Steganography

By Shreya Gupta (0909013104) Sidharth Bais (0909013109) Umang Juyal (0909013121) Vineet Kumar Maurya (0909013125)

Submitted to the Department of Information Technology in partial fulfillment of the requirements for the degree of BACHELOR OF TECHNOLOGY in Information Technology

ii

TABLE OF CONTENTS 1. INTRODUCTION....7 1.1. PROBLEM STATEMENT......9 1.2. OBJECTIVES OF THE STUDY...9 1.3. METHODOLOGY.....9 1.4. PROJECT SCOPE ...10

CHAPTER 2 2.1 STEGANOGRAPHY..12 2.2. CRYPTOGRAPHY..17 2.2.1. SYMMETRIC ENCRYPTION..19 2.2.2. ASYMMETRIC ENCRYPTION...21

CHAPTER 3 3. DESIGN.29 3.1. ENCRYPTION PHASE...31 3.2. DECRYPTION PHASE...32 3.3. DATA FLOW DIAGRAMS...32 3.4.1. CONSTRUCTING DATA FLOW DIAGRAM..34 3.4.2. DATA FLOW DIAGRAM LEVEL 0..34

iii

3.4.3. DATA FLOW DIAGRAM LEVEL 1..35 3.4.4. DATA FLOW DIAGRAM LEVEL 2.....36 3.5. ACTIVITY DIAGRAM.....36 3.6 GANTT CHART...................... 3.7 WATERFALL METHODOLOGY......... 3.8 GRAPHICAL REPRESENTATION

CHAPTER 4

4.1. HARDWARE REQUIREMENTS..........41 4.2 SOFTWARE REQUIREMENTS 4.3 OPERATING SYSTEM 4.5. SCREENSHOT EXPLANATION46

CHAPTER 5 5. TESTING. 5.1. AIM OF TESTING 5.2. ARTEFACTS OF TESTING 5.3. UNIT TESTING 5.4. VALIDATION TESTING 5.5. OUTPUT TESTING 5.6. INTEGRATION TESTING

iv

5.6.1. TOP-DOWN APPROACH 5.6.2. BOTTOM-UP APPROACH 5.6.3. UMBRELLA APPROACH 5.7. USER ACCEPTACE TESTING 5.8. BLACK BOX AND WHITE BOX TESTING

CHAPTER 6 6. CONCLUSION AND FUTURE WORK..........

CHAPTER 7 7. FUTURE ENHANCEMENTS

CHAPTER 8 8. References:

TABLE OF CONTENTS Page

DECLARATION ..........................................................................................iv CERTIFICATE............................................................................................ v

ACKNOWLEDGEMENTS ........................................................................vi ABSTRACT ............................................................................................... .vii LIST OF TABLES........................................................................................viii LIST OF FIGURES..................................................................................... ix LIST OF SYMBOLS .....................................................................................x CHAPTER 1: ONLINE SHOPPING1

1.1 About Online Shopping....1 1.2 Payment...1 1.3 Product Delivery2 1.4 Shopping Cart System..3 1.5 Design.3 1.5.1 1.5.2 1.5.3 Information Load...3 Consumer Needs and Expectations...4 User Interface....4

1.6 Advantages.5 1.7 Disadvantages.5 CHAPTER 2: E-WAY SYSTEM..6 2.1 About E-way System...6 2.2 Services6 2.3 Shopping Cart Software...7 2.4 Aim..7 2.5 Feature.8 2.6 Limitations...8 CHAPTER 3: DEVELOPMENT ENVIRONMENT....9 3.1 System Requirements..9 3.2 About PHP.......9 3.3 About phpMYAdmin..10 3.3.1 Features...11 3.4 About Apache HTTP Server....11 3.4.1 Features.12 3.5 About Drupal13

vi

3.5.1 Advantages.....14 3.5.2 Drupal Modules Used.14 3.6 About Ubercart20 3.6.1 Required modules........21 3.6.2 Optional Core Modules.......22
CHAPTER 4: DESIGN...24 CHAPTER 5: SCREENSHOTS.....26 CHAPTER 6: DATA DICTIONARY....33 CHAPTER 7: CONCLUSION....41 APPENDIX A ....42 BIBLIOGRAPHY...47

DECLARATION

I hereby declare that this submission is my own work and that, to the best of my knowledge and belief, it contains no material previously published or written by another person nor material which to a substantial extent has been accepted for the award of any

vii

other degree or diploma of the university or other institute of higher learning, except where due acknowledgment has been made in the text.

Signature Name: Shreya Gupta Roll No: 0909013104

Signature Name: Sidharth Bais Roll NO: 0909013109

Signature Name: Umang Juyal Roll NO: 0909013121

Signature Name: Vineet Kumar Maurya Roll NO: 0909013125 Date: 18/04/2013

CERTIFICATE

This is to certify that Project Report entitled STEGANOGRAPHY which is submitted by Shreya Gupta ,Sidharth Bais ,Umang Juyal And Vineet Kumar Maurya in partial fulfillment of the requirement for the award of degree B. Tech. in Department of Information Technology of U. P. Technical University, is a record of the candidate own

viii

work carried out by him under my/our supervision. The matter embodied in this thesis is original and has not been submitted for the award of any other degree.

Date: 18/04/2013

Supervisor Ms. Megha Chhillar

ACKNOWLEDGEMENT

It gives us a great sense of pleasure to present the report of the B. Tech Project undertaken during B. Tech. Final Year. We owe special debt of gratitude to Ms. Megha Chhillar Department of Information Technology for his constant support and guidance throughout

ix

the course of our work. His sincerity, thoroughness and perseverance have been a constant source of inspiration for us. It is only his cognizant efforts that our endeavors have seen light of the day. We also take the opportunity to acknowledge the contribution of Dr. Archana Verma, Head, Department of Information Technology for his full support and assistance during the development of the project. We also do not like to miss the opportunity to acknowledge the contribution of all faculty members of the department for their kind assistance and cooperation during the development of our project. Last but not the least, we acknowledge our friends for their contribution in the completion of the project.

Signature: Name : Shreya gupta Roll No.:0909013104 Date :18/04/2013

Signature : Name : Sidharth Bais Roll No.:0909013109 Date : 18/04/2013

Signature : Name : Umang Juyal

Roll No.:0909013121 Date : 18/04/2013

Signature : Name : Vineet Kumar Maurya Roll No.:09090131125 Date : 18/04/2013

ABSTRACT

Steganography is the art of hiding the fact that communication is taking place, by hiding information in other information. Many different carrier file formats can be used, but digital images are the most popular because of their frequency on the internet. For hiding secret information in images, there exists a large variety of steganography techniques some are more complex than othersand all of them have respective strong and weak points.

xi

Different applications may require absolute invisibility of the secret information, while others require a large secret message to be hidden. This project report intends to give an overview of image steganography, its uses and techniques. It also attempts to identify the requirements of a good steganography algorithm and briefly reflects on which steganographic techniques are more suitable for which applications.

LIST OF FIGURES

GANTT CHART

WATERFALL METHODOLOGY.

xii

FLOW DIAGRAM.. 25

ER DIAGRM..26 LIST OF SYMBOLS

FLOW DIAGRAMS/ ER DIAGRAM

Start or End/ Attributes

Processing Steps/ Entity

Flow of information

xiii

Condition/ Relationship

Input or Output

14

CHAPTER 1:

INTRODUCTION

One of the reasons that intruders can be successful is the most of the information they acquire from a system is in a form that they can read and comprehend. Intruders may reveal the information to others, modify it to misrepresent an individual or organization, or use it to launch an attack. One solution to this problem is, through the use of steganography. Steganography is a technique of hiding information in digital media. In contrast to cryptography, it is not to keep others from knowing the hidden information but it is to keep others from thinking that the information even exists. Steganography become more important as more people join the cyberspace revolution. Steganography is the art of concealing information in ways that prevents the detection of hidden messages. Stegranography include an array of secret communication methods that hide the message from being seen or discovered. Due to advances in ICT, most of information is kept electronically. Consequently, the security of information has become a fundamental issue. Besides cryptography, streganography can be employed to secure information. In cryptography, the message or encrypted message is embedded in a digital host before passing it through the network, thus the existence of the message is unknown. Besides hiding data for confidentiality, this approach of information hiding can be extended to copyright protection for digital media: audio, video and images. The growing possibilities of modern communications need the special means of security especially on computer network. The network security is becoming more important as the number of data being exchanged on the internet increases. Therefore, the confidentiality and data integrity are requires to protect against unauthorized access and use. This has resulted in an explosive growth of the field of information hiding

15

Information hiding is an emerging research area, which encompasses applications such as copyright protection for digital media, watermarking, fingerprinting, and steganography. In watermarking applications, the message contains information such as owner identification and a digital time stamp, which usually applied for copyright protection. Fingerprint, the owner of the data set embeds a serial number that uniquely identifies the user of the data set. This adds to copyright information to makes it possible to trace any unauthorized used of the data set back to the user. Steganography hide the secrete message within the host data set and presence imperceptible and is to be reliably communicated to a receiver. The host data set is purposely corrupted, but in a covert way, designed to be invisible to an information analysis.

16

What is Steganography? Steganography is the practice of hiding private or sensitive information within something that appears to be nothing out to the usual. Steganography is often confused with cryptology because the two are similar in the way that they both are used to protect important information. The difference between two is that steganography involves hiding information so it appears that no information is hidden at all. If a person or persons views the object that the information is hidden inside of he or she will have no idea that there is any hidden information, therefore the person will not attempt to decrypt the information. What steganography essentially does is exploit human perception, human senses are not trained to look for files that have information inside of them, although this software is available that can do what is called Steganography. The most common use of steganography is to hide a file inside another file.

17

Problem Statement: The former consists of linguistic or language forms of hidden writing. The later, such as invisible ink, try of hide messages physically. One disadvantage of linguistic steganography is that users must equip themselves to have a good knowledge of linguistry. In recent years, everything is trending toward digitization. And with the development of the internet technology, digital media can be transmitted conveniently over the network. Therefore, messages can be secretly carried by digital media by using the steganography techniques, and then be transmitted through the internet rapidly Steganography is the art of hiding the fact that communication is taking place, by hiding information in other information. Many different carrier file formats can be used, but digital images are the most popular because of their frequency on the internet. For hiding secret information in images, there exists a large variety of steganography techniques some are more complex than others and all of them have respective strong and weak points. So we prepare this application, to make the information hiding more simple and user friendly.

18

Objective

The goal of steganography is covert communication. So, a fundamental requirement of this steganography system is that the hider message carried by stego-media should not be sensible to human beings.

The other goal of steganography is to avoid drawing suspicion to the existence of a hidden message. This approach of information hiding technique has recently became important in a number of application area This project has following objectives: To product security tool based on steganography techniques. To explore techniques of hiding data using encryption module of this project To extract techniques of getting secret data using decryption module.

Steganography sometimes is used when encryption is not permitted. Or, more commonly, steganography is used to supplement encryption. An encrypted file may still hide information using steganography, so even if the encrypted file is deciphered, the hidden message is not seen

19

Methodology: User needs to run the application. The user has two tab options encrypt and decrypt. If user select encrypt, application give the screen to select image file, information file and option to save the image file. If user select decrypt, application gives the screen to select only image file and ask path where user want to save the secrete file. This project has two methods Encrypt and Decrypt. In encryption the secrete information is hiding in with any type of image file. Decryption is getting the secrete information from image file.

Carrier File

Carrier File with Hidden Message

20

Project Scope: This project is developed for hiding information in any image file. The scope of the project is implementation of steganography tools for hiding information includes any type of information file and image files and the path where the user wants to save Image and extruded file.

21

CHAPTER 2:

STEGANOGRAPHY

Steganography in Greek means "covered writing". Steganography is the process of hiding the one information into other sources of information like text, image or audiofile, so that it is not visible to the natural view. There are varieties of steganographic techniques available to hide the data depending upon the carriers we use.Steganography and cryptography both are used for the purpose of sending the data securely. The same approach is followed in Steganography as in cryptography like encryption, decryption and secret key. In steganography the message is kept secret without any changes but in cryptography the original content of the message is differed in different stages like encryption and decryption.Steganography supports different types of digital formats that are used for hiding the data. These files are known as carriers. Depending upon the redundancy of the object the suitable formats are used. "Redundancy" is the process of providing better accuracy for the object that is used for display by the bits of object.

The main file formats that are used for steganography are Text, images, audio,video, protocol The different types of steganographic techniques that is available are 1. Pure steganography 2. Public key steganography

22

3. Secret key steganography Pure steganography: Pure steganography is the process of embedding the datainto the object without using any private keys. This type of steganography entirely depends upon the secrecy. This type of steganography uses a cover image in which data is to be embedded, personal information to be transmitted, and encryption decryption algorithms to embed the message into image.

This type of steganography cant provide the better security because it is easy for extracting the message if the unauthorised person knows the embedding method. Ithas one advantage that it reduces the difficulty in key sharing. Secret key steganography:Secret key steganography is another process ofsteganography which uses the same procedure other than using secure keys. It usesthe individual key for embedding the data into the object which is similar tosymmetric key. For decryption it uses the same key which is used for encryption.

This type of steganography provides better security compared to puresteganography. The main problem of using this type of steganographic system issharing the secret key. If the attacker knows the key it will be easier to decrypt andaccess original information

23

Public key steganography:Public key steganography uses two types of keys: onefor encryption and another for decryption. The key used for encryption is a private key and for decryption, it is a public key and is stored in a public database.

CRYPTOGRAPHY:

The word cryptography is derived from two Greek words which mean secret writing.Cryptography is the process of scrambling the original text by rearranging andsubstituting the original text, arranging it in a seemingly unreadable format for others.Cryptography is an effective way to protect the information that is transmittingthrough the network communication paths. Cryptology is the science that deals about cryptography and cryptanalysis.Cryptography is the approach of sending the messages secretly and securely to thedestination. Cryptanalysis is the method of obtaining the embedded messages intooriginal texts. In general, cryptography is transferring data from source to destination by altering itthrough a secret code. The cryptosystems uses a plaintext as an input and generatea cipher text using encryption algorithm taking secret key as input.The important elements in cryptosystems are 1. Plain text (input) 2. Encryption algorithm

24

3. Secret key 4. Cipher text 5. Decryption algorithm

Plain text: The plain text is an original piece of information that is needed to sendinformation to the destination. Encryption algorithm: This is the main key to any cryptographic system. Thisencryption algorithm subjects the plain text to various substitutions andtransformations.Secret key: The secret key is given by the user which will act as an input to theencryption algorithm. Based on this key, various substitutions and transformations onthe plain text will differ.Cipher text: This is the output generated by the encryption algorithm. The cipher textis the jumbled text. The cipher text differs with each and every secret key that hasgiven to the encryption algorithm. Decryption algorithm: This is opposite to the encryption algorithm. It will acquire

25

cipher text and secret key as an input and produce plain text as an output.Cryptographic Algorithms: There are many cryptographic algorithms available whichdiffer on their type of encryption. Based on the type of encryption standards thealgorithms are grouped into two types 1. Symmetric encryption algorithm 2. Asymmetric encryption algorithm 2.2.1 Symmetric Encryption

Symmetric encryption is a single key encryption and also known as conventional encryption. It is also referred as private key cryptography. The symmetric encryption algorithm generally uses the same k ey for encryption and decryption. The security level for this type of encryption will depend on the length of the key.

2.2.2

26

Asymmetric Encryption Asymmetric encryption is also known as Public key encryption. The AES works same as Symmetric encryption, the main difference between AES and Symmetricencryption is in using keys. In asymmetric encryption, the encryption and decryptionwill be done by two different keys. It will use plain text, encryption algorithm anddecryption algorithm same as Symmetric encryption as discussed in above section

In 'Asymmetric encryption', only the data that is encrypted using public key can be decrypted using the same algorithm. And the message which is encrypted usingprivate key can be decrypted using only the matching public key.The main problem with Asymmetric algorithm is cipher keys. Whenever two different people want to exchange the data simultaneously using asymmetricencryption they need to have four different keys. It will be more confusing to resolveas the corresponding key is required for the particular file to open.

27

CHAPTER 3 DESIGN:
The data hiding patterns using the steganographic technique in this project canbe explained using this simple block diagram. The block diagram for steganographictechnique is as follows.

The procedure for data hiding using steganographic application in this project is as follows The sender first uses the steganographic application for encrypting the secret message. For this encryption, the sender uses text document in which the data is written and the image as a carrier file in which the secret message or text document to be hidden

28

The sender sends the text document to the encryption phase for data encyption with key, in which the text document is encrypted into the cipher text. The sender sends the carrier file and cipeher text document to the encryption in image phase for data embedding, in which the encrypted text document is embedded into the image file. Now the carrier file acts as an input for the decryption phase. The receiver receives the carrier file and places the image in the decryption phase The decryption phase decrypts the encrypted text document using the least significant bit decoding and decrypts the encrypted message. As mentioned in the above block diagram, the data hiding and the data extracting willbe done in two phases. 1. Encryption phase 2. Decryption phase 3.1 ENCRYPTION PHASE: The "Encryption phase" uses two types of files for encryption purpose. One is the secret file which is to be transmitted securely, and the other is a carrier file such as image. In the encryption phase the data is embedded into the image using LeastSignificant Bit algorithm (LSB) by which the least significant bits of the secret document are arranged with the bits of carrier file such as image, Such that the message bits will merge with the bits of carrier file. In this procedure LSB algorithmhelps for securing the originality of image.

3.3 DECRYPTION PHASE: The Decryption phase is reverse to encryption phase. In decryption phase, thecarrier image in which the data is hided is given as an input file. The decryptionphase uses the same password

29

which was given for the encryption and decryption inorder to secure from unauthorised access. After giving the correct password the decryption section uses the Least Significant bit Algorithm (LSB) by which the encoded bits in the image is decoded and turns to its original state and gives theoutput as a text document as well as image. 3.4 DATA FLOW DIAGRAMS: Data flow diagrams are the basic building blocks that define the flow of data in asystem to the particular destination and difference in the flow when anytransformation happens. It makes whole procedure like a good document and makessimpler and easy to understand for both programmers and non-programmers bydividing into the sub process.The data flow diagrams are the simple blocks that reveal the relationship betweenvarious components of the system and provide high level overview, boundaries ofparticular system as well as provide detailed overview of system elements. 3.4.2 Data Flow Diagram Level 0 "DFD level 0" is the highest level view of the system, contains only one process which represents whole function of the system. It doesnt contain any data stores and the data is stored with in the process.For constructing DFD level 0 diagram for the proposed approach we need two sources one is for "source" and another is for "destination" and a "process".

3.4.3 Data Flow Diagram Level 1

30

For constructing "DFD level 1", we need to identify and draw the process that make the level 0 process. In the project for transferring the personal data from source todestination, the personal data is first encrypted and processed and latter decrypted.

3.4.4 Data Flow Diagram Level 2 The image and the text document are given to the encryption phase. The encryptionalgorithm is used for embedding the data into the image.The resultant image acting as a carrier image is transmitted to the decryption phaseusing the transmission medium. For extracting the message from the carrier image, itis sent to the decryption section. The plain text is extracted from the carrier imageusing the decryption algorithm.

31

3.5 ACTIVITY DIAGRAM The sender sends the message to the receiver using three phases. Since we areusing the steganographic approach for transferring the message to the destination,the sender sends text as well as image file to the primary phase i.e., to encryptionphase. The encryption phase uses the encryption algorithm by which the carrierimage is generated. The encryption phase generates the carrier image as output.

32

GANTT CHART

33

30

25

TESTING
CODING

20 Series 3 15 Series 2 Series 1

DESIGN

10

REQ. ANALYSIS

ALA

0 20 DAYS 45 DAYS 90 DAYS 105 DAYS

DURATION (DAYS)>

34

WATERFALL METHODOLOGY

Req. & Analysis

System Design

Detailed Design

Coding & Unit Testing

System & Integration Testing

Oper. & Maintenance

35

DATA FLOW DIAGRAM:

36

The graphical representation of this system is as follows:

Start Application

Encryption

Decryption

Covert image

Covered Message

BMP Image File

BMP Image File

Image

Message File

37

CHAPTER 4:
4.1 HARDWARE AND SOFTWARE REQUIREMENTS Hardware Requirements: Processor RAM Hard Disk Cache Monitor Keyboard Mouse : : : : : : : Pentium. 64 MB. 2 GB. 512 KB. SVGA Color Monitor. 101 keys. 2 buttons.

Software Requirements:

Java (jdk1.7) Net Beans(IDE)

OPERATING SYSTEM: A multimedia PC running a windows 98 , 2000 , XP or 7operating system .

38

CHAPTER 5:
5. TESTING Testing defines the status of the working functionalities of any particularsystem. Through testing particular software one can't identify the defects in it but can analyse the performance of software and its working behaviour. By testing thesoftware we can find the limitations that become the conditions on which theperformance is measured on that particular level. In order to start the testing processthe primary thing is requirements of software development cycle. Using this phasethe testing phase will be easier for testers.The capacity of the software can be calculated by executing the code and inspectingthe code in different conditions such as testing the software by subjecting it todifferent sources as input and examining the results with respect to the inputs.After the designing phase, the next phase is to develop and execute the code indifferent conditions for any errors and progress to the developing phase. Withouttesting and execution, the software cannot be moved to the developing phase.There are two types of testing. They are: The functional testing, which defines thespecified function of a particular code in the program. This type of testing gives us a brief description about the program's performance and security in the various functional areas.The other type of testing is non-functional testing. Nonfunctional testing defines thecapabilities of particular software like its log data etc. It is opposite to functionaltesting and so will not describe the specifications like security and performance.The performance of the particular program not only depends on errors in coding. Theerrors in the code can be noticed during execution, but the other types of errors canaffect the program performance like when the program is developed based on oneplatform that may not perform well and give errors when executed in differentplatform. So, compatibility is another issue that reduce the software performance.The code tuning helps us in optimising the program to perform at its best utilizingminimal resources possible under varied conditions. 5.1 AIM OF TESTING The main aim of testing is to analyse the performance and to evaluate the errors thatoccur when the program is executed with different input sources and running indifferent operating environments.In this project, I developed a steganographic application based on Microsoft VisualStudio which focuses on data hiding based on Least Significant Bit algorithm. Themain

39

aim of testing in this project is to find the compatibility issues as well as theworking performance when different sources are given as the inputs.

There are different types of approaches for testing a JAVA framework basedapplication. The types of testing are Unit testing Validation testing Integration testing User acceptance testing Output testing Black box and white box testing.

5.3 UNIT TESTING 'Unit testing' is the approach of taking a small part of testable application and executing it according to the requirements and testing the application behaviour. Unittesting is used for detecting the defects that occur during execution.When an algorithm is executed, the integrity should be maintained by the datastructures. Unit testing is made use for testing the functionality of each algorithmduring execution.Unit testing can be used in the bottom up test approach which makes the integrationtest much easier. Unit testing reduces the ambiguity in the units. Unit testing usesregression testing, which makes the execution simpler. Using regression testing, thefault can be easily identified and fixed.In this project, I have developed an application using different phases like encryption,decryption, etc. So, for getting the correct output all the functions that are used areexecuted and tested at least once making sure that all the control paths, errorhandling and control structures are in proper manner.Unit testing has it's applications for extreme programming, testing unit frame works and good support for language level unit testing.

5.4 VALIDATION TESTING

40

Validation is the process of finding whether the product is built correct or not. Thesoftware application or product that is designed should fulfil the requirements andreach the expectations set by the user. Validation is done while developing or at thefinal stage of development process to determine whether it is satisfies the specifiedrequirements of user. Using validation test the developer can qualify the design, performance and itsoperations. Also the accuracy, repeatability, selectivity, Limit of detection andquantification can be specified using 'Validation testing'.

5.5 OUTPUT TESTING After completion of validation testing the next process is output testing. Outputtesting is the process of testing the output generated by the application for thespecified inputs. This process checks weather the application is producing the required output as per the user's specification or not. The 'output testing' can be done by considering mainly by updating the test plans,the behaviour of application with different type of inputs and with produced outputs,making the best use of the operating capacity and considering the recommendationsfor fixing the issues.

5.6 INTEGRATION TESTING 'Integration testing' is an extension to unit testing, after unit testing the units are integrated with the logical program. The integration testing is the process ofexamining the working behaviour of the particular unit after embedding with program. This procedure identifies the problems that occur during the combination of units.

41

The integration testing can be commonly done in three approaches Top-down approach Bottom-up approach Umbrella approach

5.6.1 Top-down approach: In the top-down approach the highest level module should be considered first andintegrated. This approach makes the high level logic and data flow to test first andreduce the necessity of drivers. One disadvantage with top-down approach is its poor support and functionality islimited.

5.6.2 Bottom-up approach: Bottom-up approach is opposite to top-down approach. In this approach, the lowestlevel units are considered and integrated first. Those units are known as utility units.The utility units are tested first so that the usage of stubs is reduced. Thedisadvantage in this method is that it needs the respective drivers which make thetest complicated, the support is poor and the functionality is limited.

5.6.3 Umbrella approach: The third approach is umbrella approach, which makes use of both the top - bottomand bottom top approaches. This method tests the integration of units along with itsfunctional data and control paths. After using the top - bottom and bottom-topapproaches, the outputs are integrated in top - bottom manner. The advantage of this approach is that it provides good support for the release oflimited functionality as well as minimizing the needs of drivers and hubs. The maindisadvantage is that it is less systematic than the other two approaches.

42

5.7 USER ACCEPTANCE TESTING 'User acceptance testing' is the process of obtaining the confirmation from the user that the system meets the set of specified requirements. It is the final stage ofproject; the user performs various tests during the design of the applications andmakes further modifications according to the requirements to achieve the final result. The user acceptance testing gives the confidence to the clients about theperformance of system

5.8 BLACK BOX AND WHITE BOX TESTING 'Black box testing' is the testing approach which tells us about the possible combinations for the end-user action. Black box testing doesn't need the knowledge about the interior connections or programming code. In the black box testing, theuser tests the application by giving different sources and checks whether the outputfor the specified input is appropriate or not. 'White box testing' is also known as 'glass box' or 'clear box' or 'open box' testing. It is opposite to the black box testing. In the white box testing, we can create testcases by checking the code and executing in certain intervals and know the potentialerrors. The analysis of the code can be done by giving suitable inputs for thespecified applications and using the source code for the application blocks. The limitation with the white box testing is that the testing only applies to unit testing,system testing and integration testing

43

CHAPTER 6:
6. CONCLUSION AND FUTURE WORK In the present world, the data transfers using internet is rapidly growing because it is so easier as well as faster to transfer the data to destination. So, many individuals and business people use to transfer business documents, important information using internet. Security is an important issue while transferring the datausing internet because any unauthorized individual can hack the data and make ituseless or obtain information un- intended to him. The proposed approach in this project uses a new steganographic approach called image steganography. The application creates a stego image in which the personaldata is embedded and is protected with a password which is highly secured. The main intention of the project is to develop a stegano graphic application that provides good security. The proposed approach provides higher security and can protect the message from stego attacks. The image resolution doesn't change much and is negligible when we embed the message into the image and the image is protected with the personal password. So, it is not possible to damage the data by unauthorized personnel.I used the Least Significant Bit algorithm in this project for developing the application which is faster and reliable and compression ratio is moderate compared to other algorithms. The major limitation of the application is designed for bit map images (.bmp). It accepts only bit map images as a carrier file, and the compression depends on the document size as well as the carrier image size. The future work on this project is to improve the compression ratio of the image tothe text. This project can be extended to a level such that it can be used for thedifferent types of image formats like .bmp, .jpeg, .tif etc., in the future.

44

The securityusing Least Significant Bit Algorithm is good but we can improve the level to a certain extent by varying the carriers as well as using different keys for encryption and decryption.

45

CHAPTER 7:
Future Enhancements: In future this application has features of : Hiding data in to audio file. Hiding data in to video file. It will be password protected.

46

CHAPTER 8:
References: Guide to stegnography http://en.wikipedia.org/wiki/Steganography http://www.scribd.com www.google.com www.infor.com/content/brochures/30083/ www.nexstepworld.com