. Even using a similar cover medium may draw attention. So the carrier used for data hiding purposes must be selected cautiously. The ideal digital media files used for steganography are the large size containers, which contain a great amount of noise. For example, a black and white image with gray scale or a 24-bit scanned photograph is the best form of a carrier used for steganography. A sender may start by adjusting the color of each pixel that represents an image to match with selected alphabet-letters, which will later be decoded to a hidden message. Such subtle change prevents an interceptor to possibly notice the existence of the message. A digital text file is another type of digital carriers used for steganographic applications. This method is referred to as null cipher allowing a digital text file to be changed to include hidden information. Changing the space between lines and words within a text file allows hidden messages to be written and conveyed securely without attracting any suspicions. Web browsers usually ignore spaces, tabs, line breaks, or other characters written in HTML files. These ignored locations may be used to conceal secret information. Unused spaces on the hard-drive are also turned into locations for hiding secret data. The file-storage process of all operating systems usually results in extra space that might be reserved for the files, which in fact may or may not be used by the files. These free spaces may as well be utilized for data-hiding. 9

17 Transport protocols, like TCPIIP, are also used for conveying secret information. TCP/IP packets include headers with unused space, which might be manipulated to hide data. Changing the physical arrangement of a carrier itself will also provide a way to hide and convey information. The layout of the source code of a program, or an electronic circuit board may be rearranged and manipulated to hide secret messages [6] Storage Formats Storage formats relate to different ways of digital data being stored within various media formats. Different types of digital data are stored in different media formats. For instance, images are stored differently than audio signals. There are also several forms of storage formats within each category of digital data (e.g. image, audio, text, etc.) that are widely used for specific digital data types, like GIF format for storing images. They all provide certain advantages and disadvantages when used for steganography Imaging Storage Formats Many steganographic tools used for information hiding through digital images manipulate files with different storage formats like GIF, PNG, and JPEG. A GIF storage format (Graphics Interchange Format) can be used to 10

18 store images like Clip Art and drawings with very small color variations. This storage format allows for only 256 different color variations to be stored with.gif extension. This format is a bitmap describing digital images as binary bits indicating the color of each pixel. The images stored in this format are widely spread throughout the web without drawing any suspicious attention, and are generally recognized by every browser. The primary advantage of the GIF format is that it has a lossless compression. When decompressing a GIF image, the original digital image will be retrieved, as it was before compression. Such characteristics make the GIF storage format suitable for steganographic applications. S-Tools, GifShuffle, EzStego, Hide and Seek, and many other steganograhic applications use GIF images [2]. In contrast to the GIF storage format, JPEG (Joint Photographic Experts Group) allows for a variation of over 16 million different colors to be arranged with extensions.jpeg,.jpe and.jpg. A digital camera for example stores images as JPEG format. It is crucial however, that the file containing the hidden information is stored with the appropriate format. Because the hidden message may be lost during the decoding process using storage formats like JPEG. JPEG compression is a lossy process, and what is normally lost is the visually insignificant bit/s of the hidden message [2]. The PNG compression, on the other hand, is lossless and might be a safer choice for these purposes. A PNG ("ping"), stands for Portable Network Graphics, and is a more flexible type of a storage format used for information 11

19 hiding applications. From the application programming aspect, however, the formatting details and variations are not significant. Generating code in Java versions 1.4 and up for example allows for reading JPEGs, PNGs, and GIFs using the same objects, methods, and procedures [3] AudioNideo Storage Formats The process of storing secret information using audio/video files tends to be somewhat different compared to other media formats. Audio and video files are normally larger than image or other digital files. The process of encoding data in videos is very similar to the process of encoding data in images. The only difference between the video and image steganography, is the size of the media. Due to the fact that video files have larger amount of pixels representing a picture, it can contain greater amount of secret data bits. Although many steganographic applications take advantage of the number of colors stored in video/audio files, the size of these carriers make them inappropriate for certain type of media-distribution. BMP files, for instance, contain a huge range of colors, which in fact, is an astonishing advantage for information hiding in large amounts. But because of the large size of these files,. they are not suitable for distribution over some types of web media. From the steganographic standpoint, however, the compression and decompression process of these files may cause problems as well. 12

20 Audio signals, however, can also be stored separately as a sound file. There are various storage formats that can be used for audio signals, some of which provide lossless compression, as some others offer lossy. The difference between the lossless and lossy compressions is that once the audio file is decompressed some amount of data may be corrupted or lost. In case of steganography, the lost data may be the secret message bits. The more advanced lossless compression forms of audio storage formats include MPEG- 4 SLS, MPEG-4 ALS, and MPEG-4 DST. MP3, Vorbis, Musepack, AAC, and ATRAC are among the lossy types of compressions for audio files [17] Text Storage Formats A text message can not be presented with different appearance other than a text. Almost all algorithms for text steganography use a simple text file as the primary storage format for embedding secret information [11]. In addition to the simple text-formats, HTML documents can also be used as another storage format for transmitting secret information on the internet. The HTML tags are not case sensitive. This might be used to hide secret data-bits within a HTML file. Steganography takes advantage of the HTML case insensitivity to transmit secret messages by using different case sizes when generating HTML tags [11]. 13

21 TCPIIP Storage Formats There is, in fact, no storage formats for the network steganography other than the TCP/IP header fields that may be used as a carrier for hidden data. Not all TCP/IP header fields, though, can serve as a covert channel. In fact, only a few of them may be used for steganographic applications depending on the network, as well as on the operating systems used on the machines within a network [13]. In a passive network, for instance, a warden can not possibly distinguish between an unchanged TCP/IP header and a stegoheader field that contains secret data. These header fields can easily be detected in an actively secured network-environment. In addition, not all operating systems allow for TCP/IP header-field modifications. A few older versions of Linux operating systems include network policies that might be manipulated in order to modify certain TCP/IP header fields into stego-channels for secret messages [13] Processing There are different forms of digital data-processing depending on the type of the digital data. Although some of the widely used algorithms may seem similar, in some cases, the processing of various digital data-bits is different. Images are processed in different ways than audio signals and texts. Understanding various data-processing is, in particular, important for implementation of steganographic algorithms, because it provides the way of 14

22 how to manipulate vanous digital data 1n order to transmit secret information Image Processing The objective of using steganographic techniques is to convey a hidden message using a digital medium, known as a carrier or cover, without raising any suspicions. This technique allows for transmitting hidden information from one point to another using a simple digital image as a cover, like a camera picture or scanner image. Using a digital image as a cover or carrier is the most common type of medium used for steganographic applications. Computer based steganography allows information to be hidden inside an image, by making some insignificant changes to that image. These changes can be the actual hidden message being sent without any noticeable changes to the carrier or the original image. The hidden messages may be information about the carrier, like a digital watermark or fingerprint, or it can be a secret message sent for other purposes [6]. From the software engineering standpoint, however, a digital image is defined as an array of integers. This array represents the intensities of light at a specific point on a screen or image. Thus, the system of producing a digital image is based on a two dimensional coordinate-system with its origin at the upper-left corner of the digital image. The function of this coordinate 15

23 system can be defined as f(x,y) with its point of origin at f(o, 0). Assessing the value of this function for various points on an image is called sampling. Each sample represents the intensity of light at a single point on an image and is known as pixel. Every individual spot or pixel is addressable by calculating the value of the function f(x,y) on the coordinate system. The degree of resolution of an image, though, depends on the amount of pixels representing the image [2]. The more pixels representing an image, the better and higher resolution the image could have. This is called Dense Sampling. In contrast, Coarse Sampling is when there are fewer pixels representing an image, which results in low image-resolution (Figure 4). It is also important to note that the rate of change in the function f(x,y), referred to as spatial frequency, has a significant rule when speaking about image-resolution. Spatial frequency describes the ratio of the amount and location of pixels representing an image. Faster change in f(x,y) means fewer pixels representing an image, while slower change corresponds to more pixels that in turn provide higher resolution image [2]. a. b. 16

24 In addition to the indexing and addressing of each pixel, every pixel is also composed of a red, a green and a blue sub-pixel, known as RGB. The degree of the brightness of each sub-pixel (RGB) ranges from 0 to 255, which determines the color of each pixel on a display screen. When the sub-pixels of a RGB color model are set to 0, the color of the corresponding pixel will be black, and when they are set to 255, the corresponding pixel will be white. In between, a wide range of intensities can be assigned to each sub-pixel in order to set each pixel on a display screen to a different color. This wide range of colors is obtained by combining the RGB colors (the red, green and blue lights) in various amounts. The color gray for example is produced by setting the intensities of the RGB to equal values, like {120, 120, 120} for {red, green, blue}. Every sub-pixel in the RGB model requires eight bits (a byte) for its binary representation in order to determine the color of a screen-pixel [3]. The binary representation for colors ranging from 0 to 255 will be to Steganographic applications usually use the "least significant bit/s" LSB to hide secret informat~on. Using LSB, the color-change of resulting image (i.e. stego-image) is so insignificant and unnoticeable with human eyes. For instance, the RGB set consisting of {167, 248, 215} would never be distinguishable by human eyes from the set containing {165, 246, 213}. Steganographic applications take advantage of such human visual limitations to convey secret messages without being intercepted or detected (Figure 5). 17

25 The LSB method allows for changing the lowest bits of each sub-pixel in a RGB set to represent the ASCII value of a character. For instance, the ASCII value of the letter 'A' is 65, which has a binary representation of { }. In order to convey the letter 'A' using the LSB method, each bit respectively is replaced with the lowest-bit of the eight successive sub-pixels. This would form unnoticeable color changes of the three successive screen pixels containing the secret letter 'A' [3]. Figure 5: An image steganography system [3]. " {)l.l.i0~1. ~. 1001:1;1){)100:1:00 extracted Ol,OCHJ.l.:.tOO , massage :to:t:tol.:io:t:t., In general, each pixel is stored as either 8-bit (one byte) or 24-bit (three bytes) depending on the storage format of the image it represents [22]. A GIF file is based on an 8-bit storage format, which has a variation of only 256 different colors, ranging from 0 to 255. On the other hand, a JPEG has a 24- bit pixel pattern and provide 2A24 color combinations. That is over 16 million different color combinations. For example a pixel consists of three bytes , , , with each byte representing the sub-pixels red, green and blue respectively (the RGB). In some other patterns though, a 32-bit pixel pattern is used instead of 24-bit model, forming a so called RGBA 18

26 model with 'A' standing for Alpha channel. The extra byte representing the level of transparency is also ranging from 0 to 255, from complete transparency to complete opaque [3] Audio Processing Using a digital sound recording as a cover to hide messages is also common in steganography. Digital based steganography allows information to be hidden inside audio files by making small changes to the bits that store a digital audio. Similar to the digital images, audio files can also be processed with various steganographic techniques to convey secret information. Like images, digital audio are stored as an array of integers. But this time, the array represents the bits of a digital sound captured by a microphone. A sound file consists of set of binary bits (eight bits form one byte). A losec. audio contains more than 60k bytes of data [6] [8]. Sound is a form of waves. It is produced by repetitive variations measured in time, which are caused by pressures or vibrations passing through air, water or any object, but not in a vacuum. Sound is also composed of a wide range of frequencies with different perceptions among different species. These frequencies for humans are in the range of 20 Hz to 20 khz. Both the lower and the upper limits, though, may vary by age. Beyond these frequencies are infrasound, acoustic and ultrasound, which can not be perceived by humans 19

27 (Figure 6). Taking advantage of these human hearing limitations, audio steganographic applications hide and transmit secret information from one end to another. Figure : lawl --- I a=-llllllrii:... IIE.. a;zl ~-'' -~10, -=~-, rnrrasaood Acouslc range diagram.svg However, the data capacity of an audio file for embedding secret information is much lower than the capacity of other digital media, like a twodimensional video files. Therefore, it may only be used for brief secret messages such as digital watermarking. Digital watermarking is an alternative method used for protection of intellectual property rights. It is a process of inserting information into an audio signal used as a signature proving the ownership of a work or an artifact. The digital watermark, also known as digital signature, contains information used in different areas, like digital rights and broadcast monitoring. While watermarking does not necessarily attempt to conceal the existence of the secret data from a third party, it requires further robustness against malicious removal of the encoded message from the carrier medium. In addition, the rate of malicious attacks against audio watermarking is much less than those against the image watermarking methods. 20

28 Text Processing Unlike other types of carrier media, a text file has a structure similar to its look. A text message cannot be presented with different appearance other than a text, while other media types have structures much different than their perceptions, which in fact, make the entire process of hiding information much easier than text files. "Text steganography is the most difficult kind of steganography because there is no redundant information in a text file as compared with a picture or a sound file." [9] The preference of using text documents for steganographic applications, though, is due to the fact that they have much smaller size compared to other carrier media. This attribute, along with the simplicity of text documents make them more attractive for steganographic applications over the Internet TCPIIP Processing Network steganography includes communication protocols like TCPIIP, UDP, ICMP and other protocols. TCPIIP, as another form of steganography, provides a way for transmitting secret messages from one end to another. Using this type of steganography allows for large amounts of secret information to be transmitted within a network or from one network to another. A capacity of 60 bits per package is provided by manipulating TCPIIP header fields to embed secret information. In a network with heavy 21

29 traffic, this can be a great capacity for transmitting secret data. This form of steganography, however, can be used depending on the structure or the type of a network [13]. There are usually two types of security measures against suspicious files or packages within a certain network; passive and active. The passive form is implemented to detect suspicious files or packages within the network, but there is no attempt for removing the suspicious packages in this model. In an active model, on the other hand, the entire traffic might be modified regardless of any existing suspicious packages within the network. This traffic-modification is performed through a filtering process that may vary from one network to another. It might be performed periodically, on a random-package base, or through other approaches. The active model might not be feasible for some networks, however, despite its optimized security measures against steganographic TCPIIP-packages. This is due to the fact that an active model adds extra filtering process into the network in order to find and remove the suspicious TCPIIP-packages, which can cause systemlatency and may slow down the entire traffic within the network [12][13]. Thus, a TCPIIP steganography model can not easily transmit secret information without being detected, unless the type of the network along with its security measures are taken to account and analyzed. 22

30 CHAPTERS ALGORITHMS 3.1. Imaging Algorithms There can be three important characteristics describing the imaging steganographic algorithms. The first characteristic is capacity, which refers to the amount of data that can be inserted into a carrier medium without producing perceptible distortion. The second characteristic is security that relates to capabilities of a stego-algorithm preventing an intruder to easily find the secret information. And finally the third characteristic is robustness, which evaluates the capability of the stego-file to stand against a deliberate or accidental attack. There are, however, different algorithms and methods to accomplish the process of image steganography. One way is to replace the bits of a character with eight successive sub-pixels and leave the remaining sub-pixel unchanged. In other words, conveying one character per three pixels, with three RGB sub-pixels for each pixel in a digital image. A different algorithm inserts the first bit of a character right after the last bit of the previous character. It uses the remaining sub-pixels to insert the first bit/s of the next character. A more complex algorithm allows for inserting the bit/s anywhere within a cover image, and not necessarily starting at the pixels in the first row and' column of the cover image. Although this may not be a simple task, it could reduce the perceptible distortion of the original image. Such methods 23

31 are used for the purpose of minimizing the changes to the cover image and attempt to store the message in a way that makes it hard to detect. They store information either randomly or use only one bit (the lowest bit) of each sub-pixel. A different method, though, is to replace more than one bit allowing for more hidden information to be conveyed. There are also methods involving use of private keys in order to increase the level of secrecy. Among various algorithms used for image steganography, the LSB method is the most common method and very easy to implement. Other methods like Color Cycle, Random bits, and Fredrich method might be more complex and difficult to implement, but they provide higher level of secrecy or capacity for transmitting secret information [2]. These algorithms can be used either separately or in conjunction with other methods to render an optimal solution for image steganography LSB Steganography This method works in a way that a cover image is changed by replacing one bit of each sub-pixel that forming up the pixels representing the Image. For this method in a RGB model, usually the least significant bit, LSB, is used to be replaced. Hide and Seek, for example, uses GIF files and replaces the LSB of every pixel representing the image. But other tools use the LSB of each sub-pixel in every pixel of images with 24-bit storage formats [2]. Using this 24

32 method the integer value of the sub-pixel is changed only by one. This will change the original color of the sub-pixel very insignificantly and unnoticeable, and has no effects on the appearance of the original image. One of the limitations for using this method, however, is the number of pixels representing the image that is used as a cover. The smaller the image and the fewer pixels representing the image, the less amount of information can be hidden inside the carrier without causing any perceptible distortions to the original image. Another limitation is that the cover image used in this process should have a maximum of a 128 color palette, since for each existing color presented within the color-palette of an image one new color will be formed for hiding the information. The existing and newly formed colors will together result in 256 color combinations, which is the maximum for an 8-bit storage format. As a simplest illustration of the one-bit LSB method using a 24-bit storage format, supposing that three adjacent pixels have RGB sub-pixels: In order to hide 8 bits of data ( ) would look like: Q Q Note that the hidden 8 bits only changed four of the RGB sub-pixels. This means that less than 50% of the colors being changed with the last sub-pixel 25

33 (ninth byte) left unused [24]. Figure 7 shows a simple LSB plane. The left picture indicates a grayscale image with the most significant bits, MSB, on the top, and the least significant bits, LSB, on the bottom. The dark boxes represent Os and the. light boxes represent the ls, which together represent the binary values of the pixels. The top-right figure is the LSB plane of the cover image that is replaced with the hidden data-bits; the middle plane, which generates the LSB plane of the stego-image. The bottom-right map represents the differences between the LSB of the cover image and the stego-image. The circles on the map represent the modified bits. In average, 50 percent of the bits in the LSB plane need to be flipped in order to hide the secret bits within the LSB plane, and creating a stego-image that is visually identical to the cover image [25]. Figure 7: A simple LSB plane [25]. Most significant bit (MSB) plane Least significant bit (LSB) plane 26

34 There are, however, other methods using more than one bit of the LSBs when conveying hidden information. A two-bit method for instance, also works like the previous process, but this time the two LSBs of each RGB sub-pixel will be changed. Although, more information can be conveyed using this method, the limitations will be narrowed down to prevent noticeable alterations to the original image. That is the cover image used for this method should have a color palette of only 64 or less, which allows the formation of three new colors for each existing one inside the color-palette [2]; a maximum of 192 new colors that together will make up to 256 color combinations. For a three bits steganography method, three LSBs of each RGB sub-pixels are used to replace hidden messages. The images used here, though, should only have 32 color palette allowing 224 new colors to be formed for the message. Much more information can be conveyed using this method, but the level of image distortion would be higher than the previous two methods. The limit of using bit insertion methods will actually reach its maximum when using four bits of each RGB sub-pixel. A four bits insertion method would allow for the smallest possible color palette of an image (i.e. 16 colors) [2]. While this method allows for high amount of data being conveyed secretly, it makes the distortion level of the image to reach its capacity. The four bit insertion method (Stego-4bits) is vulnerable to all form of inspection or steganalytic method [2]. Table 1 summarizes some of the vulnerability ratings in LSB encoding. 27

35 Table 1 Summary of the Ratings [2] Pattern Analysis of the Bits Visual Inspection of the Image Detailed Visual Inspection of the Image Pixels 28

36 Color Cycle Steganography Using color cycle method can make the detection of the concealed information far more difficult. Instead of using the LSB of each RGB sub-pixel respectively, the hidden bits can be inserted cycling the RGB sub-pixels. The order of the RGB bits, as its name suggests, is red bits, green bits and blue bits. Now, instead of inserting the hidden bits in this order, the RGB colors can be cycled. The first bit of the secret message, for instance, is replaced with the LSB of the blue sub-pixel, the second bit with the LSB of the red, and the third bit with the LSB of the green. The next message bits start again using the LSB of the blue and so on [2]. The alpha bits are usually skipped, because changing them will make the file suspicious. In general, the value of the alpha byte is 255 (complete opaque). Any changes to this value will draw suspicions, despite the fact that some images may use different level of transparency [2] Random Bits Steganography Using this method, the message bits can be inserted into random RGB subpixels anywhere inside an image. This is accomplished by the using a random number generator specifying which pixel should store the secret bits. This method uses the discrete cosine transform, DCT, coefficients in order to randomly locate pixels within an image. The least significant bits (LSBs) of 29

37 the located DCT coefficient (independent pixel) are then replaced with the secret message bits. Conveying secret messages this way adds a great amount of security and makes the messages very hard to detect. A PRNG distributes the message bits all over an image. Hide and Seek also works in a way that the message bits are stored randomly detached from one another, resulting the noise to be randomly distributed throughout the image as well [2]. Generally, using this method, the message bits are not stored in order by replacing the LSB of each RGB sub-pixel. Therefore, even if the image file is detected, the hidden message can not possibly be restored, as the attacker has no idea of where the bits are inserted. The intended receiver of the message, in this case though, should have a private key specifying the locations of the hidden bits among all sub-pixels in the cover image. Without this private key the hidden message can never be retrieved [2] [3] Fridrich Method This method works in a way that the message bits are inserted by first comparing and then replacing them with the closest existing colors in the color palette of an image. In order to insert a message bit, the entire color palette is searched until it finds the desired parity bit. That will be the closest color bits to the message bits. Using this method, EZStego, allows avoiding significant changes to the color palette of an image, like the previous 30

38 methods, which could signal for a hidden message. Some would also argue that using EzStego could reduce the level of distortion to the original image about four times [2] Audio Algorithms Like the image steganography, there are three important characteristics describing the audio steganographic algorithms: transparency, capacity and robustness. Transparency measures the amount of perceptible distortion of an audio signal after embedding secret information. One of the major tasks of an audio algorithm is to preserve the similarity between the original signal and the stego-audio signal. Therefore the audible distortion produced by the embedding data in an audio file must be within the outer limits of the human hearing system. Capacity refers to the amount of data that can be inserted into a earner medium without producing perceptible distortion. With regards to audio signals, capacity usually measures the bit-rate in time of the embedding message. For instance, a digital broadcasting watermark that should be represented at the beginning of the signal has a bit rate of around 15 bps. Using the LSB method with only one bit substitution in an audio signal provides 44.1 kbps of capacity [6][7]. Robustness evaluates the capability of the stego-file to stand against a 31

39 deliberate or accidental attack. Deliberate attacks by an intruder may include rescaling, resizing, filtering, etc. and accidental attacks include lossy compression, re-sampling, and so on. There are also different forms of attacks. Attacks to reveal the secret data and attacks to destroy the information. A good example of a robust method, though, is the spread spectrum method in audio steganography, although its capacity is much lower (in the 4 bps range) than the LSB technique [7]. As for the image processing, however, there are various algorithms used for audio processing. Other than the least significant bit (LSB) and the spread spectrum methods mentioned above, they include parity coding, phase coding, tone insertion, and echo hiding. Some of these methods offer higher capacity as others provide better robustness. They all offer advantages and disadvantages. For instance, the formats of the audio file can be restricted in some of these techniques, as others limit the message-length to 500 characters. Some have lack of encryption/decryption key, as others have timeconsuming process of encoding/decoding LSB Coding Like the image processing method, the least significant bit (LSB) is one of the simplest ways of embedding secret data-bits into an audio file. The simplest way of using LSB coding is to start at the first sample-bits (first 16 bits) of 32

40 the audio file and proceed to next samples respectively, inserting the secret message bits until it is completed and leave the rest of the file without any change. The only problem with this method is that the modified part and the unchanged part of the audio file would have a different statistical property, which in fact, can draw attention. A more efficient way of processing audio files with LSB coding is that the secret message can be randomly inserted into the samples and be spread all over the audio file. In this approach, the receiver should have a secret key indicating the samples used for the secret message [2]. Two or more LSBs can also be used in order to hide more amount of secret information in a 16 bit CD. But, as more original bits are replaced with the secret message-bits, more noise will be added to the audio file. Thus, as this method helps to increase the amount of information being hidden, it will also increase the amount of noise in the file. In general, one of the disadvantages of using the LSB methods is the amount of noise produced by these techniques. The sensitivity of the human ear may often cause to the detection of the slightest noise within an audio file, which is normally produced by using the LSB methods. Another disadvantage of this method is that when the cover sound file is re-sampled the secret message may be lost [2]. Figure 8 demonstrates the message 'HEY' being embedded using a 16-bit sample CD with the simple LSB method. 33

41 Figure 8: message HEY being embedded. "HEY"' In Sample~ Audia Stream f:16-blt:) binary Audio stream w/ rne.saage encoded 1 a o i o 1 a o o 1 o o 1 o o n a 1 o 1 a 1 o i : Q Q B D 0 ~ "' 1 i i ~ o a o o o o 1 :1. :1. o 1 o :1. 1 o I) D ~ I ~ o o o o o 1 a 1 o i n 1 o ~ 1 n o o a 1 i o o 1 o i o 1 a 1 o l ~ 0 1 Ot.l1llJ i i (I.l () i) i () I) " "' Q (J :t 0! ll 1. 0 j_ '1010 D 1 Q tl 1 4l G 1 Q 1 (): i i. 1 D 1 0 :1. 0: i i ~ 0 ~ 1 Q Q 1 i : : i i 0 0 Q ~ G 1 I U a G 0 ~ ~ G ~ i ~ 1 ~ 1 ~ ~ 0 ~ 0 0 ~ i) i i i i ~ Q 0 0 tj o t11u1.0 :[ 1 i 1 0 : {) () () 1 1 Q () Q 1 ~ i) i) 1 0 i 0 l i) i) i) i i) 1 Q i ~ ~ ~ ~ ~ I o 1 o n 1. o 1 a t. o 1 o 1 o Q 1 c l 1 1 ~ ~ j_ I B i Q i ~ o 1 o 1 a J 1 1 o o 0 i i 1 i i) G i ~ 1 0 i ~ LSB column EAS As mentioned earlier, not all audio file formats can be used for audio steganography. A recently proposed method, however, called Enhanced Audio Steganography (EAS), claims that is able to hide information in an audio file of any format. This method adds four extra layers to the encoding and decoding process of the audio steganography; Encoding, Decoding, Encryption, Decryption. The encoding process includes the hiding of the secret data-bits within an audio file. The process first checks for the validity of the data received before inserting the secret bits into every consecutive LSB. It also encrypts the message with a public key. The encoded file then 34

42 goes through decoding and decryption process in order to retrieve the hidden message (Figure 9). Figure 9 Decoding: The encryption process generates a key containing a set of characters. Every character is then converted to its ASCII value. With use of the XOR logical operation on the sum of these values, a bit pattern is formed, which will be added to each character of the message. In the decryption process, though, the key is applied to the consecutive bytes to retrieve each character. 35

43 Parity Coding The parity coding approach splits the sound bits into separate regions. These regions contain the samples or bits of the original audio signals. Using this method, the secret bits of a message will be inserted into a region of samples based on their parity bits. If there is no match between the message bits and the sample-region, the LSB of one of the samples within that region will be changed. Figure 10 illustrates the first three bits of the message 'HEY' being embedded with parity coding approach [19]. Figure 10 Original Signal 1. p3 ~ rn3 Message bill: n.:l: 0 Region's parity bit p1: :1. 1. Flip t:he LSS of one of' I: he,,,., m pies In the reg ion. 2. p1 - n>.! Message biio n>2: 1. Region's parlt:y bit p2: :1 1. p2 - m2 For extracting the secret message, again, the receiver should have a secret key in order to line up the parity bits of the same regions used for encoding the 36

44 message bits. Despite the attempts of reducing the perceptible nmse, however, the parity coding approach, like the LSB method, also produces some amount of noise within the sound file, which may be detectable by human ear. Both techniques also share the same disadvantage of being lossy when the audio file containing the secret message is re-sampled Phase Coding Unlike the prevwus two methods (i.e. LSB and parity coding), the phase coding technique resolves the noise producing issue in the audio files. In fact, the phase components of an audio file are not as audible as its noise. This method uses the phase spectrum in a digital sound-signal to embed the secret data bits, instead of using the original signal bits (Figure 11). This allows for encoding inaudible secret messages. Figure 11 t: Original signal Encoded sl gna I http;// 37

45 Normally, the original signal is divided into small portions that equal the lengths of the encoding information. A matrix is created by applying a Discrete Fourier Transform (DFT) to every signal-portion. This matrix represents the phases and the DFT magnitudes. The phase-variations between the neighboring signal-portions are evaluated. Any phase shift between two successive signal segments may be easily noticed. Thus, a segment's phase may only be changed relative to the phase of its adjacent segment. In this method, a secret message is only encoded in the first signal portion: :Jr/2 phase new= - {-:Jr/2 if message bit= 0 if message bit = 1 Another matrix is formed by the new phase and the original phase differences. Using both matrices and applying reverse DFT, the audio signal will be reconstructed and put back together. The receiver, however, should know the length of the segments, as well as use the DFT to retrieve the message. The only disadvantage of using this method is the amount of secret information being allowed to convey. The amount of information transmitted is restricted to a certain length, because of the fact that the transmitting information can only be hidden in the first segment of the audio signals. Thus, only a very small amount of data that can contain brief information, like 38

46 watermarking or digital signature, may be concealed and conveyed through this method. Although, this may be resolved by increasing the length of the first segment, a drastic change between phases may result in easier detection of the file Spread Spectrum This method is used to spread secret information all over the signal spectrum of an audio file. Unlike the LSB method that spreads the bits of a secret message across the audio file, the spread spectrum method uses the frequency spectrum of an audio file, and attempts to spread a secret message all over the frequency spectrum. This method, normally, substitutes a code for the actual audio signal resulting to excess bandwidth, which can be used for conveying secret inform,ation. Like the previous methods, this method also produces noise within an audio file. There are two different versions of this method. The direct-sequence, in which a constant rate is used to spread and modulate the secret information, and the frequency-hopping scheme, in which the frequency spectrum is manipulated in order to hop rapidly from one frequency to another. The following system (Figure 12) is the direct-sequence version of the spread spectrum method used for digital watermarking. 39

47 Figure 12: direct-se ectrum method 1 En cry ptl on The secret message Is encrypted using a symmetr1c key,. k The encrypted messa-ge Is encoded usjng a low-rate error-ccrrec1:jing coda. This st:ep Increases t:he overall robustness of" t:he system The encoded n1essage Is then rnodulat:e:.d with a pseudorandom signal t:hat: w as: gen.erat:ed using a second syll'lmetrtc key, k2# as a seed The resulting random :slg nal t:hat cantajns the message is Interleaved wilt:h t:he cover-signa The final signal Is qua nt:lzed ta create a new d lg Ita I audio file that: contains the message. 6.. This process Is reversed "for message ex-t::ractlon Tone Insertion Similar to the spread spectrum method, which uses different frequencies to hide secret messages, the tone insertion method uses the spectrogram of an audio signal to obscure secret information by putting different tones together. This method provides the secure embedding mechanism in the stego-signal of an audio file, and makes the detection of the transmitting information very difficult. Human auditory system suffers from a so called psychoacousticalmasking phenomenon. This phenomenon causes the weak tones of an audio 40

48 signal to be imperceptible by the human ear when accompanying a strong tone [8]. In other words, a low-frequency signal can not be perceived by a human ear if it is located at the same neighborhood of a high-frequency signal. In fact, pure low-frequency tones are not perceptible on their own. They are normally masked by other noise if they occur within the vital areas of a signal. Taking advantage of the psychoacoustical-masking phenomenon, audio steganographic applications may use various accompanying tones in the same temporal area of an audio signal to conceal and transmit secret information [8]. An experiment indicates that two different tones with frequencies ro and f1 are created in order to insert the secret bits of 0 and 1. The original audio will be broken into 16ms portions. For each frame in the original audio, the frequency level of a frame is computed with only one secret data-bit inserted into that frame. When the secret bit is 1, the f1 is set to 0.25% of the frequency level, and ill is set to for the fl. If the secret bit is 0, the ill is set to 0.25% for that frame and f1 is set to for the ill. In other words, this experiment indicates that the concurrent positioning of the low and high frequency tones prevent one or both of them from hearing detection [8]. In order to further increase the data transmission capacity, another experiment used four tones to insert two secret bits in every audio frame with 50 percent of successive frame overlap. The imperceptibility and the data 41

49 regeneration from the stego-file was a success, and made this method being utilized in a secret battlefield communication [8]. "... the utterance, "seven one" spoken by a male speaker, was used as the covert message. This utterance was represented in the Global System for Mobile communication half-rate (GSM 06.20) coding scheme resulting in a compact form of 2800 bits. Two TIMIT utterances- "Thus technical efficiency is achieved at the expense of actual experience" and "His captain was thin and haggard and his beautiful boots were worn and shabby" - each with 16 bit samples and 16,000 samples/s) were concatenated to accommodate the large covert information size. With two bits inserted in each host frame of 256 samples, only the first 1400 overlapped frames out of a total of 1542 were used for embedding all the covert message bits. This gives an embedding capacity of 2800 bits in s, or bits/s." [8]. Using tone insertion method, along with use of a 4-bit data insertion into each audio frame to set the tones would protect the secret information from malicious intruders Echo Hiding Using the echo hiding method, the secret information can be inserted into an audio file by producing echoes in the original signals. This method uses the three parameters of a signal's echo including amplitude, decay rate, and delay time. This algorithm sets the echo parameters below the human hearing 42

50 threshold to prevent detection. The delay time (i.e. the offset) is used to set the binary value of the secret message. Each echo of the original signal can only contain one bit of information (Figure 13). Figure 13 Sample ~~ Sample echo I binary zero offset t binary one offset ww.snotmonkey.com/work/school/405/methods.html#lsb The process of encoding the message 'HEY' with use of the echo hiding method is shown below (Figure 14). First the original signal will be broken into blocks. Each block then is set to 1 or 0 to represent the secret message. An algorithm is used to embed each block. Those blocks will later be put back together to produce the stego-audio signal as the final audio file [8]. Figure

51 This method, however, may result in signals with noticeable mix of echoes that can be detected. To address this issue, two sets of signals are created from the original signal blocks. One set is created for the binary zero of the offset containing only the zeros, and another is created for the binary one of the offset that contains only the ones. Both echoes are then combined by using two mixer signals for ones and zeros that are later multiplied by their mixers to create the final signals. Due to the fact that both mixer echoes are complements of each other, they produce smoother transitions between echoes. The message 'HEY', would have the following mixer signals (Figure 15). Figure 15 0 i 0 0 i t t :1--v--v..... v ~zeron mixer signal ~ one" mixer signal The receiver should break up the signal into the same blocks, as well as apply the function used for encoding the echoes in order to retrieve the message. 44

52 3.3. Texting Algorithms Almost all the algorithms used for the text steganography hide the secret information without changing the appearance of the actual text. They basically try to change the invisible characteristics of the text. Text files have many characteristics and attributes imperceptible by naked eye, which can be used for steganographic purposes. These attributes can be used separately or together in a particular algorithm. The number of these attributes and characteristics used in various methods is so large, that there is almost no chance of keeping track of every single one of them. The attempt of tracking every single steganographic algorithm on the web is an impossible task, and waste of resources for uncertain results. The most popular and efficient algorithms used in text steganography include Particular Characters in Words, HTML Documents, Line and Word Shifting, Abbreviations and Spaces, Semantic and Character Feature, and Font and Color change methods Particular Characters in Words This method uses certain characters or words within a text document in order to hide secret information. There is a range of simple and complex algorithms for implementing this method. The simplest algorithm selects the first word of each paragraph within the text file to hide the secret information. These 45

53 words are put together by the recipient to reconstruct the hidden message. Another simple algorithm works in a way that the first character of the first word of each paragraph is selected for hiding the information. The recipient has to place all of these characters together in order to retrieve the hidden message. An advanced algorithm selects the first character of each word within the text document, and yet a more complex method uses the first character of the first word, the second character of the second word, the third character of the third word, etc. to hide the secret message [10] HTML Documents This method uses the HTML tags to hide secret messages. Because of the fact that the HTML tags are case insensitive, the secret bits can be hidden in these files with various case sizes. For instance, <p align="center">, <p ALIGN ="CENTER">, <p align="center"> and <p AliGn="center">, are all the same in a HTML file. The secret message is hidden in the differential of these tags and their default cases in a HTML file. So to retrieve the secret information, the recipient must compare all of these tags with their normalcase words. In order to increase the security of this method, however, letters covering the hidden data-bits can be selected in way to minimize detection risk. Like selecting a letter that is arbitrarily altered in most HTML tags [10]. 46

54 Line and Word Shifting This method hides the secret information m the vertical and horizontal spaces between lines and words within a text file. By increasing the vertical distance between lines and horizontal distance among words some free space are created that can be used for hiding secret messages. One of the problems with this method, however, is that the hidden secret message can be lost, if the document is electronically revised or rewritten [10] Abbreviations and Spaces These methods are used when only a relatively small amount of information needs to be hidden. They do not support high capacity data hiding. A text file with several kilobytes can only contain few bits of secret data. Space steganography adds extra white space among the words or lines in a text document to cover a secret message. It provides high security for the hidden data, and prevents an intruder from easily accessing the hidden information. However, in addition to its low capacity, this method has also a low robustness. Some electronic text editors can be used to remove the extra white space within the carrier text-file [10]. In the traditional abbreviation method, using a carrier text, all words with abbreviated forms within the English language are listed. Then, for hiding bit 0, the non-abbreviated form of the word is used, and for hiding bit 1, the 47

55 abbreviated form of the word is used within the text. To extract the covert message, the recipient must list all abbreviated and non-abbreviated to form the Os and ls that make up the secret message. Like the space steganography method, the data capacity of this method is pretty low. Only few bits of secret data can be hidden in a text containing several kilobytes of data. The use of SMS communications in recent years has led to the development of a new abbreviation method of staganography. The short message service (SMS) provided by many recent cell-phone applications allows for exchange of information and brief communication via cell-phones. But, because of the fact that the SlVIS provides a very limited size of information-exchange, and insufficient typing speed on a cell-phone, a new abbreviation method and language has been developed and advanced, which is widely used as a new language, SMS-texting, among individuals of any age. For Instance, typing "loq" means "Thank You" in SMS language or "218" stands for "Too Late", "ZZZZZ" for "Sleepy", and so on. Taking advantage of the recent trends in communication development, the new abbreviation method has created a new way of hiding and transmitting secret information using the SMS-texting language. This method uses the abbreviation of the words, which already exist in the English language, in conjunction with the newly developed SMS abbreviation language to hide and transmit secret information. Using this technique draws no attention, due to the fact that SMS abbreviation language is used currently by a large number of people world-wide, and that 48

56 the cost of communication v1a SMS is extremely low [9]. This method, however, can not contain large quantities of secret data, because SMS, in general, was created for only short information exchange. "... the length of the [SMS] exchanged message is 160 characters at most, which are saved in 140 bytes depending on how information is saved..." [9] Semantic and Character Feature Methods The semantic technique replaces certain words with their synonyms to hide secret messages. Although, this approach may change the meaning of the original text, but unlike the previous methods, it protects the secret data from being lost or untraceable by electronic rewriting and revisions. [2]. Character Feature method changes the features of a letter or character. By manipulating the most significant bits (MSB) of a character a secret data-bit can be inserted into a text document. For instance, stretching the end part of a letter can allocate a tiny space for hiding secret bits within a text file. This method allows for high capacity data-hiding. A large amount of secret information can be hidden within a text file without raising any attention [10]. 49

57 Arabic & Persian Letter Method This is a special character method recently developed based on the Arabic and Persian alphabet-letters. This system uses the letters that inherently contain points within the Arabic or Persian alphabet. English alphabet contains only two letters with points, lowercase "i" and "j", while Arabic alphabet has 15 letters with points: w ~ c:;: t c:;: j j c.}l ~ ~ t u J 0 '-? Using these Arabic pointed letters provide a new scheme for steganography and information security as Shirali Shahreza claims in his paper "New approach to Persian/Arabic text steganography" [9] Font-Size Change Method This method changes the font size of each character within a text document to build a phony message to contain a real one. This scheme works based on the selected font-size and a differential factor. "[Assume that] X1 is the selected font size and X2 is the selected font size plus the differential factor. Bit 0 is represented by the occurrence of the character whose size is XL Bit 1 is represented by the occurrence of the character whose size is X2. Mter we hide the real message in the fake message, the rest of the fake message characters will be sized as Xl."[11]. This method uses 4 bytes (32 bits) for storing the font s1ze, which are embedded as the first 32 letters of the fake message (Figure 16). So the first 50

58 32 bits of the message are particularly significant, even if invisible letters, like white-spaces, are used to represent the font size. Plain Te.xt [REAL MESSAGE] abc d... l l... Figure 16 l Encrypted Text liide one bit o ~~~~di~;o!!!!!!. KEY [Generated By Passwoni] abc d... x_o_r_... I +-- moof.no1. _j t~~~~5! :gle attribute Fake Text [SuiJPiied By User] "Ltsteganogn'IJlhyic: Mode I 2Text Steganography2.aspx It is necessary, however, to decrypt the message before transmission to assure that the calculated size (i.e. the X2 size) applies to the font, because of the fact that different fonts support different sizes, and same size does not apply to all fonts. For retrieving the secret information, the recipient must have the font size used in the encryption process Color Change Method This is a safer method to use compare to the. previous technique. This method changes the color of the characters in the fake text. "[Assume that] Xl is the selected color and X2 is the program's calculated color. The program will 51

59 search to find the nearest color for which it is impossible to recognize the difference with naked eye. Bit 0 is represented by the occurrence of the character whose color is Xl. Bit 1 is represented by the occurrence of the character whose color is X2. The recipient must know which color you have chosen for decryption. Mter we hide the real message in the fake message, the rest of the fake message characters will be colored as Xl."[ll]. Certain letters, however, can not be used for these formulas, because some letters are used to stop the generation of the message. For instance, 'I 'can be used as a sign of end of message. Now, a messages like "I\ \I\ \ \I\ I\ \ \ \ \ I \ /'',which can also be converted to bits and bytes may be used to add extra layer of steganography, making a "doubled steganography"[ll] TCP/IP Algorithms TCPIIP staganography techniques can be used to create a secret channel. Some methods can be easily implemented to convey secret data within a network or form one network to another. There are algorithms using TCPIIP headers to embed secret information, which may be easy to implement, but also easily detected. Using TCP/IP header fields for steganography may draw attention in most networks, especially in a secure and active-warden network, although, some may believe that TCPIIP header fields are randomly filled and can be easily used to embed secret data-bits. TCPIIP heard fields, 52

60 such as IP identifier, TCP initial sequence number (ISN), or TCP timestamp are structured with no uniformity, which are efficiently and reliably used to control the flow of the traffic within a network. These fields are not filled randomly and can not be discreetly modified. They are very different from a meaningless cipher-text that can be modified without drawing any attention. Some previous TCPIIP algorithms do not take this into account. On the other hand, there are some sophisticated algorithms implemented based on an operating system that can transmit hidden data with the use of a secret key. Each operating system, however, contains its own well defined attributes and algorithms for generating TCPIIP header fields, which can be used to detect irregularities caused by steganography TCPIIP Header Fields Using the IP checksum to transmit secret information is one of the common ways of network steganography. In fact, this method may be applied to any protocol like TCP, IP, UDP, ICMP that are normally using the internet checksum. Using the IP checksum is the most common, because of the fact that once a package passes through each gateway or router on its path, the TTL will be decremented and its checksum is recalculated. To reconstruct the message, the receiver should insert the original TTL back, and then calculate the sum in the normal way [12]. 53

61 IP Identification field, as one of the IP header fields, takes 16 bits to identify the value set by the sender. This value is uniquely assigned to fragments of different packages and varies from one packet to another. This ID field helps to collect the distinguished fragments of the transmitting data, and it is unique within a certain time interval in order to prevent the fragments of different packages being reassembled into one package at the receiving host. It also has unpredictability to prevent idle scanning, so that an intruder can not easily scan the port of a host without sending a package directly. One of the limitations of using the IP identification field is its uniqueness. This field is assigned with a source-destination pair for the period of having a live datagram online (on the Internet). Even though the ID field is used for steganography by generating a pseudorandom sequence to modify it randomly, it may be easily detected, due to the fact that this field is not filled randomly [13]. Type of Service (ToS) is also one of the header fields in the TCPIIP header structure. This field takes eight bits to represent the quality of service on a packet's path to the routers. These bits can be used for steganography, because they are rarely used, especially by non-active model networks. In an active model network, however, they can easily be detected and removed. This is due fact that the value of this field is zero by default in most operating system configurations [13]. 54

62 IP Flags field can also be used to insert secret data bits. This field represents two flags each with one bit. Do Not Fragment (DF) and More Fragments (MF). The DF flag indicate that if a package does not have fragmentation, it should be discarded without being transmitted. The MF flag indicates that the traveling fragment is the last fragment of the package or that the package has not been fragmented. This is done by setting the MF bit to zero. The DF bit can be used for steganography if it does not affect the package context, like when the package is smaller than its maximum size. Otherwise, it may be detected, especially in an active model network [13]. Figure 17 IP g Version I IHL I Type of Service Total Length Identification Flays I Pmyment Offset Time to Live I Protocol Header Checksum Source Address Destination Address Opt-ions I Padding I arxiv. orq/ftp/cs/papers/0602/ pdf IP Fragment Offset is the value of each fragment of a certain package, allowing the receiving host to rebuild the package in the correct order (Figure 17). Like the previous methods, this method of steganography to embed secret data can easily be detected. Other TCPIIP header fields like IP Options, TCP Sequence Number (TSN), TCP Timestamp, TCP initial sequence number (ISN), and Packet Order can also be used to hide secret bits of information. But like the previous TCPIIP header fields, they all can easily 55

63 be detected, especially within an active model network. In addition to their easy perceptibility, some of these fields also face different problems. The IP Option header field, for instance, has a far-traveling issue. It can only travel 20 hops within a wide open network such as the Internet. In most cases, this does not allow the information to travel far enough to reach its destination. As another example, even in a passive model network, secret data within the IP ID and TCP ISN fields can be detected by using Support Vector Machine (SVM). SVM can detect simple features. It is a machine technique designed to automatically detect unknown simple features. Using IP IDs and TCP ISNs for covert information can generate inconsistency with the original algorithms of the TCPIIP fields and their interdependencies defined by the operating systems. SVM is designed to identify such covert TCPs, even in a passive model network. Thus, almost all TCPIIP header fields provide inadequate and unsecure methods that can not be efficiently useful for steganography. However, some of these header fields like TCP ISN and IP ID can be more efficiently used for steganography depending on the operating systems, because each operating system may have different TCPIIP generating process or algorithm [12] [13]. 56

64 Linux OS The most commonly used TCPIIP header fields for steganography are IP ID and TCP ISN. They have a structure that must be unpredictable. This can be accomplished by random generated secrets through cryptography. Linux 2.0 has a TCP ISN generator based on a standard hash algorithm (SHA-1), hashing a block of 16 words each with 32-bits. Words 9 toll (three words) are assigned for the IP addresses and ports of the source and destination hosts. The remaining 13 words are initialized with a random cryptography secret on reboot. At the initialization state, the first 5 original words of the block are used, instead of using the values of the hash function. However, the time, in microseconds, is added to the second hashed word from the standard hash function in order to obtain the value of the TCP ISN. Due to the fact that the hashing calculation is a time-consuming process, it can result to significant delays for establishing TCP connection. This algorithm was modified however, to reduce the delays of generating each TCP ISN in Linux 2.2. Instead of using the hash function (SHA-1), the number of blocks was cut in half to reduce the time of generating ISNs. Rather than reading 16 word-blocks, this model, MD4, reads blocks of 8 words each with 32 bits, per iteration. Despite its similarity to the previous algorithm used in Linux 2.0, this algorithm limits the reusing of random hashed values. This random value is rekeyed every 5 minutes to increase the security ofmd4. This may generate repetitive TCP ISNs. Therefore, once the 57

65 hash value is generated, an incrementing counter for rekeying process is replaced with the most significant byte, and then the current time (microseconds) will be added to generate the ISN s. Linux 2.4 also has the same TCP ISN generating algorithm. Once again, this algorithm was slightly changed in Linux 2.6 to improve performance on multiprocessor systems. This modification from the steganography and detection standpoint, means that the counter of rekeying is set to zero on reboot. Packages that are not fragmented will be set with predictable IP IDs. This is an incremental socket counter, for the TCP, set to sequence number XORed with a timer. Same applies for UDP, but initialized with a timer. In other protocols, though, it is initialized with zero [13]. Even, though, some operating systems like Linux contain TCPIIP algorithms that can be manipulated for steganography, there are some obstacles that should be taken into account. For instance, in a Linux OS, the data distribution within the TCP ISN should follow a uniform pattern. This uniformity can be disarrayed if the process of embedding secret data into the TCP ISN is incorrect, which results to detection of the secret data. In general, the stego-data inserted into the ISN can be detected, once a warden finds the un-uniformity within the ISN after subtracting the time. Therefore, the stego-isn (i.e. TCP ISN filled with secret data) should have a correct insertion set into the least significant bits of the TCP ISN [13]. 58

66 3.5. Evaluation The most important characteristics of digital steganography should be taken to account once comparing and evaluating each media format. As noted earlier, these characteristics include capacity, security and robustness. In general, these are the most essential attributes of every digital media-format used for steganography. Some of the most popular steganographic tools that are currently used for information security purposes include EzStego, F5, Hide and Seek v4.1, Hide and Seek for Win95, Hide4PGP, Jpeg-Jsteg, Mandelsteg, MP3Stego, OutGuess, Steganos, S-Tools v4, and White Noice Storm [25]. Table 2 also includes additional steganographic tools and methods that are currently used to embed secret information with the use of different digital media, particularly image files. 59

67 Table 2 Steganographic tools and methods that are currently used to embed secret information 60

68 General Comparisons Currently, the most common form of stego-systems IS the image steganography. This is due to the fact that image transmission over the Internet is a common procedure for individuals. People send and receive images and pictures of their family members and friends over the Internet every day. An image file per se does not raise a flag, unless someone is specifically looking for suspicious signatures left on the file. The preference of using images over audio, however, is due to the fact that image files provide a much larger capacity for data hiding. Audio files can not contain large amount of secret information other than digital watermarks or digital signatures, while images may contain a great amount of hidden messages without drawing any attention. Taking advantage of human visual limits, almost any text, image or other forms of data that can be transferred into bits can be hidden in a digital image. Thus, using large capacity containers as carrier media, like image files, for embedding secret messages is by far the most common way of steganography today. The simple implementation of some of the algorithms used in image steganography provides a broad range of options for the users of this technology. The LSB methods have the simplest implementations, but the insertion of the lease significant bits in sequential pixels may cause distortion and make the stego-image easily detectable by a stego-analyst [15]. This, in fact, is one of the drawbacks of using the LSB algorithms. On the other hand, the random bits algorithm 61

69 spreads the secret bits all over the image in a random order, which makes the detection of the stego-image far more difficult. Even if the stego-image is detected, it is impossible for the attacker to reconstruct the secret message [2]. Although the capacity, security, and robustness may vary from one method to another, the users of this technology can select the method that fits their needs. Audio steganography, on the other hand, provides a way of secure broadcasting scheme, as well as property and copyright protections. Although they have limited capacity and can not be used for transmitting large amount of secret information, they are widely implemented for applications that only need to encode brief secret information into audio files, like digital watermarking and digital signature. The flexible process and the simple implementation of some of the methods used in audio steganography offer a variety of choices to the users of this technology. Factors like robustness, bandwidth, security and noise audibility might vary among the stego-audio methods. Users can select the one that suits them best. A company with intellectual property and high level of information secrecy may consider methods like phase coding, spread spectrum or echo hiding, while individuals with only occasional secret message transmissions may use a simpler method like the LSB coding. 62

70 Embedding secret information in text, however, can be a very challenging and compromising process, once compared to other media formats, in particular the image steganography. This is due to the fact that a text file has a very small amount of data-redundancy, there would be not much capacity left for embedding the secret data bits. Another drawback is that a simple reformatting of the stego-text, like from.txt to.pdf or to other formats, may result into loss of the hidden message, which could be a great vulnerability when it comes to the security and robustness of the hidden information. Although some stego-text algorithms may provide greater capacity for the secret information, the majority of them lack sufficient data-security while transmitting secret messages. The only preference of using text steganography in oppose to other digital media, like digital images in particular, is due to the fact that they have much smaller size and very simple structure that make them suitable for data-transmission over the internet. Thus, compared to other media formats, especially the image media formats, image steganography has far more to offer when it comes to capacity, security and robustness of the secret information. Digital images are also preferred for steganography over video files, although, they can contain a large amount of data that might be suitable for information hiding. An audio/video file, as discussed earlier, has a two dimensional data capacity. This media format allows for storing digital data bits both as audio and image bits. The data-security of this media format can 63

71 also be at same level as a regular digital image format. However, despite these advantages that allows for a large number of secret data to be stored in video/audio files, the size of these carriers make them inappropriate for certain type of media-distribution. An audio/video file can not be transmitted to every website on the Internet. This makes them less preferable for steganography compared to digital images. The use of network steganography (TCPIIP header fields) also has few drawbacks compared to digital images. Lack of efficient data-security makes TCPIIP header fields unsuitable for steganography. The stego-data can be simply detected or destroyed when using TCPIIP header fields, because of the network policies in placed in majority of the networked environments today. In an active model network, the use of TCPIIP header fields for steganography can easily be detected. Moreover, use of some of the IP header fields for secret data transmission may be futile, due to the fact that they do not travel far enough within a wide area network, like the Internet. The IP Option header field, for instance, can only travel20 hops within the Internet, which in most cases, is not far enough for the information to reach its destination. Another important drawback of using TCPIIP steganography is that not all operating systems allow for simple modifications of all TCPIIP header fields. Each operating system may have different TCPIIP generating process or algorithm. Even in those operating systems, not all TCP!IP header fields can be secure enough for steganography. Depending on these 64

72 algorithms or policies enforce on certain operating systems, TCP ISN and IP ID are the only fields, which might be slightly modified' in order to efficiently convey secret information. Thus, compared to digital images, TCPIIP steganography is far less secure and much more challenging Preferred Stego-Algorithm Image steganography has a great amount of advantages compared to other forms of media used for steganography. The capacity, security and robustness for the secret information provided by the image media format are far more advanced than any other media format. Among all the algorithms that are using image media formats for steganography, the random bits method offers the most security, as well as the largest capacity for storing secret data bits, depending on number of LSB replacements, like LSB 3-bits or 4-bits [2]. The random bits method uses discrete cosine transform, DCT, coefficient in order to randomly specify pixels to store the secret bits. This is accomplished based on the image's (x, y) coordinate system. This method uses a random number generator to specify the DCT coefficients (the pixels), where the LSBs are to be replaced with the secret message bits [2][15]. Using this method, the message bits are inserted into random pixels anywhere within a digital image. The amount of datasecurity added to a regular LSB method through the random bits stego- 65

73 system makes the detection of the hidden messages extremely difficult. As noted earlier, with this approach the secret message bits are not stored by replacing the LSB of each RGB sub-pixel in a sequential order. Therefore, even if the stego-file draws attention and is detected, because of the existing stego-fingerprints on the file, the attacker can not possibly reconstruct the hidden message that was encoded by this stego-system. The recipient, though, can retrieve the hidden data with the use of a private key that indicates the positions of the pixels holding the secret bits. Without this private key the hidden message may never be retrieved. 66

74 CHAPTER4 STEGANAL YSIS Stegnoanalysis, in general, can be defined as the art of discovering and/or destroying secret information. Regardless of the algorithm and the carrier media used for steganography, every electronic modification leaves a fingerprint in the carrier file, which helps alerting a stego-analyst about the existence of hidden information. The simplest fingerprint left on a stego-file can be an increased file size compared to its original file size. Other approaches can also help an analyst 1n discovering suspicious files. Generally, there are only few types of stego-software available for transmitting secret information. Simpler ones are easily cracked and defeated, and those with more complex algorithms may just take more detailed analysis to break. Using a tool repeatedly can also help cracking the stego-system. Large amount of similar stego-objects in the hands of an analyst can facilitate for eventual cracking of the system [14]. The claim that some steganographic methods are undetectable can not possibly be true. "... claiming that it has "military grade" and is of "world-class strength", "unbreakable even by the NSA" [16]. Table 3 includes a few popular steganalytic tools and methods used against various stego-systems [25]. 67

75 Table 3 Steganalytic tools and methods used against various stego-systems [25] 68

76 There are no universal attacks against steganography, however. If there is a suspicious file with hidden information, the stego-analyst must do some research, compare the fingerprints with the existing detected files, test the stego-file, and probably generate some executable code for detecting particular suspicious files. There are, however, two types of attacks in general, when it comes to image steganalysis; visual attacks and statistical attacks [16]. Visual attacks are performed by simply looking at suspicious image files. By looking at a stego-image and comparing it to the original one, the analyst might be able to find some tiny differences indicating that the image has been used as stego-cover for hidden data. On the other hand, statistical attacks include use of tools to compare randomness of the bits or vanous distributions of the bits that form the pixels in an image [16]. The discovery of a stego-file, however, is the first step in stegoanalysis. The next step includes either discovering the content of the secret message or simply destroying it. These are all considered as attacks against steganography. There are different types of attacks based on different information available to a stego-analyst. Table 4 summarizes some of the attacks and the types of available information to an analyst. Pattern recognition is an important skill in steganalysis. Most stego-files may not reveal any perceptible clues once compared to their original files. Thus, detail analysis along with pattern recognition becomes very handy. In a 69

77 known message attack, for instance, where the analyst has access to the secret message and the stego-file, the analyst must be able to determine the patterns used to encode the message. This pattern can be used for future analysis of other suspicious and similar files. 70

78 Table 4 Types of attacks and the types of available information to an analyst Attacks Type 71

79 In image steganalysis, when a stego-image is discovered, the stego-analyst must take some steps in order to recover or destroy the hidden information. The first step is to discover the tool or the format used for creating the stegofile. If an image-domain tool has been used to create the stego-image, the secret information can not be recovered by converting the image, for example, to JPEG. In majority of steganalysis cases, using a single approach or tool may not be sufficient to recover or break the hidden message. Normally, multiple tools and approaches are used in steganalyzing suspicious files. Some of these approaches may include cropping, image rotating, image blurring, re-sampling, removing portions of the image, sharpening, increasing or decreasing contrast among pixels, adding or removing noise, converting from digital to analog and back to digital again, and many more. In February 2001 a few articles in USA TODAY indicated the use of steganography by Al-Qaeda and other terrorist groups in order to implement terrorist acts inside U.S. There were also indications of existing stego-images on e-bay, Amazon and some pornographic websites, as well as many references to few recovered encrypted s and files. In August 2001, University of Michigan launched a research project to determine the fact of these allegations. More than 2 million JPEG images on the e-bay site were analyzed through an automated, statistical analysis. Some of the tools used for this analysis include Stegdetect, Stegbreak, Crawl and Disconcert. Only one stego-image was discovered, sovereigntime.jpg 72

80 (Figure 18). It contained an encoded image of the "B-52 graveyard" at Davis- Monthan Air Force Base. The report concluded that "... there is a small chance that they have not yet detected the stego-images that the terrorists are using. They believe it is more likely that as August 2001, there are no stego-images on the Internet."[14]. Figure 18 B-52 graveyard" at Davis-Monthan Air Force Base covered in sovereigntime.jpg 73

81 CHAPTER5 PROPOSED METHOD The proposed algorithm provides a way of increasing the data-secrecy for the hidden information using an image media format. In other words, by optimizing the second characteristic (e.g. security of the hidden message) this algorithm increases the security capabilities of the stego-message, so that unintended recipients can not possibly be able to reconstruct or retrieve the encoded secret information. This method uses a random number generator to replace the original image bits with the secret data-bits in a random mode. This random insertion of the secret data-bits will increase the security of the message, as an attacker has no clue of where the message bits are stored within the image. A basic and simple LSB method usually replaces the original image bits with the secret bits in a sequential order. This means that every adjacent sub-pixel (RGB) stores one or more bits of the secret message in a sequential order. If the file is detected, an intruder may place each last bit/s of a RGB system in a sequential order to reconstruct the secret message. The proposed method, on the other hand, inserts the secret bits into an image randomly, so that if even the file is detected, the message can not be recovered without the key. This method might be used as a stand-alone method, or as ari added security feature to another algorithm. With the use of this method, secret data-bits can be embedded within almost all digital image formats that can be broken 74

82 into binary bits. However, the use of JPEG and PNG could add to the security of the hidden data, due to the fact that they contain greater number of color combinations for each pixel representing an image, compared to GIF storage format images. Despite the great amount of security added to a stego-message vm this algorithm in terms of time-consumption though, this method could add extra amount of process time for encoding the secret data. This is due to the fact that this algorithm uses a time-consuming loop in order to assign the random values to each secret-bit specifying their indexed positions among the original image-bits of each sub-pixel. This creates a time-consuming encoding process when using this method. In terms of capacity, however, as mentioned earlier, the maximum capacity for secret data-bit insertion, using a simple LSB method, is 4 bits per subpixel of a RGB system. This is the limit for LSB replacement method, and is considered as an image distortion threshold (before an image is perceptibly distorted). Although this method does not include any specifications for a certain LSB replacement, but in order to maximize the capacity for secret data insertion and transmission, the LSB 4-bits can be considered. The robustness of the stego-file, however, using the proposed method, entirely depends on the storage format used for the image. The use of certain storage formats, like JPEG, may cause the loss of secret data once the file is 75

83 decompressed, or the use of some steganalysis methods might corrupt or destroy the information. Using the proposed method has a tremendous effect on the security of the stego-message, rather than affecting the robustness of a stego-file. This algorithm includes the existing robustness implemented for a regular LSB method. Since the proposed method is using the LSB insertion in a random order, a detailed comparison between the proposed algorithm, as well as various LSB methods (i.e. LSB 1-bit, LSB 2-bits and LSB 3-bits) will be provided. A simple and basic LSB method that replaces the original binary bits of an image with the secret data-bits may have a great impact on the stego-image. This is due to the fact that a sequential LSB insertion will increase the perceptible distortion of the stego-image, which may draw attention and result in detection of the stego-file. Figure 19 indicates the impact of a simple LSB insertion in a sequential order of the sub-pixels. a) The original image. b) The LSB-plane of the stego-image results from sequential embedding. Only the red and part of the green components are filled with data, while the others are padded with Os. [25]. In this scenario, the LSB insertion has been taken to extreme, due to the fact that the secret bits are replaced with the red and part of the green sub-pixels, and the rest of the image bits have been filled with zeros, instead of the original remaining bits. But the level of image distortion is sufficiently high to raise suspicion and result in easily detection of the stego-image. 76

84 Figure 19: The effects of a simple LSB encoding [25]: a. b. The use of different storage format can also have a great impact on a stgoimage. The use of an 8-bit image, like a GIF image format with only 256 color combinations can result in adverse information hiding outcome. Figure 20 represents the impact of embedding secret data-bits with the use of a steganographic method that changes the LSBs of an 8-bit image [2]. Figure 20 OriginalS-bit Cover Image The 8-bit Stego-Image A 24-bit image format, however, can produce a far less noisy or distorted stego-image. The size of a 24-bit image, on the other hand, will be much 77

85 larger than an 8-bit image, which makes the stego-image not suitable for transmission [2]. Two black and white images at magnification x3 are shown below (figure 21). On the left is the original 256 grey-level image, and on the right is the same image reduced to 128 grey-level that is stegoed via stego-1bit insertion method. There are some insignificant shading differences between the two images. These slight differences are impossible to be detected, however, without comparing the stego-image to the original one [2]. Figure 21 Original Black and white Tree [2] StegolBit Black and White Tree [2] Images below are the color versions of the same images magnified x3 (figure 22). Again, the original 256 color image is reduced to 128 colors and stegoed via same stego-method, stego-1bit. Like the black and white images, there are slight shading differences between the two images, but unless the original and the stego-image are placed side-by-side and compared with each other, no one can note the difference between the two images [2]. 78

86 Figure 22 Original color image of trees [2] Stego-lbit color image of trees [2] There is a compromising relationship between the quality of the stego-image and the capacity of data-hiding. As the number of LSBs increases, the capacity of data-hiding will also increase, which allows for more secret bits to be embedded within the file. But, on the other hand, the quality of the stegoimage will decrease, which results in visual distortion of the stego-image. This, in particular, applies to the sequential LSB insertion methods, in which the adjacent and neighboring original bits are replaced with the secret databits. Figure 23 illustrates the impact of various LSB insertion methods (LSB 3-bits, LSB 5bits, and LSB 7 -bits) on the image of Lena. 79

87 Figure 23 (a) Original image (b) LSB 3-bits stegoed (c) LSB 5-bits stegoed (d) LSB 7-bits stegoed It also important to note that the use of most significant bits, MSB, for embedding secret information could have far greater effect on the original image, when compared to the replacement of the least significant bits, LSB. Figure 24 shows the picture of Lena with embedding data via MSB method. 80

88 Figure 24 Lena and her bit-planes (i7,...,io) starting from the most significant bit. The proposed method, however, as mentioned earlier, uses a random number generator to replace the original image bits with the secret data-bits in a 81

89 random mode. This random insertion of the secret data-bits increases the security of the message, as an attacker has no idea of where the message bits are stored, and therefore can not recover the secret message. Unlike in other LSB insertion methods, there is a direct relationship between the security of the message and the capacity for data-hiding in the proposed method. As the capacity for data-hiding increases the security of the secret message will also increase. In fact, as the number of LSBs grow larger (i.e. 1-bit, 2-bits, 3-bits, etc.), the security level of the secret embedded message will exponentially increase. But on the other hand, like the other LSB methods, the quality of the original image will be decreased, as both the security and the capacity increase (table 5). The proposed algorithm starts by reading the secret message bits, as binary bits, into an array (array1). Another array (array2) stores the original bits of the cover image. A random number generator (RNG) specifies the indexed position of the original image-bit within array2 that will be replaced by the secret bit from arrayl. The RNG randomize numbers from the set {4,5,6,7,12,13,14,15,20,21,22,23}, non-repeatable, which can randomly correspond to the second 4-bits of the red, green, and the blue colors of the RGB sub-pixels in a 24-bits image format. In a 32-bits image format, the alpha bits (transparency byte) will be skipped, and the secret data-bits will be inserted into the next RGB sub-pixels respectively, until the secret message is completely encoded. The values generated randomly by the RNG are 82

90 assigned to secret bits respectively, as the array1 reaches the Null value. Once the secret message bits are completely replaced (array1==null and the secret message completed), the remaining bits within array2 stay unchanged with the original image-bits. The values generated by the RNG are also stored in a third array (array3), which will be used as a private key for the intended recipient to reconstruct the secret message. The following is a simple illustration of the proposed method in theory, based on 24-bits image format: Assuming that the proposed method is using the maximum capacity (LSB 4- bits) steganography, when the RNG value is 5, the original GLSB1 (green 1st least significant bit) will be replaced by the first bit of the secret bit. Once the RNG value is 1, the RLSB1 (red 1st least significant bit) will be replaced with corresponding secret bit, and when the RNG value is 10, the BLSB2 (blue 2nd least significant bit) is replaced, and so on. Array1 (secret bits)= [0101,0111, ] Array2 (original bits)= [ , , , ] Red Green Blue Alpha 1100, , , ,0010 The use of commas between the bits is for visual aid and simplifications. RNG = 5; GLSB1 is replaced with the first secret bit. Array1 (secret bits)= [!!101,0111, ] Array2 (original bits)= [ , Q, , ] Red Green Blue Alpha 1100, ,101!! 1001, ,

91 RNG = 1; RLSB1 is replaced with the next secret bit. Array1 (secret bits)= [0101,0111, ] Array2 (original bits)= [ , , , ] Red Green Blue Alpha 1100, , , ,0010 RNG = 10; BLSB2 is replaced with the third secret bit. Array1 (secret bits)= [01.(!1,0111, ] Array2 (original bits)= [ , , Q0, ] Red Green Blue Alpha 1100, , ,10!!0 1011,0010 The random replacement of secret bits continues with the same mode until the end of array1 (array1 == Null). That is when the secret message has completely been embedded into the cover image. The remaining original bits stay unmodified within array2. A brief pseudocode of the proposed method, based on a 24-bits image format and the LSB 4-bits insertion, may be as the following: openfile( originallmage ); array1 = readfile(originallmage); //reading and storing the image bit by bit openfile(secertmessage); array2 = readfile(secertmessage); //reading and storing the secret message int count1 = count2 =0; inti =j = 0; while (!EndofFile(seceretMessage)) {//until the data is completely embedded for (i = 0; i = 12; i ++) { j = rng(); //randomly from {4,5,6,7,12,13,14,15,20,21,22,23}, non-repeatable if (array1[j+countl]!= array2[i+count2]) //comparing the bits array1[j+count1] = array2[i+count2]; //replacing of the bits 84

92 } count1 =+24; count2 =+ 12; } This algorithm will add a great amount of security if used as a stand-alone method of image steganography. The message encoded within a cover image by this algorithm will have a decoding permutation of 2A12 * N, where N = the number of pixels representing the image. It is important to note that the permutation of the secret key in this method depends on the number of LSBs used for inserting the secret bits. In this example, LSB 4-bits of each subpixel are replaced with the secret bits in order to provide the maximum capacity for data-hiding (table 5). The concentration on three components of a pixel, RGB sub-pixels, results higher image quality, and lower perceptibility [18]. Using the three RGB subpixels along with LSB 4-bits will provide a somewhat imperceptible distortion of the stego-image. That in fact, is the distortion threshold of a stego-image. Four bits (LSB 4-bits) are the maximum LSBs that can be used for a LSB insertion system before the image is visually distorted and easily detected [2]. As mentioned earlier, the insertion of the lease significant bits, LSBs, in a sequential order of the pixels may cause distortions that are easily detected by a stego-analyst [15]. This may be the most important drawbacks of using LSB methods. Despite the amount of security added by the proposed algorithm, this approach may suffer from the same drawback, due to the fact 85

93 that it uses almost the same model (i.e. LSB) for the secret-data insertion. In order to avoid such occurrence (image distortion, due to sequential pixel manipulation), the proposed algorithm can be used in conjunction with another algorithm, instead of using it as a stand-alone method; a proposed hybrid stego-system that includes the use of the proposed algorithm In conjunction with the random bit method. The proposed algorithm may be used as an added security feature to the random bits method, which randomly spreads the secret data-bits all over the image, and prevents image distortions. The random bits method is using discrete cosine transform, DCT, coefficient in order to randomly specify a pixel to store the secret bits. This random positioning of the pixels within an image is based on the image's (x, y) coordinate system. With the use of a random number generator, the DCT coefficients (the pixels) are specified, where the LSBs are replaced with the secret message bits [2] [15]. This hybrid stego-system would use two private keys in order to encode secret messages. One key indicates the positions of the pixels holding the secret bits, based on the (x, y) coordinate system, while the other key represents the index position of the bit among the LSBs of each RGB sub-pixel. The intended recipients must have both private keys in order to be able to retrieve the secret message. 86

94 The models below illustrates the stego-process, as well as the decoding process of using the hybrid method, where C is the cover image, M is the message that needs to be encoded, Kl (first private key) indicates the random (x, y) position of the pixel storing the secret bits, K2 (second private key) represents the random indices of the replaced bits, E is the embedding mechanism or algorithm, and finally SM is the generated stego-image. Modell: Stego-Process The hybrid model of the stego-system E Model 2: Decoding Process The reconstruction of the secret message The random bits method, as a stand-alone stego-system, provides a great amount of data-security, with a permutation of N!, where N is the number of pixels representing a digital image. This makes a stego-message extremely difficult to crack. The use of this method, however, in conjunction with the proposed algorithm could even make the secret data far more protected. 87

95 With the use of two private keys, this hybrid system makes the stegomessage far more unbreakable. Without the two private keys, it would be entirely impossible to retrieve the secret information. This is due to the fact that the hybrid stego-system renders a secret-bit permutation of 2A 12 * N!, where N = number of pixels representing the image. In other words, for every single secret bit hidden into an image via this method, an attacker should test all the permutations (2A 12 * N!), in order to find the hidden bits that makes the secret message. This might be very close to impossible, even with strongest steganlysis tools. So, even if the stego-image is detected, the secret data can not possibly be recovered. Table 5 includes a summary of the permutations among various methods. These numbers (i.e. permutations) represents the amount of bit-combinations that an intruder should calculate and place together in order to recover the secret message. This hybrid stego-system provides the most secure way of transmitting secret information from one end to another, without any possible detection. This method uses the combination of the two algorithms; the random bits algorithm in conjunction with the proposed algorithm. Therefore, like the proposed method, when the secret message has completely been embedded into the cover image, the remaining original bits stay unmodified. In addition to the increased security of the stego-message, the proposed hybrid method may produce a higher quality stego-image as well. This is due to the fact that the secret bits are randomly spread all over an image through 88

96 this method, rather than being replaced with the original bits of the adjacent and neighboring sub-pixels in a sequential order, like in any simple LSB method. In fact, the random insertion of the secret bits causes the slight color-changes of the sub-pixels to be randomly spread all over an image, rather than being concentrated in one particular area of the image. This may result in a higher quality stego-image with far lower risk of being visually perceptible and detected. 89

97 Table 5 The permutation of the stego-message-bits in various methods N =Number of pixels representing an image. 90