COMPARING STEGANOGRAPHY ALGORITHMS PROJECT PROPOSAL ROSANNE ENGLISH MARCH 2009

1|Page

TABLE OF CONTENTS

1. Introduction ........................................................................................................................................... 3 2. Statement of the Problem ................................................................................................................. 6 3. Background Survey ........................................................................................................................... 10 Steghide ................................................................................................................................................... 10 Vecna ........................................................................................................................................................ 14 Hakito Ergo Sum .................................................................................................................................. 16 OpenStego .............................................................................................................................................. 17 Digital Invisible Ink Toolkit ............................................................................................................. 19 QTech ....................................................................................................................................................... 23 4. Proposed Approach........................................................................................................................... 25 Initial Java Implementation ............................................................................................................. 25 Risk Analysis ......................................................................................................................................... 26 5. Work Plan ............................................................................................................................................. 27 Bibliography .............................................................................................................................................. 28

2|Page

1. INTRODUCTION The aim of this project is to produce as its outcome a number of programs written in Java which allow for files to be hidden in digital images. Another outcome of the project will be to present results on the analysis of different steganography algorithms. The following introduction aims to provide a context for this problem. The process of hiding information in another document such that the information hidden is not even perceived to be there is called steganography. The technique is used for security, providing an alternative to cryptography or an additional layer of security. Traditional steganography included the use of invisible ink and pin punctures, where small pin pricks are placed on selected letters, visible only when held against a light. (Stallings,1998) Digital watermarking is closely related to steganography. Watermarking is the process of embedding hidden information which is only visible after a process has been carried out. An example is the watermarking of bank notes to prove legitimacy. The main differences between watermarking and steganography are that the information hidden relates to the object it is hidden in. Also, it is possible that a watermark does not attempt to hide the fact that information is hidden, but steganography always does. Thus, the distinction between them can be made. Modern-day steganography techniques differ considerably from the traditional practices. With the development of the computer, steganography has adapted and there are now a variety of contemporary computerised techniques. The process of modern steganography uses a vessel file (a seemingly innocuous file) to hide the secret information. In this project, digital image files will be used as the vessel file. Thus, to provide a complete context, the concept of a digital image should be explained. A digital image is an array of numbers which represent light intensities at that particular point; these are called pixels. These digital images are commonly stored in 24-bit or 8 bit per pixel files. (Johnson et al,1998) There are also image files such as PNG (Portable Network Graphics) which have 34 bits per pixel, the extra 8 bits representing transparency. The colour variations in an image are obtained by mixing the three primary colours. A 24 bit image uses 8 bits (one byte) for each of red, green and blue in order to represent the colour of an individual pixel. An 8 bit file is a greyscale image and thus has only black and white pixels, represented by 8 bits per pixel. The least significant bit of a byte is defined as bit 0, e.g. given a byte 10001010, the least significant bit is the right-most bit 0 which has been underlined.

3|Page

One of the more common steganography algorithms is least significant bit hiding (Kawaguchi et al,1998). In this process, the least significant bits of an image are discarded, and instead the space is used to hide the bits of the secret file which has to be hidden. This allows for 3 bits of information to be stored in one pixel (Johnson et al,1998). This is possible without detection to the human eye because the replacement of the least significant bit will only affect the image by +1 or -1 if at all. The main deficit of this form of steganography is that it only allows you to hide up to 12.5% (1/8) of the size of the vessel image (Kawaguchi,2008). The first part of this project is to determine if this capacity can be increased to 25%. This would be through the use of not only the first least significant bit, but also the second to store the secret information. The first program will implement a LSB (least significant bit) algorithm. The second program aims to implement another, more recent algorithm called BPCS steganography. This method claims to be able to hide 50% (Kawaguchi,2008) of the size of the vessel image. Part of this project aims to employ such a program in java, and investigate the validity of this claim. In order to extract the information hidden by the methods detailed above, the receiver must be in possession of an appropriate decoding program and must also know that the information is there to be extracted. This demonstrates the significant difference between cryptography and steganography, that the process of sending an encrypted message does not disguise that there is secret information being transmitted. Thus, it brings attention to itself, and marks itself as such. However, steganography does not do this. It is possible to hide secret information in a file without it being apparent to any interceptor that such information is there. Despite not being initially obvious to the casual observer that steganography has taken place, it is still susceptible to attack. The term for such an attack is steganalysis. The primary objective is to detect the presence of hidden data, with a supplementary objective occasionally being to extract the hidden data. (Wang,2004) There are two main categories of steganalysis, visual analysis and statistical (or algorithmic) analysis. Visual analysis is effective where the steganography has not been efficient, or an ineffective vessel image has been chosen, however it is less easily automated than a statistical analysis (Westfield et al,1999). In an automated visual attack, the steps consist of the removal of all likely message bits followed by an image of the bits on the location of their source pixels(Westfield et al,1999). Statistical methods are highly effective and reveal small adjustments in an images statistical behaviour caused by the steganography process. However, due to the variation in steganography techniques it is difficult to obtain a single program which works for all methods. (Wang,2004)

4|Page

Currently, there is software available which provides the aforementioned facilities for steganography, however, none meet all the criteria set out in this proposal. For an evaluation of such software, see section 3, Background Survey.

5|Page

2. STATEMENT OF THE PROBLEM

The problem to be addressed in the forthcoming project is the comparison of selected current steganography techniques in order to determine the most effective technique. These algorithms are least significant bit (LSB) insertion, and bit-plane complexity segmentation (BPCS). The project aims to investigate the carrying capacity of image files with regards to these algorithms by the process of implementing programs using these algorithms and carrying out user evaluation and evaluation of the capacity by reference to steghide and other free steganography software. The source of the software used is publically available, details of the sources are given in the bibliography (Hetzl 2003, Strauss, Grossbart 2007, Vaydia 2009, Hempstalk 2005, Kawaguchi 2009). The programs which result from this project will initially allow the embedding and extraction of images, progressing onto the embedding and extraction of files. Both of which will be hidden in an image. The project will commence with implementing a least significant bit program and using it to hide another image within an image. The least significant bit approach is based on a simple concept, the right most bit (and thus the least significant bit) is replaced with a bit from the embedded data. With regards to using images in particular as the vessel, the choice of image and the format are important (Kipper,2004). The image should be inconspicuous, thus not drawing attention to the fact that it could be concealing information and should not contain large blocks of one colour. If one were to use an image with such blocks, the change of one bit could result in obvious distortion of the image. Also, the format of the image is important; the use of a lossy file format such as JPEG would mean that on reconstruction of the embedded file, bits could be lost due to the compression. On the other hand, the use of lossless images (such as BMP or GIF file) allows for the hidden file to be reconstructed completely. (Johnson et al,1998) However, the use of such an algorithm is limited as it allows for up to only 12.5% (1/8) of the size of the image to be hidden. (Kawaguchi,2008) From here, the project will then progress to the investigation of BPCS steganography. This technique relies on an attribute of human vision, which is that the human eye is unable to discern a difference between two rapidly changing binary patterns (Nozaki et al,1998). The result of this is that one can change specific segments of a digital image and store data equating to 50% of the size of the image file without detection by the human eye. (Kawaguchi,2008) In order to provide a context and further explain the problem, it is necessary to discuss briefly the concept of a bit-plane with regards to digital images. Digital images can be split into two categories. A multi-valued image is a colour image, and a binary image is a black and white image. An n-bit image can then be decomposed into a set of n binary images by bit-slicing operations (Nozaki et al,1998) e.g. given a 16 6|Page

bit image (16 bits per pixel), it can be split into 16 bit planes. A bit plane is a complete one-bit per pixel image. The decomposition of an image into bit planes results in lower planes which are noisy and have no apparent significant information in terms of human perception. On the other hand, the higher planes have a simple structure, making them key to human sensitivity of the image (Kamata et al,1995). In the example of a 16 bit image, the 0th bit plane (the first bit plane, by convention) is the least significant, and the 15th bit plane is the most significant. Thus, the first step in implementing a BPCS steganography program will be deconstructing an image into bit planes. Once this has been completed, analysis of the bit planes takes place. The purpose of this analysis is to determine which 8x8 pixel regions are complex. There is no distinct definition of complexity of a region. Kawaguchi proposed three types of complexity measure and the paper A Large Capacity Steganography Using Color BMP Images (Nozaki et al,1998) it is demonstrated that the use of a black and white border measure is an appropriate measure for an image complexity. Thus, it is intended that this be implemented in the proposed project. If time permits, the other two complexity measures will also be implemented. The border complexity can be described as follows: Given a binary image, the border length is the sum of the number of colour changes along the rows and columns in an image. In the example below, the border length is 4.

The changes are: in the middle column from white to black then from black to white and in the middle row there is a change from white to black, then black to white. This totals 4 changes, thus the border length of 4. The complexity measure is then defined for an image with a 2m x 2m frame as the border complexity of the image, divided by the maximum border complexity of an image of size 2m x 2m. The resulting complexity ranges between 0 and 1. (Nimi et al,1997) Each bit-plane should be split into 8x8 regions in order to carry out a calculation of the complexity of these areas. Local 8x8 regions of a bit-plane for a multi-valued image can be grouped into 3 categories; natural informative sections, artificial informative portions and noise-like portions. Natural informative sections should remain unchanged since alteration of these regions would result in a noticeable change to the vessel image. Noise like portions can be discarded and replaced with noise like portions from the secret data. Artificial informative portions occur where we have data to be embedded 7|Page

which isnt complex enough and would display an obvious change in the image. That is to say having an artificial informative portion would make a noise like portion look natural and so a change to this region would be obvious to an observer. The decoding program must be able to detect when hidden data has been embedded. This is carried out by distorting the secret data so that it appears noisy if it is not initially so. If the complexity of the data to be hidden does not reach the chosen threshold then a conjugation operation must be performed on the data to be embedded. This threshold is used to define a noisy region and hence also simple regions in all parts of the algorithm. A threshold of 0.3 was determined as optimum by Kawaguchi et al (Kawaguchi et al,1998), however, part of this project will be to explore different thresholds. The conjugation method was defined by Kawaguchi et al (Kawaguchi et al,1998) as follows: Given a 2n x 2n size binary image with black as the foreground area and white as the background area, then there are corresponding all white and all black patterns of the same size. In addition, there are two checkerboard patterns. One has a white pixel in the upper-left location, and the other has the upper-left pixel as black. The given binary image is understood by the following. Pixels in the foreground area have the all black pattern, while pixels in the background area have the all white pattern. Then the conjugate image of the given image is defined by the following attributes: The foreground area shape is the same as the shape of the original image The foreground area has the checkerboard pattern with black in the top leftmost position. The background area has the checkerboard pattern with white in the top leftmost position. The complexity of the conjugate image is then 1- complexity of P.

(Kawaguchi et al,1998) It is now possible to embed data as it is suitably complex such that the insertion of this data will not result in noticeable alteration to the image. Each block of the secret data to be hidden should be embedded in the noise-like regions of the bit-planes. If the block has been conjugated to ensure complexity one also needs to store the fact that it has been conjugated in a conjugation map which then has to be stored in the bit plane. The conjugation map details the location of the simple pattern which has had the conjugate operation applied. (Niimi et al,1999)

8|Page

The embedding itself is carried out on the lower level bit-planes progressing to the higher level bit-planes, this is because the lower plane are less significant (Niimi et al,1999). Part of the problem is to discover at which plane one should stop embedding. This will involve user evaluation studies to determine at which point people notice an abnormality in the image. The extraction of the information which has been embedded will be the reverse of the above method. Once the program is executing the above, it is necessary to determine the storage capacity obtained. In order to do this, the use of the free software Steghide will be used as a benchmark. It should be noted that this problem has been solved already, that is to say there exists software with this capability. However, the significance of completing this again is that Steganography is becoming more prevalent in the online domain. Also, only one complexity measure has been implemented in terms of BPCS Steganography, thus it would be beneficial to attempt to implement the other two possibilities and compare the results.

9|Page

3. BACKGROUND SURVEY

There are several programs which currently implement steganography. In the following paragraphs the programs evaluated will be Steghide (Hetzl,2003), Vecna (Strauss), Hackito Ergo Sum(Grossbart,2007),OpenStego (Samir,2009) and Digital Invisible Ink Toolkit (Hempstalk, 2005).

STEGHIDE Steghide is an open source steganography program written in C++. It provides functionality of encoding the data hidden in the picture chosen. It implements an algorithm based on graph theory. When selecting a cover file of size 2.21MB, the program reports a capacity of 126KB equating to 5% of the size of the cover image. The cover image is shown below:

10 | P a g e

When selecting a cover file of size 14.4MB, the program reports a capacity of 615.1KB, again equating to roughly 5% of the size of the cover image. The cover image is shown below:

When selecting a cover file of size 2.33MB, the program reports a capacity of 129.7KB again equating to 5% of the size of the cover image. The cover image is shown below:

Thus, in this case it would not be feasible to do much more than store small text files in an image. Effectively, this program provides Steganography for a large text file or a small image. 11 | P a g e

Steghide implements no user interface, the program is run entirely through command line prompts. This makes it difficult to install. Upon loading the software, a list of commands is displayed in the command prompt. This is seen below:

The result of the above is that it makes it difficult to interact with as the list of available commands are moved off screen as one completes more processes. It was not possible to gain access to the source code, and thus no comment can be made upon it.

12 | P a g e

Below are two images showing the comparison of the vessel image before embedding, and after embedding. BEFORE AFTER

This is the text file stored in the vessel image before it was embedded:

The same text file was produced upon extraction. 13 | P a g e

VECNA Vecna is written in Java and implements a simple GUI. It has an independent JAR which allows for easy running of the program. The GUI is shown in the screenshot below:

Below are two images showing the comparison of the vessel image before embedding, and after embedding.

BEFORE

AFTER

14 | P a g e

Below are two images showing the comparison of the image embedded, and extracted after embedding. BEFORE AFTER

Vecna uses the Least Significant Bit algorithm. It allows for any type of file to be embedded into an image file. There are several known bugs with this software; these are listed as follows on the Vecna website: If the user selects an image which is too large in respect of the RAM allocated by the program, an OutOfMemory error is thown and not caught. As a result all buttons are disabled and the user has to restart the program. There is no validation to check that the image being selected as the vessel is indeed an image. In this case, another uncaught exception is thrown resulting once more in a disabled interface. The program uses portable network graphics images, a bitmap image which upon compression loses no data. A portable network graphics (also known as a PNG file) image has 4 colour channels. One each for red, blue, green and an alpha channel for transparency. The program uses all four colour channels of a portable network graphics image. Thus, if a file is hidden in an image which has no transparency channel and sections of the file are stored in this channel, there could potentially be an obvious alteration to the observer. (Strauss) As well as the above, the passphrase is not marked by stars and if the user cancels out of this box the program ceases to work. The data structure implemented to keep track of 15 | P a g e

where the data has been embedded is inefficient, using of the image size in RAM (Strauss). When detailing the size of the image required to embed the chosen file, the size is given in pixels. It would be more useful to have this size in KB or MB. 24 bit RBG is approximately 3 bits per pixel. Since the program implements least significant bit insertion, it has a carrying capacity of 12.5%. The source code is available for Vecna. It is well separated into different classes and packages with javadoc comments which allows for relatively ease in reading the code. HAKITO ERGO SUM Hakito ergo sum is a java steganography program. The main disadvantage of Hakito Ergo Sum is that it has to be compiled and run by the user in an IDE or through the command line; this makes it considerably less accessible to those with limited knowledge of computers. It also only allows the user to encode a message typed into the graphical user interface; this means it would have limited applications, restricting it to mainly watermarking. A screenshot of the GUI is shown below:

The program will only read in JPEG, GIF and PNG images, again this limits the uses. Despite attempting to open an appropriate image, unhelpful error messages were thrown and a test of this software was not achieved. As indicated in the GUI, the File > Open Image option was used to load an image. A message was then typed into the Message to Encode box and the Create Encoded Image button was pressed.

16 | P a g e

The result is shown below:

Thus, despite loading an appropriate image, the software failed to run successfully. However, the program is well documented. The source code is available for download (Grossbart,2007) but is not well written as everything falls into two classes and is not well commented. In total there are approximately 1130 lines of code. OPENSTEGO OpenStego is a Java steganography program. The program is easily run as it provides a .bat file. The .bat file is a command line batch file which takes the onus off the user to use the command line to run the program. The algorithms implemented are least significant bit insertion and random least significant bit insertion where the embedded data is stored in random places, not sequentially. A particular strength of this program is that it allows the user to choose which algorithm will be implemented. Another strength of the program is the graphical user interface supplied, it is easy to use, consistent and provides informative feedback. Options are also available for compressing and password protection.

17 | P a g e

A screenshot of the GUI is shown below:

However, it does not supply information on the GUI regarding the size of the file required to cover a secret file. Thus, one can only deduce due to the use of LSB as the algorithm, as seen with other such programs, a capacity of roughly 12.5% is achieved. In addition to this, another weakness is that the program only works when hiding image files in image files, it doesnt work for any other kind of data. Renaming a text file extension to .png and running the program to embed works, however extraction of this does not.

The following error message was shown:

This limits use considerably.

18 | P a g e

Below are two images showing the comparison of the vessel image before embedding, and after embedding. BEFORE AFTER

DIGITAL INVISIBLE INK TOOLKIT This program is written in Java and allows the embedding and extracting of files in to images. It provides the user with 6 possible algorithm choices for embedding the data. These are; BattleSteg, BlindHide, DynamicBattleSteg, DynamicFilterFirst, FilterFirst and HideSeek. A brief description of each is provided below: BattleSteg: This algorithm first analyses the image to acquire a list of the most appropriate places to hide the secret information. The algorithm then randomly selects places to hide until it finds one of the places in the list. It then embeds information there and in the surrounding pixels before starting again. DynamicBattleSteg: Similar to BattleSteg but uses dynamic programming to reduce the amount of memory used in the process. BlindHide: This algorithm starts embedding the secret data at pixel (0,0) and scans along the pixels embedding as it goes. FilterFirst: This algorithm uses edge detecting filters to acquire an ordered list of the optimal places to embed. It then starts to embed in the order detailed. 19 | P a g e

DynamicFilterFirst: Similar to FilterFirst, but implements dynamic programming to reduce the size of memory used. HideSeek: This method randomly selects a bit to hide data in and continues until all the secret data is hidden. However, it still does not implement BPCS steganography. It also provides functionality to allow the benchmarking and steganalysis of any image chosen. The GUI is very easily navigated and used. Everything is labelled and displayed well. It displays an embedding rate bar which shows the user in a graphical manner, how much of the storage capacity of an image would be used by embedding the chosen file. A screenshot is shown below:

20 | P a g e

When attempting to hide files within digital images, the following out of memory error was frequently shown:

This means that it would be less feasible for use as errors will be consistently thrown with images. In addition to the aforementioned functions, Digital Invisible Ink Toolkit allows the user to simulate hiding so the user gets an accurate map of where the information is hidden (Hempstalk, 2005). Finally, it also allows for steganalysis to be performed. However, the steganalysis results are not meaningful to the casual user. This is shown in the screenshots below: LaPlace Analysis RS Analysis

21 | P a g e

If the final option for sample pairs analysis is selected, an error message is thrown. The main problem with the results produced for Steganalysis is that it does not detail in specific terms if steganography is detected or not. This is not comprehensible to an uninformed user. When the webpage for the Digital Invisible Ink Toolkit is inspected, it details that in RS Analysis the lower the numbers are, the more effectively the images are hidden. It also details that for original images these figures signify the natural bias of the image. It is indicated that they will normally have a bias between 1 and 3 percent. The image below is the result when selecting to benchmark an original vessel image with the embedded image. Again, the results are unintelligible for a layman.

The benchmark process is carried out between two images. The first four benchmarks are within a range of 0 and 1. If the result is 0 it means there is no difference, 1 means it is a complete contrast. The other results increase in value as the distinction between the images increases.

22 | P a g e

QTECH This software is the only software found which implements BPCS. The platform for QTech is windows (written in visual c++). It has a GUI which is simple and efficient. This is shown in the screenshot below:

Below are two images showing the comparison of the vessel image before embedding, and after embedding. BEFORE AFTER

23 | P a g e

Upon running the installation exe the screen below is produced:

This makes the installation confusing. However, if the OK button is selected, the program installs as anticipated. It provides the function to select the format of the output (JPEG, BMP or PNG) and also provides a function to embed an individual file or a folder. The embedding capacity for a BMP of size 1.37MB was reported to be 458.75KB, 33% of the file size. For a BMP of size 426KB is reported at 191.82KB, 45% of the file size. However, use of the full program is limited to 90 days and the source code is not available. The program is available for download from (Kawaguchi,2009, QTech).

24 | P a g e

4. PROPOSED APPROACH In order to approach this software development it is aimed to carry out the development in stages. These stages will be distinguished by identifying deliverables, the expected outcome of each stage. Each stage will be planned in detail during the execution of the prior stage, with the initial stage planned in detail. The deliverables/stages identified are as follows: A program which uses the LSB algorithm with one bit to store a file within an image and allow for extraction Results of an analysis of the capacity this allows for embedding and update the GUI to allow this information to be displayed A modification of the first program to allow for the selection of hiding information in >1 least significant bits Results of user evaluations to determine at which point any abnormality of the image is apparent, thus determine the maximum capacity of LSB steganography A program which implements the BPCS algorithm and allows for extraction BPCS algorithms with 2 alternative complexity measures INITIAL JAVA IMPLEMENTATION The following details the initial plan for java implementation. A basic GUI will be written which implements JFileChooser to allow the selection of the image to be carried out. Thus, the image will be able to be stored anywhere on the users machine and they can easily navigate and select the image file. This image must then be converted to BMP to allow for embedding. This can be done using Java through the ImageWriter class which is part of the Java Image I/O framework. The compression type can be manually set to BMP when writing out using the getDefaultWriteParam() method of the ImageWriter to return an ImageWriteParam which you can set the compression mode for. Next, the Java class PixelGrabber will be used to allow the pixels to be captured from the selected image and stored in an array of integers. Bit manipulation operations will then be carried out on the array returned as a result of PixelGrabber in order to allow the swapping of bits from the array containing the data to be hidden. Once this has been completed, the image can once more be written out.

25 | P a g e

RISK ANALYSIS The largest risk is the constraint of time, it is not possible to determine with a high certainty the length of time it will take to complete this project. A similar risk is that of size underestimate, it is feasible that the size of this project has been misjudged. Thus, estimation risks are high probability in this case and the effects of this risk are deemed serious. With regards to People risks (Sommerville,2006) there is an inherent risk in this project with regards to the experience of the individual undertaking the project. It is deemed that this risk is of moderate probability and the effects are serious. Another possible risk is that of organisational risk. It could be that the planning for the project is insufficient or ineffective. It is most likely that the probability of this risk is moderate, but that the effects of the risk are tolerable. There is a risk that the programs will be ineffective, that is to say that they will be vulnerable to attack. In order to combat this risk, part of the proposed approach is to carry out user evaluations in order to ensure that any alterations to the image are not noticeable to the naked eye. However, despite these risks, it should be noted that the scope of the project can be adjusted if necessary, thus diminishing any concerns over feasibility.

26 | P a g e

5. WORK PLAN As detailed in the previous section, the stages to be completed in the proposed project are as follows, the indicated time frame is detailed along side: Experiments with Java libraries for manipulating images and with bit operations in Java Timeframe: 1 week Implement a program using the LSB algorithm with one bit to store a file within an image and allow for extraction Timeframe : 1.5 weeks Modify the first program to allow for the selection of hiding information in >1 least significant bits. In particular, a comparison of least significant bit insertion of 1 and 2 bits will be examined. Timeframe : 1 week Perform user evaluations to determine at which point any abnormality of the image is apparent, thus determine the maximum capacity of LSB steganography Timeframe: 0.5 weeks Implement a program using the BPCS algorithm and allow for extraction Timeframe: 4.5 weeks Evaluate BPCS by user evaluations Timeframe: 0.5 weeks Investigate the carrying capacity of BPCS Timeframe: 1 week Finalise dissertation Timeframe: 2 weeks Time permitting: Implement the two alternative BPCS complexity measures identified by Kawaguchi et al (1999) Note that it is intended that the dissertation will be written alongside the implementation, not subsequent to it.

27 | P a g e

BIBLIOGRAPHY

Flanagan, D. , 2005, Java in a Nutshell , 5th Edition, O'Reilly Summary: This book is a reference to the Java programming language. It provides details on Java classes and packages as well as its key Application Programming Interfaces. Grossbart, Z., 2007, Hakito Ergo Sum Steganography Software [Online], Available at: http://www.zackgrossbart.com/hackito/2007/11/30/how-to-keep-a-secret-secret/ [Accessed 12/03/2009] Summary: This website is dedicated to detailing the steps in writing a simple steganography program. It provides a brief introduction the concept of steganography and documentation on the code for the program. It also allows the download of the source code of Harkito Ergo Sum. Hempstalk, K. , 2005, Digital Invisible Ink Tool Steganography Software [Online], Available at: http://diit.sourceforge.net/ , [Accessed 12/03/2009] Summary: This website is dedicated to the free steganography software Digital Invisible Ink Tool . It provides background on steganography as well as documentation, examples of the images resulting from use of the software and a link to download the program. Hetzl, Stefan, 2003, StegHide Software [Online], http://steghide.sourceforge.net/ [Accessed 01/02/2009] Available at:

Summary: This website provides documentation and a link for downloading the steganography software StegHide. Johnson, N., Jajodia, S, 1998, Exploring Steganography: Seeing the Unseen, Computer (published by IEEE), Volume 31, Issue 2, pages 26-34 Summary: This article provides an overview of steganography on a high level. It details the premise of modern steganography and some of the common algorithms such as LSB insertion. It also reports on evaluations carried out on several steganography programs. Specifically these programs are StegDos, White Noise and S-Tools. Kamata, S. et al, 1995, Depth-First Coding for Multivalued Pictures Using Bit-Plane Decomposition, IEEE Transactions on Communications, Volume 43, No. 5 Summary: In this paper a data compression technique which implements a bit-plane decomposition approach is described. It details the merits of this approach and discusses the complexity with respect to the black-white boundary of an image.

28 | P a g e

Kawaguchi, Eiji et al, 1998, A Concept of Digital Picture Envelope for Internet Communication, 8th European-Japanese Conferences on Information Modelling and Knowledge Bases, pages 343-350 Summary: This paper discusses a technique to embed information in a digital image with particular emphasis on its uses for internet communication. It discusses the difference between this Digital Envelope concept and cryptography as well as discussing the security implementations. Kawaguchi, E., Eason, R., 1998, Principles and applications of BPCS-Steganography, SPIE's International Symposium on Voice, Video, and Data Communications Summary: This paper provides a brief overview of steganography and details the definition of image complexity, the image conjugation operation and the algorithm for carrying out BPCS steganography. It also reports the results of an experiment carried out as well as some applications of BPCS. Kawaguchi, Eiji, 2008, Principle of BPCS-Steganography [Online] Available at: http://www.datahide.com/BPCSe/principle-e.html [Accessed 10/1/2009] Summary: This article details the principles of BPCS steganography. It discusses how a digital image can be split into bit planes and the distinction between informative and noise like regions. It also contains particulars on the program implemented to use this algorithm (QTech) and provides pointers on how one might approach writing such a program themselves. Kawaguchi, E., 2009, QTech Steganography Software [Online], Available at: http://www.datahide.com/BPCSe/QtechHV-download-e.html [Accessed 12/03/2009] Summary: This webpage allows for the downloading of the QTech software. Kipper, G., 2004, Investigators Guide to Steganography, CRC Press Summary: This book provides a comprehensive guide to steganography. It discusses in depth the history of steganography and its modern methods. It progresses to discussing the digital steganography and compares it with digital watermarking before concluding with the real world applications of steganography and details of steganalysis. Niimi, M. et al, 1997, An Image Embedding in Image by Complexity Based Region Segmentation Method, Proceedings of the 1997 International Conference on Image Processing (ICIP '97) Volume 3, pages 74-77 Summary: This paper describes the technique of embedding secret data into a digital image by use of image segmentation based on a local complexity measure. It also reports on the results of experiments carried out using this method.

29 | P a g e

Niimi, M. et al, 1999, Steganography Based on Region Segmentation With a Complexity Measure, Systems and Computers in Japan, Volume 30, No. 3 Summary: This paper describes the BPCS steganography technique. It details the approach of dividing a digital image into informative and noise-like regions. It also reports results on an experiment using this technique. Nozaki, K. et al, 1998, A Large Capacity Steganography Using Color BMP Images, Lecture Notes in Computer Science; Vol. 1351, pages 112-119 Summary: This paper proposes the beginnings of the BPCS technique. It describes noise like and informative regions and details how this can be used to embed information. Rebah, K. , 2004, Steganography The Art of Hiding Data , Information Technology Journal, Journal 3, pages 245-269 Summary: This paper discusses steganography in a current and historical context. It details the strengths and weaknesses of steganography and discusses some of the common algorithms (e.g. LSB replacement) as well as detailing several programs which implement steganography. Stallings, William, 1998, Cryptography and Network Security: Principles and Practice, 2nd edition, Prentice Hall Summary: This book details cryptography and security related topics. It briefly discusses steganography and provides a small overview of it. Sommerville, I. , 2006, Software Engineering , 8th Edition, Addison Wesley Summary: This book details Software Engineering practices, it was used to obtain information regarding the possible approaches to software development. Strauss, Vecna Steganography Software [Online], Available at: http://www.unikoblenz.de/~strauss/vecna/ [Accessed 12/03/2009] Summary: This website details documentation and a link to download the Vecna steganography software as well as a link to the source code. Vaydia, Samir, 2009, OpenStego Steganography Software [Online], Available at: http://openstego.sourceforge.net/ [Accessed 10/03/2009] Summary: This website provides a brief introduction to steganography as well as a link to download the OpenStego steganography software. It details how to use the software and the features provided.

30 | P a g e

Wang, H., Wang, S., 2004, Cyber Warfare: Steganography vs. Steganalysis, Communications of the ACM, Volume 47, No. 10, pages 76-82 Summary: This paper provides an overview of steganalysis methods. It details a brief introduction to steganography which includes details on the key differences between steganography and watermarking. It progresses to detail the different methods of detection of steganography and discusses several steganalysis methods. Westfield, A., Pfitzmann, A., 1999, Attacks on Steganographic Systems, Lecture Notes in Computer Science; Vol. 1768, pages 61 - 76 Summary: This paper discusses the weaknesses of steganographic systems and in particular presents visual attacks and statistical attacks. The paper introduces some statistical methods to detect steganography and uses steganography programs to demonstrate the weaknesses.

31 | P a g e