STEGANOGRAPHY

G.ANIL KUMAR C.ASHISH

ITB, II YEAR, MRITS ITB,II YEAR, MRITS

Email:-anil1268@gmail.com

chelukalaashish@yahoo.com

Phone:- 9985939468 9704168698

ABSTRACT:

Steganography is the art and science of writing hidden messages in such a way that no

one apart from the intended recipient knows of the existence of the message.The word

"Steganography" is of Greek origin and means "covered, or hidden writing". According

to Dictionary.com, steganography (also known as "steg" or "stego") is "the art of writing

in cipher, or in characters, which are not intelligible except to persons who have the key;

cryptography".

Some techniques are Concealing messages within the lowest bits of noisy images or

sound files. Hidden messages in wax tablets. Steganography is used by some modern

printers, including HP and Xerox brand color laser printers and in digital watermarking.It

has many applications,security and protection ways.

The advantage of steganography over cryptography alone is that messages do not attract

attention to themselves, to messengers, or to recipients. Steganography used in electronic

communication include steganographic coding inside of a transport layer, such as an MP3

file, or a protocol, such as UDP.

Steganographic techniques:

Modern steganographic techniques

Concealing messages within the lowest bits of noisy images or sound files.

Concealing data within encrypted data.

• Chaffing and winnowing

• Invisible ink

• Null ciphers

• Concealed messages in tampered executable files

• Embedded pictures in video material (optionally played at slower or faster speed).

• A new steganographic technique involves injecting imperceptible delays to

packets sent over the network from the keyboard. Content-Aware Steganography

hides information in the semantics a human user assigns a datagram; these

systems offer security against a non-human adversary/warden.

Historical steganographic techniques:

Steganography has been widely used in historical times, especially before cryptographic

systems were developed. Examples of historical usage include:

• Hidden messages in wax tablets

• Hidden messages on messenger's body

• Hidden messages on paper written in secret inks under other messages or on the

blank parts of other messages.

• During and after World War II, espionage agents used photographically produced

microdots to send information back and forth. Since the dots were typically
 extremely small -- the size of a period produced by a typewriter or even smaller --

the stegotext was whatever the dot was hidden within.

• Counter-propaganda

Ambigram:

An ambigram, also sometimes known as an inversion, is a graphical figure that spells out

a word not only in its form as presented, but also in another direction or orientation.

An animation of a rotationally symmetric ambigram for the word "ambigram"

A mirror-image ambigram for the word "Wiki"

A 3-Dimensional ambigram of the letters A, B and C.

Ambigrams usually fall into one of several categories:

Rotational:A design that presents several instances of words when rotated through a fixed

angle..

Mirror :A design that can be read when reflected or viewed through a mirror, usually as

the same word or phrase both ways, but not always.

Figure-ground:A design in which the spaces between the letters of one word form another

word.

Chain:A design where a word (or sometimes words) are interlinked forming a repeating

chain. Letters are usually overlapped meaning that a word will start partway through

another word. Sometimes chain ambigrams are presented in the form of a circle.

Space-filling:Similar to chain ambigrams, but tile to fill the 2-dimensional plane.

3-dimensional

Ambigrams are exercises in graphic design that play with optical illusions, symmetry and

visual perception.
Numerology:

Numerology refers to any of many systems, traditions or beliefs in a mystical or esoteric

relationship between numbers and physical objects or living things.

Digit summing:Numerologists often reduce a number or word by a process known as

digit summing, then reach conclusions based on the single digit that is produced.

Digit summing, as the name implies, involves taking the sum of all of the digits in a

number, and repeating the process as necessary until a single-digit answer is produced.

For a word, the values corresponding to each letter's place in the alphabet (e.g., A=1,

B=2, through Z=26) are summed.

Examples:

346->3+4+6=13->1+3=4.

HAI->6+1+9=16->1+6=7

A quicker way to arrive at a single-digit "summation" is simply to take the value modulo

9, substituting a possible result of 0 with 9 itself.

English Letter Numeric Values:

A=1, B=2 SO ON Z=26

AJAY-> 1+10+1+25=37

Chinese numerology:
Some Chinese assign a different set of meanings to the numbers and certain number

combinations are considered luckier then others. In general, even numbers are

considered lucky, since it is believed that good luck comes in pairs.

Chinese number definitions:

Cantonese frequently assign the following definitions, which may differ in other forms of

Chinese:

1- sure ,2- easy, 3- live and so on

Some lucky number combinations include:

518- I will prosper

Numerology plays a huge role in :

Astrology

Science

Bible

According to Dictionary.com, steganography (also known as "steg" or "stego") is "the art

of writing in cipher, or in characters, which are not intelligible except to persons who

have the key; cryptography"

How Do Steganography Tools Work?

To show how easy steganography is, I started out by downloading one of the more

popular freeware tools out now: F5, then moved to a tool called SecurEngine, which

hides text files within larger text files, and lastly a tool that hides files in MP3s called

MP3Stego. I also tested one commercial steganography product, Steganos Suite.

F5 was developed by Andreas Westfield, and runs as a DOS client. I found it very easy to

encode a message into a JPEG file, even if the buttons in the GUI are written in German!

Users can simply do this by following the buttons, inputting the JPEG file path, then the

location of the data that is being hidden (in my case, I used a simple text file created in

Notepad), at which point the program prompts the user for a pass phrase.

SecurEngine doesn't seem to be as foolproof as the tools that hide text within pictures.

When I hid my small text file in a bigger text file, I found an odd character at the bottom

of the encoded file ("ÿ"). This character was not in the original file. SecurEngine gives

users the option of just hiding the image, hiding the image as well as encrypting it, or

both.

MP3Stego, a tool that hides data in MP3 files worked very well. How the process works

is like this: you encode a file, a text file for example, with a .WAV file, in order for it to

be compressed into MP3 format. One problem that I ran into was that in order to hide

data of any size, I had to find a file that was proportional in size.

Steganos Suite is a commercial software package of numerous stego tools all rolled into

one. In addition to a nifty Internet trace destructor function and a computer file shredder,

it has a function called the File Manager. This allows users to encrypt and hide files on
their hard drive. The user selects a file or folder to hide, and then selects a "carrier" file,

which is defined as a graphic or sound file.

Protecting Against Malicious Steganography :

This would require the implementation of company-wide acceptable use policies that

restrict the installation of unauthorized programs on company computers.

Network intrusion detection systems can help administrators to gain an understanding of

normal traffic in and around your network and can thus assist in detecting any type of

anomaly, especially with any changes in the behavior of increased movement of large

images around your network. Host-based intrusion detection systems deployed on

computers may also help to identify anomalous storage of image and/or video files.

Stefan Hetzel cites two methods of attacking steganography, which really are also

methods of detecting it. They are the visual attack (actually seeing the differences in the

files that are encoded) and the statistical attack.

Steganography is the science of hiding information. Whereas the goal of cryptography is

to make data unreadable by a third party, the goal of steganography is to hide the data

from a third party.

Steganography and Security:

• There are a large number of steganographic methods ranging from invisible ink

and microdots to secreting a hidden message in the second letter of each word of a

large body of text and spread spectrum radio communication.

 With computers and networks, there are many other ways of hiding information,

such as:

• Encryption The encrypted data can only be read by parties who have been given

the necessary key to decrypt the ciphertext back into its original plaintext form.

• Hidden directories (Windows,Unix) - Windows offers this feature, which allows

users to hide files. Using this feature is as easy as changing the properties of a

directory to "hidden", and hoping that no one displays all types of files in their

explorer. In existing directories that have a lot of files, such as in the /dev

directory on a Unix implementation, or making a directory that starts with three

dots (...) versus the normal single or double dot.

• Covert channels - Some tools can be used to transmit valuable data in seemingly

normal network traffic. One such tool is Loki. Loki is a tool that hides data in

ICMP traffic (like ping).

• Hidden text within Web pages .

• Hiding files in "plain sight" (e.g., what better place to "hide" a file than with an

important sounding name in the c:\winnt\system32 directory?).

• Null ciphers (e.g., using the first letter of each word to form a hidden message in

an otherwise innocuous text) .

Steganography today,allowing a user to hide large amounts of information within image

and audio files. These forms of steganography often are used in conjunction with

cryptography so that the information is doubly protected; first it is encrypted and then
hidden so that an adversary has to first find the information (an often difficult task in and

of itself) and then decrypt it.

The simplest approach to hiding data within an image file is called least significant bit

(LSB) insertion. In this method, we can take the binary representation of the hidden_data

and overwrite the LSB of each byte within the cover_image. As an example, suppose that

we have three adjacent pixels (nine bytes) with the following RGB encoding:

10010101 00001101 11001001

10010110 00001111 11001010

10011111 00010000 11001011

Now suppose we want to "hide" the following 9 bits of data (the hidden data is usually

compressed prior to being hidden): 101101101. If we overlay these 9 bits over the LSB of

the 9 bytes above, we get the following (where bits in bold have been changed):

10010101 00001100 11001001

10010111 00001110 11001011

10011111 00010000 11001011

Other Forms of Steganography :

One common, almost obvious, form of steganography is called a null cipher. In this type

of stego, the hidden message is formed by taking the first (or other fixed) letter of each

word in the cover message. Consider this cablegram that might have been sent by a

journalist/spy from the U.S. to Europe during World War I:

 PRESIDENT'S EMBARGO RULING SHOULD HAVE IMMEDIATE NOTICE.

GRAVE

SITUATION AFFECTING INTERNATIONAL LAW. STATEMENT

FORESHADOWS RUIN

OF MANY NEUTRALS. YELLOW JOURNALS UNIFYING NATIONAL

EXCITEMENT

IMMENSELY.

The first letters of each word form the character string:

PERSHINGSAILSFROMNYJUNEI. A little imagination and some spaces yields the real

message: PERSHING SAILS FROM NY JUNE I.

Another form of steganography uses a template (e.g., a piece of paper with holes cut in it)

or a set of preselected locations on the page to hide a message. In this case, obviously, the

sender and receiver must use the same template or rules.

APPLICATIONS:

PRINTER:Steganography is used by some modern printers, including HP and Xerox

brand color laser printers. Tiny yellow dots are added to each page. The dots are barely

visible and contain encoded printer serial numbers, as well as date and time stamps.

The larger the cover message is (in data content terms — number of bits) relative to the

hidden message, the easier it is to hide the latter. For this reason, digital pictures (which
contain large amounts of data) are used to hide messages on the Internet and on other

communication media.

Steganography can be used for digital watermarking, where a message (being simply an

identifier) is hidden in an image so that its source can be tracked or verified.

In the era of Digital video recorder and devices like TiVo, TV commercials authors have

figured out how to make use of such devices as well - by putting a hidden message which

becomes visible when played at frame-by-frame speed (see KFC Unveils 'TiVo-proof'

Ad).

Rumored usage in terrorism:

A citation from the USA Today article: "Lately, al-Qaeda operatives have been sending

hundreds of encrypted messages that have been hidden in files on digital photographs on

the auction site eBay.com".

A hidden message is a message that is not immediately noticeable, and that must be

discovered before it can be known. Hidden messages include backwards audio messages

and hidden visual messages.

Backward audio messages:

A backward message in an audio recording is only fully apparent when the recording is

played reversed. Some backward messages are produced by deliberate backmasking,

while others are simply phonetic reversals resulting from random combinations of words.

Backmasking
Backmasking is an audio technique in which sounds are recorded backwards onto a track

that is meant to be played forwards. Many musicians are known to have backmasked, for

purposes including: avoiding censorship; making artistic or social statements; having fun

at the expense of critics; and advocating Satanism or violence.

Phonetic reversals:

Some phrases will produce a message when listened to backwards. For example, "kiss"

backwards sounds like "sick," and so the title of Yoko Ono's Kiss Kiss Kiss

sounds like "Sick Sick Sick" or "Six Six Six" backwards.

Non-musical messages:

Backward messages also exist in mediums outside of music. In the computer game Doom

II, a garbled message played at the start of Map 30, spoken by the "Icon of Sin", can be

played backwards to hear "To win the game, you must kill me, John Romero."

Visual messages: :s an example of a hidden message.

When rotated a certain way, an early 1990s Pepsi can will read "SEX." And if the Coca-

Cola logo is flipped, the result is supposedly an Arabic word debasing Allah. These are

both coincidences covered on Snopes.

1980s Coca-Cola promotional picture; blowup of hidden image

Lucky Strike's old cigarette packaging, when rotated, supposedly shows a burning house,

accompanying the Red Dot of Japan's flag and the trademark phrase "it's toasted".

A specially folded United States twenty-dollar bill

The $20 bill allegedly contains a prediction of the September 11 terrorist attacks. When

folded as shown, an image can be seen that resembles the Twin Towers in flames.

Conclusions :

Steganography is a fascinating and effective method of hiding data that has been used

throughout history. Methods that can be employed to uncover such devious tactics, but
the first step are awareness that such methods even exist. There are many good reasons as

well to use this type of data hiding, including watermarking or a more secure central

storage method for such things as passwords, or key processes. Regardless, the

technology is easy to use and difficult to detect. The more that you know about its

features and functionality, the more ahead you will be in the game.