Steg in the real world
Download
1 / 16

Steg in the Real World - PowerPoint PPT Presentation


  • 76 Views
  • Uploaded on

Steg in the Real World. Two examples that move the work of steganalysis out of the lab The massive data survey of Provos et al. 2003 The [email protected] distributed steganalysis framework. Steg on the Web?. Provos et al. 2003* 2 million JPEG images from 1 million JPEG images from Usenet

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' Steg in the Real World' - ena


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Steg in the real world
Steg in the Real World

  • Two examples that move the work of steganalysis out of the lab

    • The massive data survey of Provos et al. 2003

    • The [email protected] distributed steganalysis framework


Steg on the web
Steg on the Web?

  • Provos et al. 2003*

  • 2 million JPEG images from

  • 1 million JPEG images from Usenet

    • Images restricted in size between 20KB and 400KB

  • stegdetect

    • Identified potential hidden content in 1% of the images

*N. Provos and P. Honeyman, IEEE Security and Privacy Magazine, May/June 2003


Steg on the web1
Steg on the Web?

  • Percentage of (false) positives

    • JPHide “detected” most often


Steg on the web2
Steg on the Web?

  • Verifying hidden content

    • Stegbreak

      • Dictionary attack against Jsteg, JPHide, and Outguess

    • Ebay: multi-lingual dictionary of 850,000 words

    • Usenet: short PIN numbers and pass phrases; 1.8 millions words


Steg on the web3
Steg on the Web?

  • Performance of Stegbreak

1.2 GHz PIII

JPHide: 10 days

Outguess: ?

Jsteg: 8 days


Towards a larger steganalysis framework
Towards a larger steganalysis framework

  • Disconcert - a distributed computing framework for loosely coupled workstations

    • Distribute indices into stegbreak’s dictionary

  • Ebay: 60 nodes, 200,000 per second for JPHide

  • Usenet: 230 nodes, 870,000 keys per second


Is anything out there
Is anything out there???

  • Conclusions of Provos et al. 2003

    • All steganographic systems users carefully choose passwords that are not susceptible to dictionary attacks

    • Images from sources not analyzed carry steganographic content

    • Images carried content embedded by tools that stegdetect does not consider

    • Messages are too small for detection








Steganalysis support
Steganalysis Support

  • Publicly available wrapped tools

    • Stegdetect (JPEG)

    • Digital Invisible Ink Toolkit (BMP, PNG)

      • Detects LSB methods

    • Custom “supertool”

      • Detects via signatures:

        • In Plain View, S-Tools, Mandelsteg, Hide and Seek v.4 And v.5, Hide4PGP

    • Statistical tests:

      • 2 and 2 histogram


Steganalysis tool wrapping support
Steganalysis Tool Wrapping Support

  • Full featured tool wrapping API

    • Tool wrapping support for C/C++, Java, and Matlab programs

    • Network communication with XML messages between worker clients and [email protected] server


Implementation details
Implementation Details

  • Entire framework written in Java 5

    • Tool support in a variety of languages

    • JNI low-level system support for Linux and Windows

    • JBOSS backend server

    • EJB 3 Object Model


ad