Bauman Moscow State University Department of «Science and Management» Department of «Information Security» T.M. Volosatova , N.V. Chichvarin . Steganography in CAD Electronic textbook Tutorial on subjects «Detection and identification signals», «Development of CAD» Moscow (C) 2012 MSTU. 2 UDC 621.391 Reviewers: Prof. E. Gordeev . PhD A. Voronov. TM Volosatova , NV Chichvarin . Steganography in CAD . Tutorial on subjects «Detection and identification signals», «Development of CAD». Electronic textbook . - BMSTU 2012, pp.48 . The manual representation basic materials and questions in the section «Steganography and steganalysis», discipline «detection and identification signals»: computer steganography methods , techniques and digital funds containers and theoretical aspects of steganalysis - data discovery hidden in containers. For teachers of engineering faculty and students . Recommended NMS BMSTU. Electronic textbook Volosatova Tamara Chichvarin Nicolai « Steganography in CAD» © 2012 BMSTU Steganography in CAD/CAM/PLM. Contents. 3 Steganography in CAD Contents Introduction………………………………………………………………………………………..1 Physical steganography.............................................................................................................7 Digital steganography. ..............................................................................................................8 Network ..................................................................................................................................10 Printed .....................................................................................................................................11 Digital Text .............................................................................................................................11 Using Sudoku puzzles. ............................................................................................................12 Additional terminology. ................................................................................................................12 Countermeasures and detection/ ....................................................................................................12 Applications. ..................................................................................................................................13 Use by terrorists. .....................................................................................................................14 Alleged use by intelligence services. ......................................................................................16 Distributed Steganography. ....................................................................................................16 2. Algorithms for digital steganography .....................................................................................20 2.1. Algorithms for embedding data in the spatial domain ...........................................................20 3. Embedding data to transformation fields algorythm .................................................................26 3.1 Embedding data in a discrete cosine transformation coefficients ...........................................28 3.2 Koch algorithm ........................................................................................................................28 3.3. Benham algorithm ..................................................................................................................29 3.4 Podilchuk algorithm ................................................................................................................29 3.5 Hsu algorithm ..........................................................................................................................30 3.6 Cox algorithm ..........................................................................................................................30 3.7 Barni algorithm ........................................................................................................................31 3.8 Additive algorithms .................................................................................................................31 3.8.1 Algorithms based on the linear data embedding ..................................................................31 3.10 The algorithm Chaya (Chae) .................................................................................................33 Steganography in CAD/CAM/PLM. Contents. 4 3.11 The algorithm Kandar (Kundur) ............................................................................................34 4. A choice of a method of embedding of DWM (digital watermark) in the image-container .....36 4.1. The methods using as containers audiofiles ...........................................................................37 4.2 Broadband coding. ...................................................................................................................38 4.3 Phase coding. ...........................................................................................................................38 4.4 The echo-coding ......................................................................................................................39 4.5 Noise replacement. ..................................................................................................................39 5.The market overview of steganography software.......................................................................44 6. Statement of the problem of detection of hidden messages. ...................................................47 Appendix . .....................................................................................................................................53 Abbreviations: DCT - discrete cosine transformation, DWM - digital watermarks, MDCT – modified discrete cosine transformation, IS – information Security, CALS – continuous Acquisition and Life-cycle Support, CEH – digital watermarks, COP – computer steganography, PDU – protocol Data Unit. Introduction. In modern conditions for the creation of competitive products required to provide integrated management of the processes of design, production, delivery and support, including all participants in the product lifecycle. Required for this informational support continuous product lifecycle , as a rule, based on the strategy implemented CALS, which has become widespread in industrialized countries and recommended for use by Russian enterprises Ministry of Economy of the Russian Federation. Centralization of all information about a new product , a large number of both internal and external users of CALS, other risk factors require special attention to the problem of safety management , which is part of the more general problem of information security. In the context of the economic slowdown, it is tempting to reduce the cost of IS within the overall cost reduction. Nevertheless, according to the report KPMG , the majority of Steganography in CAD/CAM/PLM. Contents. 5 organizations plan to increase budgets for IB next year , which proves how increased attention over the past few years to information risk management. Important role in solving the problems of information security is given to the international standard ISO17799 (it should be noted the importance of the integration of the standard with the legal framework of the state in the field of information security ). Russian companies are also guided by " RD Technical Commission of Russia: Automated systems. Protection against unauthorized access to information». Classification of the requirements for the protection of information and other documents considered in particular in . The result of implementing the standard ISO17799 - Information Security Management System . Its purpose - to reduce losses associated with the violation of information security. In some cases, the scale of the loss can be such that the company faces bankruptcy. An example may serve as an irreplaceable loss CALS- project high-tech products with a long development cycle. Speaking on the practical application of the standard ISO17799, should bear in mind three factors hindering its immediate use. First, the standard recommendations in many cases are quite common. Secondly, in the organization, as a rule, there is a certain system processes, which need to integrate security management process. Theme 1. Steganography: the terminology, the historical review and classification of methods and tools. Questions for self-examination and discussion at the workshop. 1) The historical methods of hiding data. 2) The difference and similarity of steganography cryptography. 3) Theoretical frameworks reflect the terminology used. Literature to explore themes. 1. Gribunin V.G. Binding I.N., Turintsev I.V. Digital Steganography. M.: SOLON-Press, 2002. – 272 pp. 2. Rotation scale and translation invariant spread spectrum digital image watermarking. IEEE Int. Conf. on Image Processing, 1998. P. 4. 3. Pereira S., Joseph J., Deguillaume F. Template Based recovery of Fourier-Based Watermarks Using log-polar and Log-log Maps. IEEE Int. Conf on Multimedia Computing and Systems, 1999. P. 5. Steganography in CAD/CAM/PLM. Contents. 6 Steganography. (From Wikipedia, the free encyclopedia) Steganography is the science of encoding hidden messages in such a way that no one, apart from the sender and intended recipient, suspects the existence of the message. It is a form of security through obscurity. The word «steganography» is of Greek origin and means «concealed writing». It combines the Greek words «steganos» (στεγανός), meaning «covered or protected», and graphei (γραφή) meaning «writing.» The first recorded use of the term was in 1499 by Johannes Trithemius in his «Steganographia», a treatise on cryptography and steganography, disguised as a book on magic. Generally, the hidden messages will appear to be (or be part of) something else: images, articles, shopping lists, or some other cover text. For example, the hidden message may be in invisible ink between the visible lines of a private letter. The advantage of steganography over cryptography alone is that the intended secret message does not attract attention to itself as an object of scrutiny. Plainly visible encrypted messages — no matter how unbreakable — will arouse interest, and may in themselves be incriminating in countries where encryption is illegal. Thus, whereas cryptography is the practice of protecting the contents of a message alone, steganography is concerned with concealing the fact that a secret message is being sent, as well as concealing the contents of the message. Steganography includes the concealment of information within computer files. In digital steganography, electronic communications may include steganographic coding inside of a transport layer, such as a document file, image file, program or protocol. Media files are ideal for steganographic transmission because of their large size. For example, a sender might start with an innocuous image file and adjust the color of every 100th pixel to correspond to a letter in the alphabet, a change so subtle that someone not specifically looking for it is unlikely to notice it. History of steganography When Herodotus mentions two examples in his Histories. «Demaratus» sent a warning about a forthcoming attack to Greece by writing it directly on the wooden backing of a wax tablet before Steganography in CAD/CAM/PLM. Contents. 7 applying its beeswax surface. Wax tablets were in common use then as reusable writing surfaces, sometimes used for shorthand. In his work Polygraphiae Johannes Trithemius developed his so-called «Ave-Maria-Cipher» with which one can hide information in a Latin praise of God. «Auctor Sapientissimus Conseruans Angelica Deferat Nobis Charitas Potentissimi Creatoris» Physical steganography Steganography has been widely used, including in recent historical times and the present day. Known examples include: Hidden messages within wax tablets — in ancient Greece, people wrote messages on the wood, then covered it with wax upon which an innocent covering message was written. Hidden messages on messenger's body — also used in ancient Greece. Herodotus tells the story of a message tattooed on the shaved head of a slave of Histiaeus, hidden by the hair that afterwards grew over it, and exposed by shaving the head again. The message allegedly carried a warning to Greece about Persian invasion plans. This method has obvious drawbacks, such as delayed transmission while waiting for the slave's hair to grow, and the restrictions on the number and size of messages that can be encoded on one person's scalp. In the early days of the printing press, it was common to mix different typefaces on a printed page due to the printer not having enough copies of some letters otherwise. Because of this, a message could be hidden using 2 (or more) different typefaces, such as normal or italic. During World War II, the French Resistance sent some messages written on the backs of couriers using invisible ink. Hidden messages on paper written in secret inks, under other messages or on the blank parts of other messages. Messages written in Morse code on knitting yarn and then knitted into a piece of clothing worn by a courier. Jeremiah Denton repeatedly blinked his eyes in Morse Code during the 1966 televised press conference that he was forced into as an American prisoner of war by his North Vietnamese captors, spelling out the word: «T-O-R-T-U-R-E». This confirmed for the first time to the U.S. Military (naval intelligence) and Americans that American POWs were being tortured in North Vietnam. Messages written on envelopes in the area covered by postage stamps. Steganography in CAD/CAM/PLM. Contents. 8 During and after World War II, espionage agents used photographically produced microdots to send information back and forth. Microdots were typically minute, approximately less than the size of theperiod produced by a typewriter. World War II microdots needed to be embedded in the paper and covered with an adhesive, such as collodion. This was reflective and thus detectable by viewing against glancing light. Alternative techniques included inserting microdots into slits cut into the edge of post cards. During WWII, Velvalee Dickinson, a spy for Japan in New York City, sent information to accommodation addresses in neutral South America. She was a dealer in dolls, and her letters discussed the quantity and type of doll to ship. The stegotext was the doll orders, while the concealed «plaintext» was itself encoded and gave information about ship movements, etc. Her case became somewhat famous and she became known as the Doll Woman. Cold War counter-propaganda. In 1968, crew members of the USS Pueblo intelligence ship held as prisoners by North Korea, communicated in sign language during staged photo opportunities, informing the United States they were not defectors, but were captives of the North Koreans. In other photos presented to the US, crew members gave «the finger» to the unsuspecting North Koreans, in an attempt to discredit photos that showed them smiling and comfortable. Digital steganography. Image of a tree with a steganographically hidden image. The hidden image is revealed by removing all but the two least significant bits of each color component and a subsequent normalization. The hidden image is shown below. Steganography in CAD/CAM/PLM. Contents. 9 Image of a cat extracted from the tree image above. Modern steganography entered the world in 1985 with the advent of the personal computers being applied to classical steganography problems. Development following that was very slow, but has since taken off, going by the large number of steganography software available: Concealing messages within the lowest bits of noisy images or sound files. Concealing data within encrypted data or within random data. The data to be concealed are first encrypted before being used to overwrite part of a much larger block of encrypted data or a block of random data (an unbreakable cipher like the one-time pad generates ciphertexts that look perfectly random if one does not have the private key). Chaffing and winnowing. Mimic functions convert one file to have the statistical profile of another. This can thwart statistical methods that help brute-force attacks identify the right solution in a ciphertext-only attack. Concealed messages in tampered executable files, exploiting redundancy in the targeted instruction set. Pictures embedded in video material (optionally played at slower or faster speed). Injecting imperceptible delays to packets sent over the network from the keyboard. Delays in keypresses in some applications (telnet or remote desktop software) can mean a delay in packets, and the delays in the packets can be used to encode data. Changing the order of elements in a set. Content-Aware. Steganography hides information in the semantics a human user assigns to a datagram. These systems offer security against a non-human adversary/warden. Steganography in CAD/CAM/PLM. Contents. 10 Blog-Steganography. Messages are fractionalized and the (encrypted) pieces are added as comments of orphaned web-logs (or pin boards on social network platforms). In this case the selection of blogs is the symmetric key that sender and recipient are using; the carrier of the hidden message is the whole blogosphere. Modifying the echo of a sound file (Echo Steganography). Secure Steganography for Audio Signals. Image bit-plane complexity segmentation steganography Including data in ignored sections of a file, such as after the logical end of the carrier file. Making text the same color as the background in word processor documents, e-mails, and forum posts. Network All information hiding techniques that may be used to exchange steganograms in telecommunication networks can be classified under the general term of network steganography. This nomenclature was originally introduced by Krzysztof Szczypiorski in 2003. Contrary to the typical steganographic methods which utilize digital media (images, audio and video files) as a cover for hidden data, network steganography utilizes communication protocols' control elements and their basic intrinsic functionality. As a result, such methods are harder to detect and eliminate. Typical network steganography methods involve modification of the properties of a single network protocol. Such modification can be applied to the PDU (Protocol Data Unit), to the time relations between the exchanged PDUs, or both (hybrid methods). Moreover, it is feasible to utilize the relation between two or more different network protocols to enable secret communication. These applications fall under the term inter-protocol steganography. Network steganography covers a broad spectrum of techniques, which include, among others: Steganophony - the concealment of messages in Voice-over-IP conversations, e.g. the employment of delayed or corrupted packets that would normally be ignored by the receiver (this method is called LACK - Lost Audio Packets Steganography), or, alternatively, hiding information in unused header fields. WLAN Steganography – the utilization of methods that may be exercised to transmit steganograms in Wireless Local Area Networks. A practical example of WLAN Steganography is the HICCUPS system (Hidden Communication System for Corrupted Networks) Steganography in CAD/CAM/PLM. Contents. 11 Printed Digital steganography output may be in the form of printed documents. A message, the plaintext, may be first encrypted by traditional means, producing a ciphertext. Then, an innocuous covertext is modified in some way so as to contain the ciphertext, resulting in the stegotext. For example, the letter size, spacing, typeface, or other characteristics of a covertext can be manipulated to carry the hidden message. Only a recipient who knows the technique used can recover the message and then decrypt it. Francis Bacon developed. Bacon's cipher as such a technique. The ciphertext produced by most digital steganography methods, however, is not printable. Traditional digital methods rely on perturbing noise in the channel file to hide the message, as such, the channel file must be transmitted to the recipient with no additional noise from the transmission. Printing introduces much noise in the ciphertext, generally rendering the message unrecoverable. There are techniques that address this limitation, one notable example is ASCII Art Steganography . Digital Text Unicode steganography uses lookalike characters of the usual ASCII set to look normal, while really carrying extra bits of information. If the text is displayed correctly, there should be no visual difference from ordinary text. Some systems, however, may display the fonts differently, and the extra information would be easily spotted. Alternately, hidden (e.g., control) characters, and redundant use of markup (e.g., empty bold, underline or italics) can add embedded within a body of text to hide information that wouldn't be visually apparent when displayed, but can be discovered by examining the document source. HTML pages can contain code for extra blank spaces and tabs at the end of lines, as well as different colours, fonts and sizes, which will not be visible when displayed. A more trivial example is white text on a white background, which can be revealed by «selecting». One such method is based on the non-printing Unicode characters Zero-Width Joiner (ZWJ) and Zero-Width Non-Joiner (ZWNJ). These characters are used for joining and disjoining letters in Arabic, but can be used in Roman alphabets for hiding information because they have no meaning in Roman alphabets, and because they are «zero-width» and thus not displayed. The embedding of ZWJ in the cover-text represents «1» and the embedding of ZWNJ represents «0». Groups of characters can be used to represent the letters A (giving it the code “0”, and thus Steganography in CAD/CAM/PLM. Contents. 12 represented by ZWNJ) to Z (giving it the code «1011», and thus represented by ZWJ,ZWNJ,ZWJ,ZWJ). These character groups can be inserted between each character of the cover-text, thereby hiding a message. Using Sudoku puzzles. This is the art of concealing data in an image using Sudoku which is used like a key to hide the data within an image. Steganography using sudoku puzzles has as many keys as there are possible solutions of a Sudoku puzzle, which is 6.71×1021. This is equivalent to around 70 bits, making it much stronger than the DES method which uses a 56 bit key. Additional terminology. In general, terminology analogous to (and consistent with) more conventional radio and communications technology is used; however, a brief description of some terms which show up in software specifically, and are easily confused, is appropriate. These are most relevant to digital steganographic systems. The pay low is the data to be covertly communicated. The carrier is the signal, stream, or data file into which the payload is hidden; which differs from the «channel» (typically used to refer to the type of input, such as «a JPEG image»). The resulting signal, stream, or data file which has the payload encoded into it is sometimes referred to as the package, stego file, or covert message. The percentage of bytes, samples, or other signal elements which are modified to encode the payload is referred to as the encoding density and is typically expressed as a number between 0 and 1. In a set of files, those files considered likely to contain a payload are called suspects. If the suspect was identified through some type of statistical analysis, it might be referred to as a candidate. \ Countermeasures and detection/ Detection of physical steganography requires careful physical examination, including the use of magnification, developer chemicals and ultraviolet light. It is a time-consuming process with obvious resource implications, even in countries where large numbers of people are employed to spy on their fellow nationals. However, it is feasible to screen mail of certain suspected individuals or institutions, such as prisons or prisoner-of-war (POW) camps. During World War II, a technology used to ease monitoring of POW mail was specially treated paper that would Steganography in CAD/CAM/PLM. Contents. 13 reveal invisible ink. An article in the June 24, 1948 issue of Paper Trade Journal by the Technical Director of the United States Government Printing Office, Morris S. Kantrowitz, describes in general terms the development of this paper, three prototypes of which were named Sensicoat, Anilith, and Coatalith paper. These were for the manufacture of post cards and stationery to be given to German prisoners of war in the US and Canada. If POWs tried to write a hidden message the special paper would render it visible. At least two US patents were granted related to this technology, one to Mr. Kantrowitz, U.S. Patent 2,515,232, «Water-Detecting paper and Water-Detecting Coating Composition Therefor», patented July 18, 1950, and an earlier one, «Moisture-Sensitive Paper and the Manufacture Thereof», U.S. Patent 2,445,586, patented July 20, 1948. A similar strategy is to issue prisoners with writing paper ruled with a water-soluble ink that «runs» when in contact with a water-based invisible ink. In computing, detection of steganographically encoded packages is called steganalysis. The simplest method to detect modified files, however, is to compare them to known originals. For example, to detect information being moved through the graphics on a website, an analyst can maintain known-clean copies of these materials and compare them against the current contents of the site. The differences, assuming the carrier is the same, will compose the payload. In general, using extremely high compression rate makes steganography difficult, but not impossible. While compression errors provide a hiding place for data, high compression reduces the amount of data available to hide the payload in, raising the encoding density and facilitating easier detection (in extreme cases, even by casual observation). Applications. Usage in modern printers. Main article: Printer steganography. Steganography is used by some modern printers, including HP and Xerox brand color laser printers. Tiny yellow dots are added to each page. The dots are barely visible and contain encoded printer serial numbers, as well as date and time stamps. Steganography in CAD/CAM/PLM. Contents. 14 Example from modern practice. The larger the cover message is (in data content terms—number of bits) relative to the hidden message, the easier it is to hide the latter. For this reason, digital pictures (which contain large amounts of data) are used to hide messages on the Internet and on other communication media. It is not clear how commonly this is actually done. For example: a 24-bit bitmap will have 8 bits representing each of the three color values (red, green, and blue) at each pixel. If we consider just the blue there will be 28 different values of blue. The difference between 11111111 and 11111110 in the value for blue intensity is likely to be undetectable by the human eye. Therefore, the least significant bit can be used (more or less undetectably) for something else other than color information. If we do it with the green and the red as well we can get one letter of ASCII text for every three pixels. Stated somewhat more formally, the objective for making steganographic encoding difficult to detect is to ensure that the changes to the carrier (the original signal) due to the injection of the payload (the signal to covertly embed) are visually (and ideally, statistically) negligible; that is to say, the changes are indistinguishable from the noise floor of the carrier. Any medium can be a carrier, but media with a large amount of redundant or compressible information are better suited. From an information theoretical point of view, this means that the channel must have more capacity than the «surface» signal requires; that is, there must be redundancy. For a digital image, this may benoise from the imaging element; for digital audio, it may be noise from recording techniques or amplification equipment. In general, electronics that digitize an analog signal suffer from several noise sources such as thermal noise, flicker noise, and shot noise. This noise provides enough variation in the captured digital information that it can be exploited as a noise cover for hidden data. In addition,lossy compression schemes (such as JPEG) always introduce some error into the decompressed data; it is possible to exploit this for steganographic use as well. Steganography can be used for digital watermarking, where a message (being simply an identifier) is hidden in an image so that its source can be tracked or verified (for example, Coded Anti-Piracy), or even just to identify an image. Use by terrorists. When one considers that messages could be encrypted steganographically in e-mail messages, particularly e-mail spam, the notion of junk e-mail takes on a whole new light. Coupled with the «chaffing and winnowing» technique, a sender could get messages out and cover their tracks all at once. Steganography in CAD/CAM/PLM. Contents. 15 An example showing how terrorists may use forum avatars to send hidden messages. This avatar contains the message «Boss said that we should blow up the bridge at midnight» encrypted with mozaiq using «växjö» as password. Rumors about terrorists using steganography started first in the daily newspaper USA Today on February 5, 2001 in two articles titled «Terrorist instructions hidden online» and «Terror groups hide behind Web encryption». In July the same year, an article was titled even more precisely: «Militants wire Web with links to jihad». A citation from the article: «Lately, al-Qaeda operatives have been sending hundreds of encrypted messages that have been hidden in files on digital photographs on the auction site «eBay.com". Other media worldwide cited these rumors many times, especially after the terrorist attack of 9/11, without ever showing proof. The Italian newspaper Corriere della Sera reported that an Al Qaeda cell which had been captured at the Via Quaranta mosque in Milan had pornographic images on their computers, and that these images had been used to hide secret messages (although no other Italian paper ever covered the story). The USA Today articles were written by veteran foreign correspondent Jack Kelley, who in 2004 was fired after allegations emerged that he had fabricated stories and sources. In October 2001, the New York Times published an article claiming that al-Qaeda had used steganography to encode messages into images, and then transported these via e-mail and possibly via USENET to prepare and execute the September 11, 2001 terrorist attack. The Federal Plan for Cyber Security and Information Assurance Research and Development, published in April 2006 makes the following statements: «...immediate concerns also include the use of cyberspace for covert communications, particularly by terrorists but also by foreign intelligence services; espionage against sensitive but poorly defended data in government and industry systems; subversion by insiders, including vendors and contractors; criminal activity, primarily involving fraud and theft of financial or identity information, by hackers and organized crime groups...». «International interest in R&D for steganography technologies and their commercialization and application has exploded in recent years. These technologies pose a potential threat to national Steganography in CAD/CAM/PLM. Contents. 16 security. Because steganography secretly embeds additional, and nearly undetectable, information content in digital products, the potential for covert dissemination of malicious software, mobile code, or information is great». «The threat posed by steganography has been documented in numerous intelligence reports». Moreover, an online «terrorist training manual», the «Technical Mujahid, a Training Manual for Jihadis» contained a section entitled «Covert Communications and Hiding Secrets Inside Images». By early 2002, a Cranfield University MSc thesis developed the first practical implementation of an online real-time Counter Terrorist Steganography Search Engine. This was designed to detect the most likely image steganography in transit and thereby provide UK Ministry of Defence Intelligence Staff a realistic approach to «narrowing the field», suggesting that interception capacity was never the difficulty but rather prioritising the target media. Alleged use by intelligence services. In 2010, the Federal Bureau of Investigation revealed that the Russian foreign intelligence service uses customized steganography software for embedding encrypted text messages inside image files for certain communications with «illegal agents» (agents under non-diplomatic cover) stationed abroad. Distributed Steganography. There are distributed steganography methods, including methodologies that distribute the payload through multiple carrier files in diverse locations to make detection more difficult. For example the U.S. Patent 8,527,779 by cryptographer William Easttom (Chuck Easttom) Methods of computer steganography The results of a comparative analysis of methods for COP are shown in Table 1. Steganographic Brief description of methods the methods Limitations 1.Methods of using the special properties of computer data formats Steganography in CAD/CAM/PLM. Contents. Benefits 17 Margins are 1.1. Methods of expanding in many The low degree of using earmarked for multimedia formats, they secrecy, the transfer of the expansion of are filled with zero small amounts of fields of computer information and are not information limited data formats considered program Ease of use 1.2. Methods of special formatting of text files: 1.3.1. Methods of using the known displacement of words, sentences, paragraphs These methods are based on the change of lines and placement of words in a sentence that is provided by inserting extra spaces between words Acrostic - a special 1.2.2. Methods case of this method (for for selecting certain example, the initial positions of letters letters of each line form (zero code) a Message) 1.2.3. Methods of using the special properties of the field formats are not displayed on the screen 1. The weak performance of the method, the transfer of small amounts of information 2. The low degree of secrecy Ease of use. There is a published software implementation of this method 1.The weak performance of the Easy of use. Has published the Methods based on the use of special "invisible", hidden fields for the organization of footnotes and references (eg, use a black font on a black background) 1.3. Methods The information of hiding places in is usually stored in the Steganography in CAD/CAM/PLM. Contents. 18 the unused floppy disks unused places GMD (e.g., zero-track) method, the transfer of small amounts of information 2. The low degree of secrecy 1.4.Methods of simulating the functions (mimicfunction) The method is based on the generation of text and is a generalization of the acrostic. For the secret message is generated meaningful text, hiding the message 1.5. Methods for removing an identifying header file Concealed message is encrypted and the result identifies the header is removed, there is a need to leaving only the advance pass the encrypted data. The information to the receiver knows in recipient advance of the transfer of messages and is missing a title 1. The weak performance of the method, the transfer of small amounts of information 2. The low degree of secrecy software implementation of this method The resulting text is not suspicious for monitoring network Easy of implementation (White Noise Storm, S-Tools), ensure the implementation of this method with the given algorithm 2. Methods of using redundant audio and visual information 3.1. Methods of using the redundancy of digital photography, digital audio and digital video Digital samples contain very little useful information. They filled more information does not affect the quality of experience that allows you to hide confidential information Due to the introduction of additional information distorted the statistical characteristics of digital streams. To reduce the signs of compromise requires correction of the statistical characteristics Steganography in CAD/CAM/PLM. Contents. Ability to transfer a large amount of hidden information. The possibility of copyright protection, the latent image of the brand, registration numbers, etc. 19 As can be seen from Table 1, the first direction based on the use of special properties of computer data formats, rather than redundancy itself the data. Special properties of selected formats, taking into account protection of concealed message from the immediate listening, viewing or reading. Based on the analysis of materials, we can conclude that the main direction Steganography is the use of computer and audio visual redundancy Information. As the preliminary analysis, the use of steganography methods for solving is possible in principle. However, all The methods have the following disadvantages: The set of possible implementations is countable, and of course, that allows for a simple brute-force attack methods, although it requires considerable computational cost. Not all implementations are consistent with the possibility of hardware implementation. Theme 2. Computer steganography: classification, benchmarking methods and tools. Questions for self-examination and discussion at the workshop. 1) Structure of steganography. 2) Comparative analysis of the basic methods and tools of computer steganography. 3) The study of open-source products. Literature to explore themes. 1. Gribunin V.G. Binding I.N., Turintsev I.V. Digital Steganography. M.: SOLON-Press, 2002. – 272 pp. 2. Lin Ch-Y., Chang Sh.-F. Distortion Modeling and Invariant Extraction for Digital Image Print-and Scan Process. International Symposium on Multimedia Information Processing, 1999. P. 10. 3. Lin Ch-Y., Chang Sh.-F. Public Watermarking Surviving General Scaling and Cropping: An Application for Print-and-Scan Process. Multimedia and Security Workshop at ACM Multimedia, 1999. Steganography in CAD/CAM/PLM. Contents. 20 2. Algorithms for digital steganography 2.1. Algorithms for embedding data in the spatial domain The advantage of these algorithms embedded in the spatial domain is the fact that data is introduced in the original image, and there is no need to perform computationally cumbersome linear transformations of images. Data implemented by manipulating the brightness and color components. Most of the algorithms embedded in the spatial domain lata images based on the use of broadband signals. The basic idea behind the use of steganography is that the data is embedded in the noise signal of low power. Since the signal of low power, the data used to protect noiseresistant codes. 2.1.1 The algorithm Kutter Kutter algorithm assumes that the image has RGB encoding. Embedding is performed in the blue channel, since the blue color of the system least sensitive of human vision. - embedded bits, - container, - pseudo-random position in the which the attachment. The secret bits embedded in the blue channel by modifying the brightness Where - constant, which determines the energy of the embedded signal. Its value depends on the of the scheme. The more , the higher the robustness of investing, but the greater his visibility. Removing the bit carried by the recipient without his original image, that is blind. To do so runs the prediction value the original, unmodified pixel based on the values of its neighbors. Also, there is a modification of this algorithm, which for assessment using pixel values of several Steganography in CAD/CAM/PLM. Contents. 21 pixels located in the same column and the same line. In this case, the assessment has the form: Where ( - the number of pixels from the top (bottom, left, right) of the estimated pixel ). So in the process of embedding each bit of CEH was repeated times, we get cr estimates one bit. The secret is a bit after averaging the difference between estimates pixel and its real value The sign of this difference determines the value of embedded bits. This algorithm does not guarantee the faithful always determine the value of the secret bits both as a function of extracting bits is not the inverse function embedded. Algorithm is robust to many of the known attacks: low-pass filtering image, its compression, in accordance with the algorithm of JPEG, cutting edges. 2.1.2. Algorithm Bruyndonckx To improve the immunity applies Code Bose-Chaudhuri-Hokvingema (BCH). Implementation is carried out by modifying 8x8 block of luminance pixels. The process of embedding is carried out in three stages: Classification of pixels within the block into two groups with approximately uniform brightness. Split each group into categories defined by this grid. Modification of medium brightness values of each category in each group. In the classification there are two types of blocks: blocks with contrast and noise units with distinct differences of brightness. In blocks of the second type of zone different brightness do not have to lie close to each other, not must contain an equal number of pixels. Moreover, some pixels in general can not belong to any one zone. In the first type of blocks classification is particularly difficult. Steganography in CAD/CAM/PLM. Contents. 22 To perform the classification of the brightness values are sorted in ascending order. Further is the point at which the slope of the tangent to the resulting curve is maximal. This point is the boundary separating the two zones in the event that the slope of greater than a certain threshold. Otherwise, the pixels are divided equally between the zones. To sort by category to the pixel blocks are superimposed masks are different for each zone and each block. Purpose is to provide a mask of secrecy implementation. The set of pixels was divided into five subsets: two bands, two category, and the pixels not belonging to any zone (for the blocks of the first type). - the average brightness for the pixels of the two zones and categories. Embedding a bit CEH (option) and the equality of brightness values in the each zone is provided by: and CEH extraction algorithm is the inverse algorithm implementation. At the same time calculated the average values of brightness, and there are differences 2.1.3. Algorithm Langelaar This algorithm also works with blocks of 8x8. First, it creates pseudorandom mask of zeros and ones of the same size subunit value, and and In addition, each block is divided into two , depending on the mask. For each subunit calculates the average brightness . Next, choose a threshold , and a bit of CEH is built as follows: If this condition is not fulfilled, it is necessary to change the brightness values of pixels subunit . To remove the bits of CVD calculated average luminance subblocks - , Steganography in CAD/CAM/PLM. Contents. . The 23 difference between them to determine the required bits: 2.1.4. Algorithm Pitas In this algorithm, the CEH is a two dimensional array of bits the size of image, and the number of units it is equal to the number of zeros. There are several versions of the algorithm proposed Pitasom. Initially proposed to incorporate bits of CVD in each pixel of the image, but then wisely decided to use for this target blocks of 2x2 or 3x3 pixels, which makes the algorithm more robust to compression or filtering. CEH is added to the image: . In the case of a detector block for the introduction of CEH calculates the average brightness value of the block. Hence it is possible to uneven implementation of CEH in pixels, that is, the value of . Thus it is possible to obtain CEH is optimized by the criterion of robustness to the procedure of the compression algorithm JPEG. To do this 8x8 block elements are calculated in advance, "capacity" of each pixel (taking into account DCT quantization matrix, and JPEG). Then CEH implement in accordance with the calculated capacity. This optimization is done once and for all, and found the mask is applied for each image. 2.1.5. Algorithm Rongen In this algorithm, as well as in the algorithm Pitas, CVD is a two-dimensional matrix of ones and zeros to be approximately equal to their number. The pixels in the that you can implement one (ie robust to distortion), are defined in the the basis of a characteristic function (the characteristic pixels). This function can be computed locally, based on analysis of adjacent pixels. Characteristic pixel is approximately one hundredth of the total, so not all CVD unit is incorporated into these positions. To increase the number of characteristic of pixels, if necessary, is proposed to small predistortion image. The detector finds the values of the characteristic pixel, and compares with the best of him CEH. If the image does not contain CEH, then the characteristic pixels of ones and zeros will be roughly equal. 2.1.6. The algorithm PatchWork Steganography in CAD/CAM/PLM. Contents. 24 The algorithm Patchwork is a statistical approach. Initially pseudo-random manner on the basis of two key selected pixel. Then the brightness of one of them is increased by a value (from 1 to 5), the value of brightness of the other - is reduced to the same value. Further, this process is repeated large number of times (~ 10000) and is the sum of all differences. By value this amount is judged on the presence or absence of CVD in the image. The values of selected pixels in each step - и , the increment - . The sum of the differences of pixel values. Expected value (the sum of the difference of pixel values in an empty container) is close to zero for sufficiently large n. Expected value will be more . is a Gaussian distribution. In detektor accordance with the key value is checked and if it is significantly different from zero, the decision on the presence of data. To improve the robustness algorithm instead of individual pixels, you can use blocks, or patches (hence the name of the algorithm). Patchwork algorithm is sufficiently resistant to compression operations image, its truncation, change the contrast. The main drawback of the algorithm is its instability to affine transformations, i.e., rotate, translate, scale. Another disadvantage is the low bandwidth. Thus, the The basic version of the algorithm for the transmission of a bit of a hidden message requires 20,000 pixels. 2.1.7. Algorithm Bender Bender's algorithm is based on copying blocks of randomly selected texture area to another, which has similar statistical characteristics. It leads to the appearance of the image is completely identical blocks. These blocks can be be found as follows: Analysis of the autocorrelation function stego and finding the peaks. Shift the image in accordance with these peaks and subtracting the image from its shifted copy. Steganography in CAD/CAM/PLM. Contents. 25 The difference in locations of pirated units should be close to zero. Selects a threshold value and smaller than this threshold in absolute value are considered to be the desired blocks. Since copies of the blocks are identical, they vary in the same transformation the entire image. If we make the block size is sufficiently large, then the algorithm will resistant to most of distortion. Algorithm is robust to filtering, compression, image rotation. The main drawback of the algorithm is the complexity of finding an exceptional area, the blocks of which may be substituted without any noticeable degradation in image quality. But addition, this algorithm as the container can be used just enough texture images. 2.1.8. Method of LSB LSB (Least Significant Bit, LSB) - the essence of this method is to replace the least significant bits in the container (images, audio or video) to the obscure bits. The difference between empty and filled containers should not be perceptible to human senses. The method is as follows: Suppose there are 8-bit grayscale image. 00h (00000000b) denotes the color black, FFh (11111111b) - white. In total there are 256 levels . Also assume that the message consists of a byte - for example, 01101011b. By using two low-order bits in the descriptions of pixels, we need 4 pixels. For example, they are black. Then the pixels that contain a hidden message will appear as follows: 00000001 00000010 00000010 00000011. Then change the color of pixels: the first - 1/255 second and third - to 2/255 and the fourth - 3/255. Such gradations, besides that invisible to humans, might not appear when using low-quality output devices. LSB methods are unstable for all kinds of attacks and may be used only in the absence of noise in the data channel. Detection of LSB-encoded stego carried out by the anomalous characteristics of the distribution range of values of bits of digital signal samples. All methods of LSB are usually additive. Theme 3. Digital steganography: the terminology, classification and comparative analysis methods and tools. Questions for self-examination and discussion in seminars. 1) The historical methods of hiding data. Adopted terminology. 2) Theoretical principles of digital steganography based on the terminology used. 3) Comparative analysis of the means of digital steganography. Literature to explore themes. Steganography in CAD/CAM/PLM. Contents. 26 1. Gribunin V.G. Binding I.N., Turintsev I.V. Digital Steganography. M.: SOLON-Press, 2002. – 272 pp. 2. Kutter M. Watermarking Resisting to Translation, Rotation, and Scaling. Signal Processing Laboratory, 1998. P. 10. 3. Kutter M. Digital Signature of Color Images using Amplitude Modulation. Signal Processing Laboratory, 1997. P. 9. 4. Herrigel A., Pereira S., Petersen H. Secure Copyright Protection Techniques for Digital Images. International Workshop on Information Hiding, 1998. P. 22. 5. Ramkumar M. Data Hiding in Multimedia – Theory and Applications. New Jersey Institute of Technolog, 1999. P. 70. 6. Bender W. Applications for Data Hiding. IBM Systems Journal, 2000. P. 22. 7. Chae J., Manjunath B. A Robust Data Hiding Technique using Multidimensional Lattices. Proc. IEEE Conference on Advances in Digital Libraries, 1998. P. 8. 8. Chae J., Manjunath B. A Technique for Image Data Hiding and Reconstruction without Host Image. Proceedings of the SPIE - The International Society for Optical Engineering. 1999, P. 9. Cuche E., Marquet P., Spatial filtering for zero-order and twin-image elimination in digital offaxis holography. Applied Optics V.39, 2000. P. 4070–4075 3. Embedding data to transformation fields algorythm Real images are not realey random processes with even magnitude distribution. It is well known fact which is being used in compression algorythms, that most of the energy of the image is concentrated in the bottom of the spectrum. That's why one need to decompose the image to subbands. Stegomessage is mixed to the subbands of the image. Low frequency subbands contain most of the energy, thus having a noisy nature. High frequency are more exposed to different processing algorythms, whether it is compressing or Low Pass Filtration. Thus the best candidate for message embedding is middle frequency subbands of the image spectrum. Typical image noise distribution and image frequency spectrum processing is shown on Fig.3 Steganography in CAD/CAM/PLM. Contents. 27 Fig.3. Image noise and processing noise versus frequency Processing noise appears as a result of transformant coefficients quantization. It can be treated as reduction of correlation between the original image transformant coefficients and quantizated coefficients. For example at high levels of compression a situation can occur, when full subbands are discarded. I.e. in general noise dispersion in this subbands is infinite. There is a reduction of correlation between subband coefficients before and after quantization. To achieve acceptable results one need to average the processing noise level over many images. Transformations may be sorted by achieved gainings from encoding , single, Adamar's, Haar's, DCT, Wavelet. Gaining from encoding is refered to as a level of transformation coefficients dispersions redistribution. The greatest advantage gives Karhunen-Loeve transformation (KLT), the smallest - the expansion in the basis of a single pulse (ie, no conversion). The transformations that have high values of the gains from coding such as DCT, wavelet-transformation, characterized by dramatically uneven distribution of the variances of the coefficients of subbands. High-frequency subbands not suitable for investment because of the large noise processing, and bass - because of the high-noise images. So you have to be limited midranges bands in which the image noise is approximately equal to the noise processing. Since these bands a bit, then the bandwidth stegokanala small. In the case of conversion of lower gains from coding, such as Hadamard or Fourier series, there are more blocks in which the image noise is approximately equal to the noise processing. Consequently, the capacity of the above. Therefore, to increase the capacity of steganographic channel is better to use a lower conversion gain from coding, poorly suited for compression of signals. The effectiveness of the wavelet-transformation and DCT for image compression due to the fact that they are well modeled in the image processing mid-frequency request, separated by «significant» part of «insignificant». Hence, they are more appropriate to apply in the case of the active offender, as a modification of significant factors could lead to an unacceptable distortion of Steganography in CAD/CAM/PLM. Contents. 28 the image. In applying the transformation to the low values of the gains from coding violations there is a risk investments, because the conversion factors are less sensitive to modifications. Fig.4. Block of pixels (8x8) with the location of the DCT coefficients. 3.1 Embedding data in a discrete cosine transformation coefficients When we use this method, the container is divided into blocks of 8x8 pixels. DCT is applied to each block, resulting in a matrix of dimension 8x8 DCT coefficients. The coefficients are denoted by , where the - block number, 3 - the position of the coefficient within the block. If the block is scanned in a zigzag manner (as it is in JPEG), the coefficients are denoted by . The coefficient in the upper left corner is usually called the DC-coefficient. It contains information about the brightness of the entire block. The other coefficients are called ACcoefficients. Sometimes it runs monetary policy of the entire image, rather than individual units. Next, we consider some of the algorithms for implementing DCT in the field of DWM. 3.2 Koch algorithm In this algorithm in a block of 8x8 by embedding 1 bit of DWM. We describe two implementations of this algorithm can be selected pseudorandomly two or three DCT coefficients. We consider the variation of the algorithm with two selectable coefficients. Embedding information in the following manner: for the transferring of 0-bit is necessary to ensure that the difference between the absolute values of the coefficients would be greater than Steganography in CAD/CAM/PLM. Contents. 29 some positive value, and for the transferring of the 1-bit of this difference is less than some negative value: 3.3. Benham algorithm This algorithm is an improved version of the previous one. Improvements carried out in two directions: to embed all the blocks are not used, but only «suitable» for this, within a block are selected for embedding not two, but three coefficients, which reduces distortion. Suitable for building information blocks are images that are not too smooth, nor does it contain a small number of circuits. For the first type of blocks is characterized by the vanishing of the high-frequency coefficients, for the second type - very large values of several low-frequency coefficients. These features are the cut-off criterion of unsuitable units. When embedding a bit DWM pseudorandomly selected three coefficients DCT block. If you want to invest 1, the coefficients vary so much (if required) that the third factor was less than each of the first two, if you want to embed a 0, it is more than the others. In the event that such a modification would lead to degradation of the image is too large, the coefficients do not change, and this block is simply not used. Changing the three factors instead of two, and even more so the rejection of the changes in the case of unacceptable distortion reduces the error introduced by the DWM. The decoder will always be able to determine the block in which DWM is not built by repeating the analysis performed in the coder. 3.4 Podilchuk algorithm This algorithm requires the presence of the source image from a detector in the detection of a DWM. Embedded data simulated real random process with normal distribution, unit variance and zero mean. For each DCT coefficient is determined by the threshold value, above which the change could lead to degradation of the image. This threshold depends on the position of the coefficient in the matrix (i.e., the frequency range over which it is responsible). In addition, the threshold is due and the properties of the image: contrast and brightness of the block. Embedding is as follows: if the absolute value of the coefficient is less than the threshold, it does not change. Otherwise, it is added to the product of the threshold values and the values of DWM. When it detects a DWM, first the coefficients of the original image are subtracted from the corresponding coefficients of the modified image. Then calculated the correlation coefficient, and established the fact of a DWM. Steganography in CAD/CAM/PLM. Contents. 30 3.5 Hsu algorithm In this algorithm, the decoder DWM also requires the original image. However, the decoder determines not the fact of DWM, and distinguishes built-in data. As the DWM appears black and white image is half the size of the container. Before embedding the image subjected to random permutations. DWM is embedded in the mid-DCT coefficients (the fourth part of the total). These coefficients are located along the second diagonal DCT. For embedding DWM bit coefficient in the it is necessary to find the sign of the difference of the coefficient of the current block and the corresponding coefficient from the previous block: If you need to build 1, the coefficient change so that the sign of the difference was positive, if 0 - so that the sign of the difference was negative. There are a number of improvements to the basic algorithm. First, instead of the values of the coefficients, you can use their absolute values. Second, instead of the coefficient of the previous block, you can use DC-coefficient of the current block. It also takes into account the process of quantization of the coefficients: Another improvement of this algorithm is the sorting order in which blocks of the DWM are arranged in descending order in which the number of units. The blocks of the original image and the container are arranged in descending order of variances. After that holds the corresponding embedding data. This algorithm is not robust with respect to the JPEG-compression. 3.6 Cox algorithm This algorithm is robust to many signal processing operations. Detection of integrated DWM it is done using the original image. Insertion data represent a sequence of real numbers with zero mean and unit variance. For investment information using multiple AC-DCT coefficients of images with the greatest vigor. The author suggests three ways to embed DWM according to the following expressions: The first version can be used when energy is comparable to the energy DWM modifiable factor. Otherwise, either DWM will not robust or distortion is too large. Therefore, it is to embed the information is possible only with a slight change in the range of energy values of the Steganography in CAD/CAM/PLM. Contents. 31 coefficients. When it detects a DWM performs the reverse operation: compute DCT original and modified images, found the difference between the coefficients of the highest magnitude. 3.7 Barni algorithm This algorithm is an improvement of the Cox algorithm, and it also holds monetary policy of the entire image. It is no longer required detection of the source image, that is, the scheme blind. To embed a DWM are not used most AC-coefficients, and average in size. As the DWM performs an arbitrary bit string. The selected coefficients are modified as follows: Then the inverse DCT is performed and produced an additional processing step: the original and modified images are combined with weighting coefficients: Here, for the textured areas (in which the human eye is very sensitive to the added noise) and in the homogeneous regions. The value of is not for every pixel individually, and for non- overlapping blocks of fixed size. For example, as expedient to use the normalized variance of the blocks. In the DWM detector computed the correlation between the modified image and DWM, 3.8 Additive algorithms Algorithms for additive introduction of information are in a linear modification of the original image, and its recovery in the decoder is the correlation methods. In this DWM is usually added to the image container, or «fusion» in it. 3.8.1 Algorithms based on the linear data embedding In the additive methods of implementing the DWM is a sequence being implemented in the selected subset of samples of the original image commonly used expression for the embedding of information in this case: where- weighting factor, - a modified pixel. Another way to embed the watermark was proposed by Cox: Steganography in CAD/CAM/PLM. Contents. of length , which is . The main and most 32 or, with the using logarithms of the coefficients For installation in accordance with the first formula, DWM in the decoder can be found as: Here, extracting the mean a counts of the resulting image, whether or not containing CEH . After compared with the original CEH. With that as a measure of identity watermark value is the correlation coefficient sequences: This value varies in the range [-1, 1]. Values close to unity, indicate that the extracted sequence are most likely to match the built-in data. Therefore, in this case, it is concluded that the analyzed image contains a watermark. In the decoder can be installed a certain threshold, (here - default standard deviation), which determines the probability of errors of the first and second kind, when detecting DWM. The coefficient can not be permanent, and adaptively change according to the local properties of the original image. This makes the watermark more robust (resistant to removal). To increase the robustness of the implementation of the algorithms used in many broadband signals. At the same information bits can be repeated many times, are encoded using the correction code, or these may be applied to any other conversion, after which they are modulated with a Gaussian pseudo-random sequence. This sequence is a good model of the noise present in real images. At the same time synthetic images (created on the computer) do not contain noise and are difficult to seamlessly integrate a sequence. To extract the embedded information in the additive embedding scheme is usually necessary to have a CEH source image that is strong enough limits the scope of such methods. There are also blind extraction methods CEH , compute the correlation sequence of the coefficients of the resulting image : Steganography in CAD/CAM/PLM. Contents. with all 33 Then, the resulting value of the correlation coefficient is compared with some threshold of detection The main disadvantage of this method is that the image itself, in this case is regarded as a noise signal. There is a hybrid approach (half-blind scheme), when the information about the original image is available in the retrieval of information, but do not know the actual original image. The correlation method can only detect the presence or absence of DWM. For all the same bits of information needed to test all possible sequences, which is extremely computationally complex task. 3.9 Algorithms based on the merger of the CEH and the container If instead of a sequence of pseudorandom numbers is embedded in the image another image (eg company logo), the corresponding algorithms are called algorithms implementing the merger. The size of messages being introduced much smaller than the original image. Before embedding, it can be encrypted or transformed in some other way. Such algorithms have two advantages. First, you can prevent a distortion of the hidden message, because people will still be able to recognize it. Secondly, the presence of an embedded logo is a more convincing proof of ownership than the presence of a pseudo-random numbers. 3.10 The algorithm Chaya (Chae) The algorithm is implemented in black and white image (logo), up to 25% of the size of the original image. Before embedding the one-level decomposition is performed as an original image and logo with the Haar filter. The wavelet coefficients of the original image are denoted as wavelet coefficients of the logo - , and . The modifications are all conversion factors. First, the coefficients of each sub-band as the original image and the logo is represented by 24 bits (of which one bit is assigned to the sign). Since the size of the logo is 4 times smaller than the original image, it is necessary to increase the number of its coefficients. For this purpose, the following steps. Denote by A, B, and C, respectively, senior, middle and low bytes of the 24 - bit representation of the logo. High byte of each of these numbers represents, respectively, A, B, or C, Steganography in CAD/CAM/PLM. Contents. 34 the other two bytes are filled with zeros. Then, the advanced four unit factors logo. He then added to the element-wise 24-bit version of the original image The resulting value is displayed back to the original scale based on the minimum and maximum values of the coefficient of subband. After that is the inverse discrete VI. To remove the CEH used inverse formula This algorithm makes it possible to hide a fairly large amount of data in the original image up to a quarter of the size of the original image. 3.11 The algorithm Kandar (Kundur) Also, as in the algorithm, Chaya, and implemented the original images are of the wavelet transform. Used to embed all the coefficients of detailed subbands. Many of these factors is divided into non overlapping blocks of size are denoted , where and . The blocks and , respectively, the location factor and the level of resolution. The watermark is added to the elements of the original image as follows: – where where scale factor, calculated by the formula: – weighting matrix, which determines the frequency sensitivity of the system view of the person, - operator of the DFT. Thus, the algorithm uses a fairly complex model of human of view. For detection in the detector can be used as the calculation correlation function, and visual comparison. 3.12 Algorithms based on the quantization By quantization we mean the process of mapping a large (possibly infinite) set of values with a finite set of numbers. It is clear that this is accompanied by a decrease of information due to its distortion. The quantization is used in compression algorithms. There are scalar and vector quantization. In vector quantization, as opposed to a scalar, the map is not of a single frame, and their combination (vector). From information theory it is known that vector quantization on the Steganography in CAD/CAM/PLM. Contents. 35 effective scalar degree of compression, having a greater complexity. In steganography are used both types of quantization. In the encoder quantizer entire range of the original set is divided into intervals and each interval representing the number of his chosen. This number is a code word and the quantizer is usually the centroid of the interval of quantization. The set of code words is called a workbook quantizer. All values that fall in this interval are replaced by the encoder to the corresponding code word. In the decoder, the number of accepted matches a certain value. Quantization interval is usually referred to as quantizer step. Embedding data using the quantization refers to non-linear methods. Transmitted message has limited power to perform its stealth requirements. Interference is the original signal and another Gaussian noise - noise processing (quantization). Encoder source signal is known, the decoder has to retrieve CVD without the knowledge of both components of the noise. There are numerous methods to improve Costas (to combat the noise), consisting in the use of structured quantizers (eg, lattice or a tree). Most preferably, the introduction of information in the spectral region of the image. If this linear methods are used, then the embedding CEH produced in the middle of the band. This is because the energy of the image is concentrated mainly in the low-frequency (LF) region. Consequently, the detector CEH in this area there is a loud noise of the signal. In the highfrequency (RF) fields of the noise has a large amount of processing, such as compression. In contrast to the linear and nonlinear circuits embedded information can be used bass region, since the power being introduced CEH does not depend on the amplitude ratios. This is explained by the fact that the non-linear algorithms to hide the correlation detector is not used, the coefficients of small and large amplitude are treated equally. Section 4. Classification and comparative analysis of methods and means of embedding data into various containers. Questions for self-examination and discussion in seminars. 1) adopted terminology. 2) Theoretical principles of steganography based on the terminology used. 3) Comparative analysis of the means of embedding data in a variety of containers. Literature to explore themes. 10. Gribunin V.G. Binding I.N., Turintsev I.V. Digital Steganography. M.: SOLON-Press, 2002. 272 pp. 11. Kutter M. Watermarking Resisting to Translation, Rotation, and Scaling. Signal Processing Laboratory, 1998. P. 10. Steganography in CAD/CAM/PLM. Contents. 36 12. Kutter M. Digital Signature of Color Images using Amplitude Modulation. Signal Processing Laboratory, 1997. P. 9. 13. Herrigel A., Pereira S., Petersen H. Secure Copyright Protection Techniques for Digital Images. International Workshop on Information Hiding, 1998. P. 22. 14. Ramkumar M. Data Hiding in Multimedia – Theory and Applications. New Jersey Institute of Technolog, 1999. P. 70. 15. Bender W. Applications for Data Hiding. IBM Systems Journal, 2000. P. 22. 16. Chae J., Manjunath B. A Robust Data Hiding Technique using Multidimensional Lattices. Proc. IEEE Conference on Advances in Digital Libraries, 1998. P. 8. 17. Chae J., Manjunath B. A Technique for Image Data Hiding and Reconstruction without Host Image. Proceedings of the SPIE - The International Society for Optical Engineering. 1999, P. 18. Cuche E., Marquet P., Spatial filtering for zero-order and twin-image elimination in digital offaxis holography. Applied Optics V.39, 2000. P. 4070–4075 4. A choice of a method of embedding of DWM (digital watermark) in the image-container Embedding of DWM is possible thanks to peculiarity of system of perception of the person. It is well known that images possess big psychovisual redundancy. The eye of the person is similar to the low-frequency filter therefore especially imperceptible there are distortions in high-frequency area of a range of spectrum. For negotiation of influences of a printing-down and scan-out the most successful there were the methods which have received the name of the modulations methods of the image-container, and modulation can be carried out both in frequency [2-5], and in spatial areas of the image [7,8]. For compensation of geometrical distortions such as shift, turn and change of scale of the image is used the polar logarithmic system of coordinates with a corner and logarithmic radius on axes of coordinates  or is applied transformation of Mellinga  invariant to turn and scale. In case introduction of DWM in frequency area of modulation are exposed peak components of a complex range of the image container  . For this purpose previously is made calculation peak and phase partials components of transformation of Fourier. For a characterization of consequences of the geometrical distortions connected with casual turn, shift or scale change, in the image-container, except DWM, the imagetemplate  is built in. In case introduction of DWM in spatial area the signal of DWM is built in by modulation of the initial image-container, and extraction DWM (demodulation) is carried out by means of a linear filtration of the image . If the image is color, a signal of DWM takes root by updating of values of pixels into Blue channel the RGB of the image . Updating is carried Steganography in CAD/CAM/PLM. Contents. 37 out either addition, or subtraction depending on value of the introduced bit of DWN of brightness of the image-container. 4.1. The methods using as containers audiofiles For reliable concealment of data in the acoustic channel the system of concealment must reply the following requirements: to be resistant to everywhere used algorithms of compression with losses not to bring in a signal distortions perceived by human hearing not to bring appreciable changes in container statistics De facto a standard format of sound files at the moment is the MP3 format. Therefore, work not defiant suspicions of stegosystem in the acoustic channel should be based on this format. MP3 - the full name MPEG 1 Layer 3 - a format of coding of the sound files, entering into a standard of coding of a image information of MPEG 1. Basic feature of a format is compression with losses: after packing and unpacking of the sound file by means of MP3 result isn't a bit-by-bit copy of the original. Over again, when coding insignificant components are purposefully excluded from a packed signal. At preservation of acceptable quality, a MP3 allows to compress sound data in ten and more times. It is reached by the accounting of features of human hearing, including effect of masking of a weak signal of one range of frequencies more powerful signal of the next range when it takes place, or a powerful signal of the previous frame causing temporary falling of sensitivity of an ear to a signal of the current frame (minor sounds are removed which aren't heard by a human ear because of existence during this or previous moment of another, louder ). It is considered as inability of the majority of people to distinguish signals, on capacity lying below a certain level, a miscellaneous for different frequency ranges. This process is called as adaptive coding and allows to save on the least significant from the point of view of perception the person sounding details. Extent of compression (therefore and quality), is defined by width of a data flow set at coding - bitrate. As well as in the considered case of introduction of information in images, algorithms of introduction in audiofiles place hidden data or in an uncompressed signal before its compression, or it is direct in the compressed signal - as a rule, in entropic compressed coefficient of transformation. Some methods as use for concealment not an audiosignal as that, and various features and office information of files-containers. Steganography in CAD/CAM/PLM. Contents. 38 Let's consider at first algorithms of concealment of data in an uncompressed sound stream. 4.2 Broadband coding. In a signal is added modulated by the message the noise with amplitude slightly above a masking limit . Advantage of this scheme is effectiveness performance and high capacity, a shortcoming - heard distortions brought in a signal. At concealment of one bit in sequence of coefficient the target sequence is calculated as follows: where - casual binary sequence, - threshold of audibility of i subband , - the hidden bit. For calculation of a threshold of audibility the can be used psychoacoustic model containing in a format of coding of a MP3, or any other . Thus, the method allows to operate psychoacoustic nature of distortions brought in a signal. For extraction of the hidden bit from sequence of coefficient is used function of correlation of the accepted coefficient and initial casual sequence. It should be noted that because of unreliability of extraction this method demands use of codes of correction of mistakes. It leads to reduction as speed, and capacity of a method. 4.3 Phase coding. In this method that fact is used that the human ear perceives not values of a phase, but only their difference. The signal breaks into segment, values of a phase on the first segment are used for coding of the hidden message, value of phases of other segment so that the difference of phases between segment remained invariable. For coding of values of phases, on a crowd of phases is allocated the set of evenly distributed values corresponding to bits 0 and 1. Value of a phase is replaced with the next value corresponding to the demanded bit. The difference of values in a set depends on frequency of a strip, and varies from sensitive strips to on on high-frequency strips. For coding of one bit of the hidden message is used a certain sequence of changes of phases, various for coding 0 and for coding 1. For extraction of the hidden message the following Steganography in CAD/CAM/PLM. Contents. function of detection is used: 39 where - amplitude and the phase i-go of the received signal. - expected sequence of phases in the process of coding bit 1. - expected sequence of phases in the process of coding bit 0. and - the next to the values of phases corresponding 1 and 0. If , the bit of the hidden message is accepted equal 1, differently 0. Method provides high efficiency of coding by criterion of the signal/noise, however its capacity of the relation is insignificant, and makes from 8 to 32 bits a second. 4.4 The echo-coding. Uses non-uniform intervals between an echo-signals for coding of sequence of values. When overlapping a number of restrictions be observed condition of obscurity for human perception. The echo is characterized by three parameters: initial amplitude, extent of attenuation, delay. At achievement of a certain threshold between a signal and an echo they mix up. In this point of people can't distinguish these two signals. It is difficult to define existence of this point, as it depends on quality of initial record and the listener. As a rule, the delay about one thousand second that is quite acceptable for the majority of records and listeners is used. Two various delays are used at zero and unit coding. These both delays should be less, than a threshold of sensitivity of an ear of the listener to a received echo. 4.5 Noise replacement. In this method that fact is used that the human ear perceives not so much a form, how many energy of noise. As in the MP3 format is completely coded the form noisy frequency subband , data subband can be used for concealment of data. The entrance signal is transformed to frequency area by means of the modified discrete cosine transformation (MDKP) used in a MP3. At concealment of one bit in sequence of coefficient, the target sequence is calculated as follows: где - Random binary sequence, Steganography in CAD/CAM/PLM. Contents. 40 When extracting the hidden bits, as in the case of wideband coding using the correlation function of the coefficients and adopted the original random sequence. As proposed to use the noisy bands with frequencies above 5 kHz. It should be noted that the method is stable with respect to the MP3 compression, since the algorithm MP3 encoding does not change the signs of the coefficients MDKP. Capacity method ranges from 20 to 60 bits per second. The method also quite simple to implement, because it is based on widely implemented on different platforms MDKP algorithm, which is a part MP3 encoder. In general, methods of hiding data in an uncompressed audio stream are a number of serious disadvantages: Possible visibility when listening; Limited bandwidth; Implementation complexity. Introduced into the signal unnatural distortion in the signal, such as white noise a certain amplitude, discrete phase of the signal, etc., can be high probability of finding the specific methods of detection. Thus, the algorithms are more promising to reveal more details 'Directly into the compressed MP3 stream'. At the current time is invited to a series of algorithms that use the data to hide proprietary information MP3, the most famous of these is the ability to 'mp3stego'. This algorithm modifies MP3 encoding process, so that the LSB official fields frame MP3, for example, the volume of information within the main frame coincide with the current bit obscure. The features of the method are almost unnoticeable when listening; high complexity of implementation and slow work, as it is necessary to complete the entire MP3 encoding process, the capacity of 50 bits per second. It should be noted that the information entered in the Service lead to changes discrepancies in the results of these methods with the results of the standard Encoder MP3. Such changes can be detected with high probability the enemy. As a faster alternative, we proposed a method of concealment data using a particular format MP3 - interframe gaps. Steganography in CAD/CAM/PLM. Contents. 41 The data stream consists of MP3 frames - plots the data encoding 26ms audio signal. Each frame contains a 4-byte header containing a synchronizing word and service information. Service information includes, in particular, the version format, stereo mode and bitrate. These values uniquely determine the frame size. The number of bytes needed to compress the sound with a given quality depends on the characteristics of a particular sound. Thus, the difficult to compress signal sections with more detail requires more bytes than the simple ones. On this basis, MP3 allows for storage of compressed data frame in the remaining unoccupied bytes the previous frame. In order to properly positioned in the frame header specifies the offset to the beginning of the data. Tag end of the data itself is not, decoding stops at the end extracting the required number of cosine transform coefficients. Any information between the end of one frame and the beginning of the next data the frame is ignored decoder, respectively, that is where you can place hidden data. To do this, the frame size increases by increasing its bit rate by one level, for example, 128kbits / c up to 160kbit / c. This method does not introduce any distortion in the sound-box, easy, fast has a large bandwidth (about 20% of the container). However, knowing concealment algorithm is easy to detect the presence of hidden information, based on from the fact that the standard MP3 stream is no «extra» bytes. Thus, the method can be used only when needed rapid transfer of large amount of information and is not expected serious opposition the enemy. The most resistant to the discovery of a method for concealing errors in the quantization MP3 of the coefficients. MP3 encoding is built in a classic case of compression with losses, which consists of three steps: Convert the signal to a lot of information about the signal was concentrated in a small number of coefficients. In the MP3 used a modified discrete cosine transform. Quantization, that is, dividing the coefficients obtained for certain values and then rounding the result to the nearest whole number. At this stage there is a loss of information. The values of the quantization of dividers to MP3 evaluated on the basis of a given bit rate and the psychoacoustic model that determines the maximum allowable noise level. The entropy of lossless compression. In MP3 compression is used with static Huffman codes. Obtained during the quantization integer coefficients can be directly used for hiding data, eg by embedding in the least significant bit. This, however, introduces considerable noise in the Steganography in CAD/CAM/PLM. Contents. 42 output signal and with high probability can be detected. Can be used to conceal only part of the coefficients, choosing them as to minimize the distortion introduced. Since the modified rate differs from the original by not more than 1, minimizing the total deviation from the original signal is reduced to the selection coefficients with the fractional part is close to 0.5. In addition, to maintain the structure stream of compressed data, the coefficients are selected, the modification which does not change size of the encoding of speech, in particular, are discarded with zero coefficients value. There is a problem decoding at the receiver - decoder has no information about what factors are used to hide, that is, message should be presented as a function of the decoder to a known vector of bits all the coefficients, as used, or not. Using this as a multiplication by a function common to the sender and receiver given by secret key matrix, a system of linear algebraic equations, which the sender solves for the vector-bit coefficients. Do not be modifying factors determine the values of some variables. Maximally possible size of the message, in which the system has a solution tends to the number of modifiable factors in the increase of the number thus, the method allows no loss of capacity used to hide arbitrary elements of the container. Structure of entropy coding in MP3 imposes additional restrictions on permissible to modify the coefficients. The coefficients in the one block divided into three groups, each of which is packaged with a separate Huffman table. The first two groups are packed in pairs as follows: in the flow written code from the table corresponding to the pair, after which the sign bits are written each sample. Numbers greater than the maximum for the table are coded as the maximum possible count, plus the number of bits determined by the table, written after the code that contains the number added to the value. The last block of coefficients is encoded fours with the possible values coefficients -1, 0, 1. The length of blocks contained in the overhead frame that allows us to calculate the number of zero values of samples at the end of the frame. Changes in the coefficients of the last block, ie, replacement of -1 and 0, 0 and 1, will change the size of the compressed coefficient (because of the appearance or disappearance sign bit), which in turn can lead to structural damage of MP3 files - information will be more or less than the allocated space for it in the frame. From the coefficients of the first two blocks of modifications to be no more than one factor in the pair, and the need to retrofit a pair of code size coincided with the size of the source code. Steganography in CAD/CAM/PLM. Contents. 43 Typically, this condition is satisfied for codes large numbers. Percentage of available coefficients decreases rapidly with decreasing bit rate, as more coefficients are coded zero or close to zero values. These limitations lead to a screening of about 85% of the appropriate coefficients. Maximum permissible deviation of the fractional part of the coefficient of 0.5 is defined based on size of the message, which should hide in the container so that the number of available coefficients were close to the maximum message size. In order to achieve acceptable levels of performance of the method, MP3 stream is divided on the staff of the same size. The number of frames in the groups selected in order that the number of modifiable factors they had about the same. In each group, hiding SLAE is solved independently. Thus, the despite the fact that while the Gauss method in each group is proportional to the cube the number of equations, the total time increases linearly with the number of factors used. However, each group must contain a certain the number of bits of the service, which recorded the length of the message in this group. Hence the smaller the group, (and faster method), the more bits spent on the service information. This method of protection from high throughput detection provides the ability to order a half per cent of the container. It is well suited for situations where the expected counter-informed enemy. Theme 5. Steganalysis: the terminology, the basic theoretical aspects. Questions for self-examination and discussion in seminars. 1) adopted terminology. 2) Theoretical propositions steganalysis based on accepted terminology. 3) Example histogram steganalysis. Literature to explore themes. 1. Mitchell T. Machine Learning. "— McGraw-Hill, 1997. 2. Farid H., Lyu S. Detecting Hidden Messages Using Higher-Order Statistics and Support Vector Machines // Information Hiding. "— 2002. "— pp. 340–354. 3. Farid H., Lyu S. Steganalysis using color wavelet statistics and one-class support vector machines // Security, Steganography, and Watermarking of Multimedia Contents. "— 2004. — pp. 35–45. Steganography in CAD/CAM/PLM. Contents. 44 4. Cristianini N., Shawe-Taylor J. An introduction to support vector machines and other kernel-based learning methods. "— Cambridge University Press, 2000. "— March. 5. Schoelkopf B., Sung K., Burges C. et al. Comparing Support Vector Machines with Gaussian Kernels to Radial Basis Function Classifiers: Tech. rep.: Massachusetts Institute of Technology, 1996. 6. Bedi C., Goyal H. Qualitative and Quantitative Evaluation of Image Denoising Techniques// International Journal of Computer Applications. — 2010. — October. — Vol. 8, no.14. — pp.31–34. 7. Pevný T., Fridrich J. Merging Markov and DCT Features for Multi-Class JPEG Steganalysis // Proceedings SPIE, Electronic Imaging, Security, Steganography, and Watermarking of Multimedia Contents IX. "— Vol. 6505. "— 2007. 8. Pevný T., Bas P., Fridrich J. Steganalysis by subtractive pixel adjacency matrix // Trans. Info. For. Sec. "— 2010. "— June. "— Vol. 5. "— pp. 215–224. 5.The market overview of steganography software Blindside is an application of steganography that allows one to conceal a file, or set of files within a standard computer image. The new image looks identical to the human eye, but can contain up to 50k or so of secret data. The hidden files can also be password encrypted, to prevent unauthorised access to their data. DataMark Technologies currently market four digital steganography products StegComm for confidential multimedia communication, StegMark for digital watermarking of digital storage media, StegSafe for digital storage and linkage and StegSign for e-commerce transactions. Each software product is packaged into a Standard version and a Professional version. While the Standard versions cater to the general needs of our customers, additional security and accessibility features are found in Professional versions. Digital Picture Envelope is a program you can make your secret data imperceptible to any human eyes. So, you can store/send it very safely in/through your computer. Actually, it can embed your secret data in a vessel image (we call it a "dummy" image, or a "picture envelope") without changing the visual quality of the dummy image.It does not change even the file size. If you want to see the secret data, you can easily restore it from the secret- embedded dummy image. Steganography in CAD/CAM/PLM. Contents. 45 The program gifshuffle is used to conceal messages in GIF images by shuffling the colourmap, which leaves the image visibly unchanged. gifshuffle works with all GIF images, including those with transparency and animation, and in addition provides compression and encryption of the concealed message. Hide4PGP is a freeware program distributed as source code in ANSI C and precompiled executables for DOS (any version but 1.x - is there one outside the museum?), OS/2 (Warp and up), and the Win32 console (9x and NT). It's purpose is to hide any data in a way that the viewer or listener does not recognize any difference. InThePicture Encrypt Files & Messages into redundant space in Windows Bitmap (BMP) image files. Invisible Secrets hides your private data into innocent looking files, like pictures, or web pages. It also features: strong encryption algorithms; a locker that allows you to password protect certain applications; a password management solution and a realrandom password generator; a shredder that helps you destroy beyond recovery files, folders and internet traces; the ability to create self-decrypting packages; secured password transfer. JPHIDE and JPSEEK are programs which allow you to hide a file in a jpeg visual image. There are lots of versions of similar programs available on the internet but JPHIDE and JPSEEK are rather special. The design objective was not simply to hide a file but rather to do this in such a way that it is impossible to prove that the host file contains a hidden file. Given a typical visual image, a low insertion rate (under 5%) and the absence of the original file, it is not possible to conclude with any worthwhile certainty that the host file contains inserted data. As the insertion percentage increases the statistical nature of the jpeg coefficients differs from "normal" to the extent that it raises suspicion. Above 15% the effects begin to become visible to the naked eye. Of course some images are much better than others when used a host file - plenty of fine detail is good. A cloudless blue sky over a snow covered ski paradise is bad. A waterfall in a forest is probably ideal. P3Stego will hide information in MP3 files during the compression process. The data is first compressed, encrypted and then hidden in the MP3 bit stream. Although MP3Stego has been written with steganographic applications in mind it might be used as a copyright marking system for MP3 files (weak but still much better than the MPEG copyright flag defined by the standard). Any opponent can uncompress the bit stream and recompress it; this will delete the hidden information -- actually this is the only attack we know yet -- but at the expense of severe quality loss. Steganography in CAD/CAM/PLM. Contents. 46 NICETEXT is a package that converts any file into pseudo-natural-language text OutGuess is a universal steganographic tool that allows the insertion of hidden information into the redundant bits of data sources. The nature of the data source is irrelevant to the core of OutGuess. The program relies on data specific handlers that will extract redundant bits and write them back after modification. In this version the PNM and JPEG image formats are supported. In the next paragraphs, images will be used as concrete example of data objects, though OutGuess can use any kind of data, as long as a handler is provided. Scramdisk is a program that allows the creation and use of virtual encrypted drives. Basically, you create a container file on an existing hard drive which is created with a specific password. This container can then be mounted by the Scramdisk software which creates a new drive letter to represent the drive. The virtual drive can then only be accessed with the correct passphrase. Without the correct passphrase the files on the virtual drive are totally inaccessible. The program snow is used to conceal messages in ASCII text by appending whitespace to the end of lines. Because spaces and tabs are generally not visible in text viewers, the message is effectively hidden from casual observers. And if the built-in encryption is used, the message cannot be read even if it is detected. SteganoGifPaletteOrder Hiding data into the palette of a GIF file. Steganos hides secret information in sound, image, and text files. This sensitive data is being encrypted beforehand. That way files can be sent over the Internet without being discovered by a third party. Stego Hide and recover encrypted data in your GIF files StegParty is a system for hiding information inside of plain-text files. Unlike similar tools currently available it does not use random gibberish to encode data -- it relies on small alterations to the message, like changes to spelling and punctuation. Because of this you can use any plain-text file as your carrier , and it will be more-or-less understandable after the secret message is embedded. wbStego is a tool that hides any type of file in bitmap images, text files, HTML files or Adobe PDF files. The file in which you hide the data is not optically changed. It can be used to exchange sensitive data securely or to add hidden copyright information to the file. TextHide Software to hide any data in unsuspicious text in order to store or communicate secrets (textual steganography). Steganography in CAD/CAM/PLM. Contents. 47 6. Statement of the problem of detection of hidden messages. The vast majority of methods for detection of hidden data is based on an analysis of the characteristics of the probability distribution of the container elements. This allows you to predict the enemy's actions in solving the problem of detection of hidden data. The following is a mathematical model of the basic most probable enemy action, based on the provisions of detection theory. Adoption of a solution enemy hidden in the target data carrier is not performed on a single value of a quantity characterizing the contents of the media, and throughout the carrier, i.e. based on a sample consisting of N values of the implementation that makes better use of a priori information and to receive the greater good than the more significant sample size N. Thus, the task of the enemy on the development of detection methods can be interpreted as an optimization problem: P обн - probability of detection, Pлт – false alarm where a collection of empty containers, the function of hiding data - detection, F(I) = 1 if the decision is "YES" F(I) = 0 if the decision is "NO" We write the function of detection by assessing: - The threshold score. Since the containers are used as sources of excess real signal, the contents of the container can be divided into signal and "noise", where the noise is understood sampling noise, quantum noise, etc. the distortions introduced in the "ideal" signal. In the case of non-volatile media as containers for the noise we mean the unused blocks of the file system. Imagine the container as Steganography in CAD/CAM/PLM. Contents. 48 I = L +G Where - the container without the noise, - noise is present in the container. Then Where - the weight of the corresponding estimates. It is clear that with increasing resources enemy, particularly the number of empty containers available, estimation is improved: Besides the introduction of hidden data in the signal-to-container could result in «visible» outside observer distortions. Accordingly, based on the results of the analysis and of a hidden data channel practicable algorithms for data hiding place hidden in the noise of the data container: Thus, the optimal method for detection of hidden data is constructed based on the following algorithm of detection: Select the noise parameters from the provided container for analysis using the selected method of isolating the noise N, The decision is "YES" or "NO" depending on the evaluation of hidden data in the selected noise Consequently, the task of developing a detection method can be represented as a function of searching for an optimal evaluation and optimal allocation function Noise The task of constructing a noise estimation is the task of classification. According to its interpretation in the present case is required to construct an algorithm which assigns to the noise obtained from the presented analysis for the container to one of two classes - the class of noise containing hidden data or class of noises that do not contain hidden data. The object in this case, Steganography in CAD/CAM/PLM. Contents. 49 noise can be represented as a vector consisting of separate noise characteristics. The algorithm uses the sample selection, which consists of a set of empty and full containers. Application 1 PROGRAM for the discipline «Steganography in CAD/CAM/PLM». 1. Goals and objectives of the discipline: Familiarize students with various methods of steganography, used for hiding the project documentation in CAD/CAM/PLM during the data exchange within secure channels of communication and on peripheral storage devices. Main group of methods to be studied consists of the following group methods: • Classical steganography has been widely used, including in recent historical times and the present day. • Computer steganography - the branch of the classical steganography based on the characteristics of computing platform.( hiding data in unused fields of file formats, the substitution of characters in file names etc). • Digital steganography - the branch of the computer steganography, based on the data hiding within digital objects of the analog origin, i.e. multimedia objects (image, video stream, etc) Hiding data on various storage devices and in different channels of communication. 2. The study of this discipline is based on the following knowledge: - Mathematical analysis. (Fourier series and integrals, discrete spectral transforms, the theory of functions of complex variable theory of differential equations,special functions, - Linear Algebra. (The algebra of logic, algebra, fuzzy logic) - Probability theory (the theory of stochastic processes) 1. - Requirements for the results of the development of disciplines: 3. As a result, the discipline the student must: to know: • Elements of the theoretical foundations of classical steganography. • Elements of the theoretical foundations of computer steganography - hiding data in unused fields of file formats, the substitution of characters in file names, text steganography, the transmission of data within secure channels, etc. • Elements of the theoretical foundations of digital steganography - hiding data in digital objects with the analog nature, that is, the multimedia objects (images, videos, sounds). Steganography in CAD/CAM/PLM. Contents. 50 To be able to: • study new methods of embedding of the stego message into different containers on their own. • Assess the reliability of different implementations of steganography techniques possess. • Skills of the assessment of the subsystem’s ability to protect a data from an unauthorized access in various communication channels. • Skills of development of the software and the hardware complexes to protect the external storage devices from the unauthorized access and copying. 4. The volume of disciplines and types of training activities Type of school work Class work (total) Hours (Total) 52 Including: lectures 34 Workshops (as part of the complex) 18 Home work (total) Summary*) Type of certification (test, exam) 92 The total labor output ratio hours 92 test Note: Seminars are held in the conjunction with lectures. Lectures and seminars form complexes. *) The student must defend his summary during the colloquium. 5. Contents of discipline. The content of the complexes of discipline The name of the complex The theoretical foundations of computer steganography. Steg’s preparation Theoretical Foundations of digital steganography Сontent of the complex The methods of the data and signals concealing at the physical level. Special types of signal modulation. Special encoders and decoders. Scrambling in the channels of communication. Methods of optical, acoustic and radio holography. Formulation and solution of inverse problems in optics, acoustics, and radio. Theoretical Foundations of digital steganography methods based on the data hiding within digital objects of the analog nature. Steganography in CAD/CAM/PLM. Contents. Volume 10 20 12 51 Theoretical Foundations Mathematical methods for detection and of Steganalysis identification of stego into different containers 6. The content of the workshop (held in parallel with the lectures) 10 The discipline complex Software implementation of the spatial signal processing techniques. Software implementation of methods for solving the inverse problem. Software implementation of simulation methods of the messages embedding into different containers in computer steganography Software implementation of simulation methods of the messages embedding into different containers in digital steganography Software implementation of methods for steganalysis 7. Dining assignments for seminars means MathCAD 1. Workshop number 1. Determination of functions and definition of derivatives I). Find function values at x = 1. II). Find the derivatives of the function. 1. f ( x) 2 f ( x) 3 5 1 2 x 4 7; 4 3 5 2x x 4 5 1 7 x 6 2; 7 3 5 6x x 3. f ( x) 3x 2 1 3 1; 7 3 2 7x x III) Steganography methods. 1. Method LSB. 2. Hiding data in an image by Cutters. 3. Research on the influence of noise on the concealment method Cutters. 4. Steganography images using Patchwork. 5. Steganography sound method Patchwork. 6. Research on the influence of noise on the concealment method LSB. Educational-methodical and informational support disciplines: a) The basic literature http://www.cl.cam.ac.uk/~fapp2/steganography/ http://www.demcom.com/english/steganos/ Steganography in CAD/CAM/PLM. Contents. 52 http://eprint.iacr.org/2005/305 http://www.topreferats.ru/comp/6636.html http://www.signumtech.com b)Further Reading 1.Pereira S., Joseph J., Deguillaume F. Template Based recovery of Fourier-Based Watermarks Using log-polar and Log-log Maps. IEEE Int. Conf on Multimedia Computing and Systems, 1999. P. 5. 1. Lin Ch-Y., Chang Sh.-F. Distortion Modeling and Invariant Extraction for Digital Image Print-and Scan Process. International Symposium on Multimedia Information Processing, 1999. P. 10. 2. Lin Ch-Y., Chang Sh.-F. Public Watermarking Surviving General Scaling and Cropping: An Application for Print-and-Scan Process. Multimedia and Security Workshop at ACM Multimedia, 1999. 3. Pereira S., Thierry P. Fine Robust Template Matching for Affine Resistant Image Watermarks. IEEE Trans. on Image Processing, 1999. - P. 12. 4. Kutter M. Watermarking Resisting to Translation, Rotation, and Scaling. Signal Processing Laboratory, 1998. P. 10. 5. Kutter M. Digital Signature of Color Images using Amplitude Modulation. Signal Processing Laboratory, 1997. P. 9. 6. Herrigel A., Pereira S., Petersen H. Secure Copyright Protection Techniques for Digital Images. International Workshop on Information Hiding, 1998. P. 22. 7. Anderson R., Needham R., Shamir A. The Steganographic File System// Proceedings of the Second International Workshop on Information Hiding. — «Springer-Verlag, 1998.» — Pp. 73–82. 8. McDonald A., Kuhn M. StegFS: A Steganographic File System for Linux // In Information Hiding. "— 1999. "— Pp. 462–477. 9. Varun S., Shibin K. Magikfs – The Steganographic Filesystem On Linux // http://magikfs.sourceforge.net. 10. Chetan G. Dissecting NTFS Hidden Streams// http://www.forensicfocus.com/dissecting-ntfs-hidden-streams. Steganography in CAD/CAM/PLM. Contents. 53 11. Guillaume T. A few thoughts about steganography// http://www.guillermito2.net/stegano/ideas.html. 12. FIPS publication 197 Advanced Encryption Standard. — Federal Information Processing Standards Publ., 2001. 13. Fruhwirth C. New Methods in Hard Disk Encryption// http://clemens.endorphin.org/nmihde/nmihde-A4-os.pdf. Appendix Check lists. 1. A comparison of cryptographic capabilities and methods of steganography to hide data transmission channels transmit messages. 2 . What are the differences and similarities of methods of computer and digital steganography. 3 . Analyze vulnerabilities steganographic system based on its structural scheme. 4 . Analyse the "possibilities" of Eve in an attempt to identify the correspondence of Alice and Bob . 5 . Identify capacity constraints successfully hide data in images. 6. Contrast can be successfully hide data files containing images and audio files in digital steganography algorithms discussed . 7. Are there fundamental ( teoretichiskie ) constraints on development , the development of new methods of digital steganography. 8. Are there fundamental limitations in the development and the development of new methods of computer steganography. 9. Assess vulnerabilities in applications directories FAK stegosystem Steg FS. 10 . Determine fundamentally original method of digital steganography from those described in the manual . The comparative analysis of these methods by " originality ." 11. Determine the fundamental differences in the formulation of cryptanalysis and steganalysis . Steganography in CAD/CAM/PLM. Contents.