Академический Документы
Профессиональный Документы
Культура Документы
Steganography 2
Steganography v Cryptography
Both have been used throughout recorded history
as means to protect information
Cryptographic techniques "scramble" messages so
if intercepted, the messages cannot be understood
Steganography, in an essence, "camouflages" a
message to hide its existence and make it seem
"invisible" thus concealing the fact that a message
is being sent altogether
History of steganography
Herodotus mentions it for the first time in his
history
Demeratus wanted to notify Sparta that Xerxes
intended to invade Greece
Steganography 10
Hiding the Goods with Stego
Overview of Steganography
The Growth of Steganography – modern data
compression, info theory, spread spectrum and crypto
are brought together to satisfy the need for privacy on
the Internet
Steganography in Use – powerful tool for secret
communication
Flaws of Steganography – Stego is not perfect
Algorithms are known
Message is not encrypted
Steganography 11
Hiding the Goods with Stego Cont’
Variations of Stego
Trojan Horses – sneak viruses or other malicious code
Covert Channels – subclass of Stego
Two parties signal to each other without anyone else
knowing they are communicating. (Holland Windmills )
Easter Eggs – hybrid between Trojan horses and Stego
Hardware Keys – used for Copyright protection
Steganography 12
Hiding the Goods with Stego Cont’
Security and Steganography
Confidentiality – network security
Survivability – hiding data in TCP/IP headers
On a local Network you can use TTL (Time To Live) field
Across the Internet though, each router will decrement the
TTL with one
No Detection – Stego must be hard to find.
Visibility – make sure that people can’t see any
changes to the host file in which data is hidden.
Steganography 13
Hiding the Goods with Stego Cont’
Principles of Steganography
Types of Steganography
File Type – hide data in least significant bits of each
pixel of .bmp image
Method of Hiding
Injection – after EOF of audio file
Substitution – replaces the insignificant info with covert
Generation – creates new overt file from the covert
Steganography 14
Digital Watermarking
What is Digital Watermarking?
Types of Digital Watermarking
Invisible Watermarking
Visible Watermarking
Digital Watermarking and Stego
Uses of Digital Watermarking
Removing Digital Watermarking
Steganography 15
Steganography 101
Types of Steganography:
Original Classification Scheme (how data is hidden)
Insertion-Based
Algorithmic-Based
Grammar-Based
New Classification Scheme (how and where data is
hidden)
Insertion-Based
Substitution-Based
Generation-Based
Steganography 16
Steganography 101
Types of Steganography:
Insertion-Based – information is added that
increases the file
Substitution-Based – substitute data for information
already in the file (overwriting)
Generation-Based – the covert file created from
previous methods is used to create the overt file.
Steganography 17
Steganography 101
Color Tables:
Images are composed of dots called pixels
Each pixel gets its own color by combining
percentages of red, green and blue (RGB)
Each of these colors has value from 0 to 255
Zero designates that the color is present
255 designates complete saturation of that color
RGB color model has 16,777,216 possible colors
Total of 255x255x255
Steganography 18
Steganography 101
Color Tables Cont’:
Examples:
255 0 0 is red
0 255 0 is green
0 0 255 is blue
0 0 0 is black
255 255 255 is white
Steganography 19
Steganography 101
Color Tables Cont’:
Color Tables are used by Entry R G B
several stego techniques
to hide data 0 24 104 155
1 41 100 65
2 24 120 179
3 33 83 49
4 82 132 90
Steganography 20
Steganography 101
Products Implementing Stego
S-Tools – freeware for hiding data in GIF or .bmp image files
or .wav files
Hide and Seek
J-Steg
EZ Stego
Image Hide
Digital Picture Envelope
Camouflage
Gif Shuffle
Spam Mimic
Steganography 21
Stego Files Across a Network
Uses and Techniques of Network Stego
Hiding in Network Traffic – making your connection emulate
the often-used port 80 traffic (HTTP), your message might pass
without raising anyone’s suspicions
Stego Combined with Viruses – hide a virus in .txt using
Stego, avoiding detection. Later the virus could pull its payload
from .txt and infect the system
Tracking Internet Usage – URL embedding, Hidden fields,
Cookies. Online stalking (Cyberstalking) is used to mimic your
behavior, leading to identity theft.
Steganography 22
Stego Files Across a Network
Network Stego Techniques
Hiding in an Attachment – file-based stego is used to hide the
covert message in a file and attach it to some other form of
network traffic (FTP, Web site posting)
Hiding Data in an E-mail Attachment – send spam mail to
thousands of people, only the intended recipient will look for it
Transmitting Hidden Data with FTP – hide the secret data in
picture and post it on FTP
Posting Stego to a Web Site – pictures posted on your Web site
containing covert files.
Steganography 23
Stego Files Across a Network
Hiding in a Transmission
Using Invisible Secrets to Hide and Transmit Data
Camera-Shy
Hiding Data in Network Headers
Using IP and TCP Headers for Stego
UDP and ICMP Headers
Covert TCP
Hiding in an Overt Protocol
Steganography 24
Stego Files Across a Network
Using IP and TCP Headers for Stego
4-bit IP
Using IP Headers for 4-bit
version
header
length
8-bit TOS 16-bit Total length (in bytes)
Stego 3-bit
16-bit IP identification number 13-bit fragment offset
Hide data here flags
IP identification number
is used to track packets 32-bit source IP address
that have to be
32-bit destination IP address
defragmented.
Any number can be used options (if any)
Stego
Hide data here 32-bit sequence number
Steganography 26
Cracking Stego and Crypto
Who’s Cracking What?
Cracking Analysis
Cryptanalysis
Steganalysis
The Role of Detection
Detecting Encryption
Randomness and Compression
Detection and Image Files
Steganography 27
Cracking Stego and Crypto
Cracking Crypto:
General Attacks
COA – Ciphertext-Only Attack
KPA – Known Plaintext Attack
CTA – Chosen Plaintext Attack
CCA – Chosen Ciphertext Attack
Specific Attacks
Brute-Force Attack
Replay Attack
Man-in-the-Middle Attack
Meet-in-the-middle Attack
Birthday Attack
Steganography 28
Cracking Stego and Crypto
Cracking Stego:
Specific Techniques
S-Tools V4.0
J-Steg
EZ Stego
StegDetect
Steganography 29
Cracking Stego and Crypto
Cracking Stego S-Tools V4.0 files with 8-bit color:
Naturally 8-bit color files have few duplicated colors.
Files that have data hidden with S-Tools have many duplicating
colors
Program called sdetect examines the color table of .bmp
images for near duplicates and reports a measurement of
duplication:
C:\Data\forest.bmp C:\Data\forest_h.bmp
File Name: forest.bmp File Name: forest_h.bmp
Actual size: 66146 Reported: 66146 Actual size: 66146 Reported: 66146
Steganography 30
Developing Secure Communication
Strategy
Secure vs. Secret
The Roles of Crypto and Stego in Business
Why You Need Both Stego and Crypto
Complimentary Services, providing more robust result
Crypto and Stego in Business today
How Crypto and Stego Make You More Secure
Developing Strategy
Common Problems with Secure Technologies
Training the users
Protecting your keys and passwords
How detectable are yours stego tools
Steganography 31
Steganography at Large
Corporate Espionage
Who’s Playing?
Information Attacks (software piracy)
System Attacks ( Hidden viruses in e-mail)
Steganography at Large:
Corporate Espionage
Who’s Playing?
Freelance – independent hacker who steals and sells to
highest bidder
Outsourced – a company hires info broker to steal
information from competition
State-sponsored – governments use intelligence to
discover secret projects at foreign companies and offer
it to their own countries to give them competitive edge
Steganography at Large:
Corporate Espionage
June 1998
More than $11.4 Billion has been lost due to piracy.
Over 25% of all software applications are pirated in the
U.S.
As high as 95% in Southeast Asia and Eastern Europe.
Steganography at Large:
Corporate Espionage
February 1, 2003
The release of The SoftwareShield System
New Software Licensing System Embeds Sensitive Data Inside Images
through the use of Steganography.
The SoftwareShield System has the ability to hide encrypted license
data inside images
SoftwareShield primarily helps software developers who choose to
deliver or license their products in electronic format by the internet -
for the obvious cost benefit while maintaining security.
Steganography at Large:
Option of using encrypted data hidden in the corners of
images to license and protect their applications.
Doing this enables developers with the power to create
demo, trial, copy-protected, leased, pay-per-use and many
other editions of their software with a minimum of effort
and a solid level of security.
www.softwareshield.com
Future of Steganography
To ban technology that could be used in an
inappropriate manner would mean that few
technologies could ever be released.
The more we look for where messages could be
hidden, the more one realizes that the possibilities
are limitless.
The Future of Steganography
Steganography 42