Академический Документы
Профессиональный Документы
Культура Документы
q Examples
1
11/08/19
Steganography
Digital Watermarking
2
11/08/19
Steganography : History
• Shave the messenger’s head, taVoo the secret message, allow hair to grow and
then send the messenger. When the messenger reaches the desJnaJon, his head
can be shaved once again in order to see the hidden message.
• German spy sent this message during World War II:
Apparently neutral’s protest is thoroughly discounted and ignored. Isman hard hit. Blockade
issue affects pretext for embargo on by-products, ejec*ng suets and vegetable oils.
• ExtracJng second leVers from the words gives:
Pershing sails from NY June I.
Terminologies
• Basic concept:
Cover-medium + Embedded-message + Stego-key = Stego-medium
3
11/08/19
• Each pixel is represented by an 8-bit value (GIF) or a 24-bit value (JPEG, BMP).
• The image data is usually compressed.
• Lossless compression: The exact pixel values are stored.
• Lossy compression: Approximate pixel values are stored.
• A JPEG (Joint Photography Experts Group) image is a 24-bit image file that
uses lossy compression based on the discrete cosine transform (DCT).
• Both GIF and JPEG formats use adaptaJons of the Lempel-Ziv (LZ)
compression algorithm.
4
11/08/19
Steganography: Methods
• Least significant bit (LSB) inserLon: Modify the LSB of a pixel value based on the
message to hide. Small changes in the pixel values cannot be noJced by human
observers.
• ProperLes:
• Simple to implement.
• CompaJble with lossless compression.
• BeVer adapted to 24-bit images.
• Ohen works well with gray-scale images.
• Extremely vulnerable to image manipulaJons.
Other Methods
10
5
11/08/19
11
• Suppose we want to hide the leVer ‘C’ in a GIF image. The ASCII value of ‘C’ is 67, i.e.,
01000011.
• Suppose that the first eight pixels of the GIF image are:
00110101 01001000 00101000 00110101
00101111 00011100 01001000 01001000
• Modifying the LSBs corresponding to ‘C’ gives:
00110100 01001001 00101000 00110100
00101110 00011100 01001001 01001001
• Changes in the index values (in the color-map table) may lead to easily detectable
paVerns in the image (for example, a red spot in the blue sky).
12
6
11/08/19
Examples
• Text message to hide
• Steganography is the art and science of communicaJng in a way which hides the existence of the
communicaJon. In contrast to cryptography, where the “enemy” is allowed to detect, intercept and
modify messages without being able to violate certain security premises guaranteed by a cryptosystem,
the goal of steganography is to hide messages inside other “harmless” messages in a way that does not
allow any “enemy” to even detect that there is a second secret message present.
Cover Stego
Image Image
13
Cover Image
14
7
11/08/19
+ =
15
16
8
11/08/19
q What is biometrics?
q Applica9ons
1
11/08/19
What is Biometrics?
Fingerprint RecogniGon
• Minu9ae
• PaSern matching
• Problems:
• Not robust
• Some9mes unusable
2
11/08/19
Hand Geometry
Iris RecogniGon
3
11/08/19
Facial RecogniGon
Voice VerificaGon
• Features:
• Pitch, intensity, quality and dura9on.
• Requires proper handling of background noise.
4
11/08/19
ReGna RecogniGon
• Server login
• Electronic payment
• Access control to regions
• Record protec9on
10
5
11/08/19
• Passport control
• Border control
• Access control to facili9es
• Adhaar UID
11
• Missing persons
• Corpse iden9fica9on
• Criminal inves9ga9ons
12
6
11/08/19
PracGcal Systems
13
Usage of Biometrics
• Authen9ca9on (1:1)
14
7
11/08/19
• Verifica9on (1:N)
15
16
8
11/08/19
1
11/08/19
• PrevenFon?
• Configure edge router to reject external packets to broadcast address.
2
11/08/19
DoS
gateway DoS
Source Target
Internet
Broadcast
Enabled
Network
Victim System
3
11/08/19
65,536 bytes
4
11/08/19
• Basic idea:
• The a3acker exploits the 3-way
handshake protocol for TCP connecFon
establishment.
• Server accumulate “half-open”
connecFons.
• The half-open connecFons build up
unFl the queue becomes full, and all
addiFonal requests are blocked.
C S
C S
SYNC Listening
SYNC1 Listening
Store data SYNC2
SYNS, ACKC Store data
SYNC3
Wait SYNC4
ACKS
SYNC5
Connected
10
5
11/08/19
11
12
6
11/08/19
C S
SYNC
Listening…
13
14
7
11/08/19
1
11/08/19
VicNm
AHacker
2
11/08/19
VICTIM
To: SERVER
From: Bot VicGm
Send me lots of data
Bot
SERVER
From: SERVER
To: VicGm
VicNm
Here are the data you requested
3
11/08/19
4
11/08/19
10
5
11/08/19
11
12
6
11/08/19
13
14
7
11/08/19
• General precauNons
• Routers, machines, and all other Internet accessible equipment should be periodically
checked to verify that all security patches have been installed.
• System should be checked periodically for presence of malicious soNware (Trojan horses,
viruses, worms, back doors, etc.).
15
16
8
11/08/19
1
11/08/19
2
11/08/19
DNS Caching
• Once a DNS server learns about a (name, IP address) mapping, it caches it.
• Cache entries Omeout (disappear) a\er some Ome.
• Top-level DNS servers typically cached in local DNS servers.
• Avoids frequent visit to root DNS servers.
3
11/08/19
DNS Vulnerability
• Basic idea:
• Give DNS servers false records and get them cached.
• Cache may be poisoned when a DNS server disregards the 16-bit request idenOfiers to
pair queries to answers, or accepts unsolicited DNS records.
4
11/08/19
• DNSSEC guarantees:
• AuthenOcity of DNS response origin.
• Integrity of DNS query response.
• AuthenOcity of denial of existence.
10
5
11/08/19
Recursive DNS
User
Server
AuthoritaKve
DNSSEC DNS Server
11
DNSSEC
12
6
11/08/19
13
• Provides confidenOality and authenOcaOon service that can be used for electronic
mail and file storage applicaOons.
• Why popular?
• It is availiable free on a variety of plajorms.
• Based on well known algorithms.
• Wide range of applicability.
• Not developed or controlled by governmental or standards organizaOons.
3c/14 14
7
11/08/19
Services in PGP
15
16
8
11/08/19
18