Add to collection(s) Add to saved
  1. Social Science
  2. Political Science
  3. Media

steganography lecture

advertisement 
Steganography
Cyber Security Camp, July 22, 2015
Rodrigo Sardiñas
Dr. David Umphress
William Frazier
What is Steganography
2
What is Steganography
• The art of covered or hidden writing.
• Steganos – Greek word meaning “covered”
• Graphy – Latin word meaning “writing” or
“drawing”
• Thousands of years old
– Tattoos, symbols, contextual clues/jargon, bunnies
• Difficult to detect (if you don’t know its there)
3
What Steganography is Not
• Cryptography
– Kryptos = secret or hidden
– Graphein/Logia = writing/study
– The art of writing or solving codes.
– Hide the meaning, not the message
• Steganography
– Hide the message, not the meaning
• Can both be used to obscure data
4
Example 1
• Covered or concealment ciphers
– Use null cipher to hide message according
to some prearranged set of rules
Frank is not doing my editing.
Hidden message: “Find me”
5
Activity 1
• At your table, devise your own concealment
cipher strategy. (5 minutes)
• Use that strategy to hide a message. (3 min)
• Class will have several minutes to try to
decipher each group’s message.
– Prize for group with most correct guesses
– Prize for group with most elaborate or creative
strategy
6
Types of Steganography
Insertion
Substitution
Generation
7
Insertion (Injection)
• Hide data in sections of a file that are not
processed
– Comments section in HTML file
– After EOF marker in regular file
– Metadata section of file
•
•
•
•
No modification of relevant data
Will add to original file size
No limit to how much can be hidden
Potential to detect if compared to original
8
Example 2
Steganography via injection
Original
Edited in Notepad++
9
Activity 2 (text only)
•
•
•
•
Open an image using notepad++
Write a message at the bottom of the file
Open the image normally to view it
Experiment with writing messages at various
locations in the image (in notepad++) to see what
happens
• Discuss results of inserting messages in places
other than at the end
– What happens when you add text to beginning?
– What about somewhere in the middle?
10
Activity 3 (files)
• Create file(s) (any files, text, word, etc…)
• Zip files up using built-in windows zip command
(send to -> zip file)
• Place zip and an image in same folder
• Open command in current directory
– Shift + right click -> open command prompt here
• copy /b [name of picture].jpg + [name of zip file].zip
[new name for picture].jpg
• View new image normally
• Change file extension to .zip to view archive contents
11
Substitution
• Make minor changes in data such that
user doesn’t notice change
• No change in file size
• Limited in how much can be hidden
• Potential to detect if compared to
original
12
Example 3
Least Significant Bit Substitution
Original
Modified
13
Activity 5
• Open a web browser and go to the following URL:
– http://www.mobilefish.com/services/steganography/ste
ganography.php
•
•
•
•
•
•
Follow instructions to upload any image
Type hidden message
Do not enter a password (no encryption)
Download image with message inside
Open in notepad++ to see if you can find message
Go back to website and follow instructions to
show message
14
End of Session 1
Lunch
15
Generation
• Create new file from carrier (file hiding the data)
and hidden data file using some algorithm
• No limit to how much can be hidden
• Cannot be compared to original since a brand
new “original” file is created
16
Example 5
Use custom algorithm to hide data
Created image
Message hidden in
audio generated from
image
17
Activity 4 Do Together (part 1)
• Use Gimp to create
hidden message
– Create new image
– Change background
color
to black
– Create text in image
(use white text)
– Export image as JPEG
18
Activity 4 Do Together (part 2)
• Use coagula to convert JPEG to audio (.wav) file
– Open JPEG in coagula
– Select “render without blue”
• This should create coagula.wav in current folder
19
Activity 4 Do Together (part 3)
• Use Audacity to view message
– Open coagula.wav in audacity
– Select Spectrogram option to view hidden message
20
Activity 5 (part 1)
• Use OpenPuff to Hide, encrypt, and distract
• Hide data
– Choose 3 different passwords (write them down)
• 2 for crypto, 1 for scrambling
– Select data to hide
• From secret data folder
– Select multiple carriers (.mp3, .jpg, .pdf, ect…)
• From carrier folder
–
–
–
–
–
Sort carriers
Select noise level
Add Decoy
Enter 3 different passwords
Choose output folder(s)
21
Activity 5 (part 2)
22
Activity 5 (part 3)
• Use OpenPuff to Hide, encrypt, and distract
• Unhide data
– Enter all passwords
• If you want to unhide decoy, enter decoy passwords
• If you want to unhide data, enter data passwords
– Browse to folder with previous carriers and choose
correct ones
– Sort carriers in same order as before
– Select same noise level as before
– Verify data is correct
23
Activity 5 (part 4)
24
Who Uses Steganography
• Spies and terrorists
– http://www.washingtonpost.com/wpdyn/content/article/2010/06/30/AR2010063003108.html
• Commercial and Government
– Suggest to use with encryption
– Watermarking
• Hackers
– http://www.tripwire.com/state-of-security/incidentdetection/hackers-exfiltrating-data-with-videosteganography-via-cloud-video-services/
• All of us after this workshop!
25
Interesting Application of
Steganography
• https://danbowen.wordpress.com/2014/02/11/meet
-the-man-who-solved-the-mysterious-cicada-3301puzzle/
26
A Keystone in Building a Better Future for All
27
Related documents
Research Journal of Applied Sciences, Engineering and Technology 4(24): 5410-5415,... ISSN: 2040-7467
Research Journal of Applied Sciences, Engineering and Technology 4(24): 5410-5415,... ISSN: 2040-7467
Document12454313 12454313
Document12454313 12454313
Document13134097 13134097
Document13134097 13134097
Lecture10 - The University of Texas at Dallas
Lecture10 - The University of Texas at Dallas
Download
advertisement