Designing Secure and Survivable Stegosystems

Steganography, the art and science of carrying out hidden communication, is an emergingsub-discipline of information security. Unlike cryptography, steganography conceals the existenceof a secret message by embedding it in an innocuous container digital media, thereby enablingunobstrusive communication over insecure channels. Detection and extraction of steganographiccontents is another challenge for the information security professional and this activity iscommonly known as steganalysis. Recent progress in steganalysis has posed a challenge fordesign and development of stegosystems with high levels of security and survivability. In thispaper, different strategies have been presented that can be used to escape detection and foilan eavesdropper having high technical capabilities as well as adequate infrastructure. Based onthe strength and weaknesses of current steganographic schemes, ideas have been progressedto make detection and destruction of hidden information more difficult

The Value of User-Visible Internet Cryptography

Cryptographic mechanisms are used in a wide range of applications, including email clients, web browsers, document and asset management systems, where typical users are not cryptography experts. A number of empirical studies have demonstrated that explicit, user-visible cryptographic mechanisms are not widely used by non-expert users, and as a result arguments have been made that cryptographic mechanisms need to be better hidden or embedded in end-user processes and tools. Other mechanisms, such as HTTPS, have cryptography built-in and only become visible to the user when a dialogue appears due to a (potential) problem. This paper surveys deployed and potential technologies in use, examines the social and legal context of broad classes of users, and from there, assesses the value and issues for those users

Universal steganography model for low bit-rate speech codec

Low bit-rate speech codec offers so many advantages over other codecs that it has become increasingly popular in audio communications such as mobile and VoIP (Voice over Internet Protocol) communications, and thus researching steganography in low bit-rate speech codec is of important significance. In this study, we proposed a universal VoIP steganography model for low bit-rate speech codec that uses the PESQ deterioration rate and the decoding error to automatically choose a data embedding algorithm for each VoIP bitstream, which enables ones to achieve covert communications using a low bit-rate speech codec efficiently and securely. Since no or little attention has been paid to steganography in iSAC (Internet Speech Audio Codec), it was chosen as the test codec to verify the effectiveness, security, and practicability of the proposed steganography model. The experimental results show that, with the proposed steganography model, it achieved the average PESQ deterioration rate of 4.04% (less than 5%, indicating strong imperceptibility) and a high data hiding capacity up to 12 bits/frame (400 bits/second, three times larger than other methods), and the proposed steganography model could effectively resist the latest steganalysis

Verification and Application of Conceptual Model and Security Requirements on Practical DRM Systems in E-Learning

The paper represents a verification of a previously developed conceptual model of security related processes in DRM implementation. The applicability of established security requirements in practice is checked as well by comparing these requirements to four real DRM implementations (Microsoft Media DRM, Apple's iTunes, SunnComm Technologies’s MediaMax DRM and First4Internet’s XCP DRM). The exploited weaknesses of these systems resulting from the violation of specific security requirements are explained and the possibilities to avoid the attacks by implementing the requirements in designing step are discussed