Universal Image Steganalytic Method

In the paper we introduce a new universal steganalytic method in JPEG file format that is detecting well-known and also newly developed steganographic methods. The steganalytic model is trained by MHF-DZ steganographic algorithm previously designed by the same authors. The calibration technique with the Feature Based Steganalysis (FBS) was employed in order to identify statistical changes caused by embedding a secret data into original image. The steganalyzer concept utilizes Support Vector Machine (SVM) classification for training a model that is later used by the same steganalyzer in order to identify between a clean (cover) and steganographic image. The aim of the paper was to analyze the variety in accuracy of detection results (ACR) while detecting testing steganographic algorithms as F5, Outguess, Model Based Steganography without deblocking, JP Hide&Seek which represent the generally used steganographic tools. The comparison of four feature vectors with different lengths FBS (22), FBS (66) FBS(274) and FBS(285) shows promising results of proposed universal steganalytic method comparing to binary methods

Steganography: a class of secure and robust algorithms

This research work presents a new class of non-blind information hiding algorithms that are stego-secure and robust. They are based on some finite domains iterations having the Devaney's topological chaos property. Thanks to a complete formalization of the approach we prove security against watermark-only attacks of a large class of steganographic algorithms. Finally a complete study of robustness is given in frequency DWT and DCT domains.Comment: Published in The Computer Journal special issue about steganograph

Suitability of lacunarity measure for blind steganalysis

Blind steganalysis performance is influenced by several factors including the features used for classification. This paper investigates the suitability of using lacunarity measure as a potential feature vectorfor blind steganalysis. Differential Box Counting (DBC) based lacunarity measure has been employed using the traditional sequential grid (SG) and a new radial strip (RS) approach. The performance of the multi-class SVM based classifier was unfortunately not what was expected. However, the findings show that both the SG and RS lacunarity produce enough discriminating features that warrant further research

Defending Against Insider Use of Digital Steganography

The trusted insider is among the most harmful and difficult to detect threats to information security, according to the Federal Plan for Information Assurance and Cyber Security Research and Development released in April 2006. By default, employees become trusted insiders when granted the set of privileges needed to do their jobs, which typically includes access to the Internet. It is generally presumed the insiders are loyally working to achieve the organization’s goals and objectives and would not abuse the privileges given to them. However, some insiders will inevitably abuse some of their privileges. For example, a trusted insider might abuse their privilege of access to the Internet to download, install, and use an information hiding tool, such as one of the hundreds of digital steganography applications available on the Internet, to steal sensitive, classified, or proprietary information. Effective countermeasures to this threat must begin with an organizational policy prohibiting installation of information hiding tools on user workstations and must also include automated tools capable of detecting attempts to download and use digital steganography applications. This paper will describe the threat from insider use of digital steganography applications; a new approach to detecting the presence or use of these applications; and extraction of hidden information when a known signature of one of these applications is detected. The analytical approach to steganalysis involves the development and use of computer forensic tools that can detect fingerprints and signatures of digital steganography applications. These tools can be employed in both an off-line forensic-based mode as well as a real-time network surveillance mode. Detection of fingerprints or signatures in either mode may lead to the discovery and extraction of hidden information. Accordingly, this approach represents a significant improvement over traditional blind detection techniques which typically only provide a probability that information may be hidden in a given file without providing a capability to extract any hidden information. Keywords: insider, steganography, steganalysis, computer forensics, artifacts, fingerprints, hash values, signature

Steganalysis Embedding Percentage Determination with Learning Vector Quantization

Steganography (stego) is used primarily when the very existence of a communication signal is to be kept covert. Detecting the presence of stego is a very difficult problem which is made even more difficult when the embedding technique is not known. This article presents an investigation of the process and necessary considerations inherent in the development of a new method applied for the detection of hidden data within digital images. We demonstrate the effectiveness of learning vector quantization (LVQ) as a clustering technique which assists in discerning clean or non-stego images from anomalous or stego images. This comparison is conducted using 7 featuresover a small set of 200 observations with varying levels of embedded information from 1% to 10% in increments of 1%. The results demonstrate that LVQ not only more accurately identify when an image contains LSB hidden information when compared to k-means or using just the raw feature sets, but also provides a simple method for determining the percentage of embedding given low information embedding percentages. Abstract ©2006 IEEE

Hiding in Plain Sight: Scrubbing Unwanted Information

Steganography is a technique used to hide encrypted messages within multimedia files. This technique was recently reported to have been used by Osama Bin Laden to communicate with terrorist cells within the United States, and, thus, prevention of the transmission of steganographic content is of great interest to those interested in information security. Methods of steganalysis have been developed that attempt to detect files that contain steganographic content. However, authors of these methods admit that they are not viable for production or have been shown to be defeated by newer advances in steganography. This design science research illustrates an innovation in which algorithms neutralize any hidden messages without significantly detracting from the underlying integrity of the multimedia files and without the need for prior detection of steganographic content