Biblio

Edge detection based embedding techniques are famous for data security and image quality preservation. These techniques use diverse edge detectors to classify edge and non-edge pixels in an image and then implant secrets in one or both of these classes. Image with conceived data is called stego image. It is noticeable that none of such researches tries to reform the original image from the stego one. Rather, they devote their concentration to extract the hidden message only. This research presents a solution to the raised reversibility problem. Like the others, our research, first, applies an edge detector e.g., canny, in a cover image. The scheme next collects \$n\$-LSBs of each of edge pixels and finally, concatenates them with encrypted message stream. This method applies a lossless compression algorithm to that processed stream. Compression factor is taken such a way that the length of compressed stream does not exceed the length of collected LSBs. The compressed message stream is then implanted only in the edge pixels by \$n\$-LSB substitution method. As the scheme does not destroy the originality of non-edge pixels, it presents better stego quality. By incorporation the mechanisms of encryption, concatenation, compression and \$n\$-LSB, the method has enriched the security of implanted data. The research shows its effectiveness while implanting a small sized message.

Image steganography is a technique of hiding confidential data in the images. We do this by incorporating the LSB(Least Significant Bit) of the image pixels. LSB steganography has been there for a while, and much progress has been made in it. In this paper, we try to increase the security of the LSB steganography process by incorporating a random data distribution method which we call pixel locator sequence (PLS). This method scatters the data to be infused into the image by randomly picking up the pixels and changing their LSB value accordingly. This random distribution makes it difficult for unknowns to look for the data. This PLS file is also encrypted using AES and is key for the data encryption/decryption process between the two parties. This technique is not very space-efficient and involves sending meta-data (PLS), but that trade-off was necessary for the additional security. We evaluated the proposed approach using two criteria: change in image dynamics and robustness against steganalysis attacks. To assess change in image dynamics, we measured the MSE and PSNR values. To find the robustness of the proposed method, we used the tool StegExpose which uses the stego image produced from the proposed algorithm and analyzes them using the major steganalysis attacks such as Primary Sets, Chi-Square, Sample Pairs, and RS Analysis. Finally, we show that this method has good security metrics for best known LSB steganography detection tools and techniques.

We present a covert (low probability of detection) communication scheme that exploits the node multiplicity and channel variations in wireless broadcast networks. The transmitter hides the covert (private) message by superimposing it onto a non-covert (public) message such that the total transmission power remains the same whether or not the covert message is transmitted. It makes the detection of the covert message impossible unless the non-covert message is decoded. We exploit the multiplicity of non-covert messages (users) to provide a degree of freedom in choosing the non-covert message such that the total detection error probability (sum of the probability of false alarm and missed detection) is maximized. We also exploit the channel variation to minimize the throughput loss on the non-covert message by sending the covert message only when the transmission rate of the non-covert message is low. We show that the total detection error probability converges fast to 1 as the number of non-covert users increases and that the total detection error probability increases as the transmit power increases, without requiring a pre-shared secret among the nodes.

Hiding information is a process to hide data or include it in different digital media such as image, audio, video, and text. However, there are many techniques to achieve the process of hiding information in the image processing, in this paper, a new method has been proposed for hidden data mechanism (which is a text file), then a transposition cipher method has been employed for encryption completed. It can be used to build an encrypted text and also to increase security against possible attacks while sending it over the World Wide Web. A genetic algorithm has been affected in the adjustment of the encoded text and DNA in the creation of an encrypted text that is difficult to detect and then include in the image and that affected the image visual quality. The proposed method outperforms the state of arts in terms of efficiently retrieving the embedded messages. Performance evaluation has been recorded high visual quality scores for the (SNR (single to noise ratio), PSNR (peak single to noise ratio) and MSE (mean square error).

Data Transmission in network security is one of the most vital issues in today's communication world. The outcome of the suggested method is outlined over here. Enhanced security can be achieved by this method. The vigorous growth in the field of information communication has made information transmission much easier. But this type of advancement has opened up many possibilities of information being snooped. So, day-by-day maintaining of information security is becoming an inseparable part of computing and communication. In this paper, the authors have explored techniques that blend cryptography & steganography together. In steganography, information is kept hidden behind a cover image. In this paper, approaches for information hiding using both cryptography & steganography is proposed keeping in mind two considerations - size of the encrypted object and degree of security. Here, signature image information is kept hidden into cover image using private key of sender & receiver, which extracts the information from stego image using a public key. This approach can be used for message authentication, message integrity & non-repudiation purpose.

In this paper, we outline a novel, forward error correction-based information hiding technique for adaptive rate wireless communication systems. Specifically, we propose leveraging the functionality of wireless local area network modulation and coding schemes (MCS) and link adaptation mechanisms to significantly increase covert channel throughput. After describing our generalized information hiding model, we detail implementation of this technique within the IEEE 802.11ad, directional multi-Gigabit standard. Simulation results demonstrate the potential of the proposed techniques to develop reliable, high-throughput covert channels under multiple MCS rates and embedding techniques. Covert channel performance is evaluated in terms of the observed packet error ratio of the underlying communication system as well as the bit error ratio of the hidden data.

The increasing diffusion of malware endowed with steganographic techniques requires to carefully identify and evaluate a new set of threats. The creation of a covert channel to hide a communication within network traffic is one of the most relevant, as it can be used to exfiltrate information or orchestrate attacks. Even if network steganography is becoming a well-studied topic, only few works focus on IPv6 and consider real network scenarios. Therefore, this paper investigates IPv6 covert channels deployed in the wild. Also, it presents a performance evaluation of six different data hiding techniques for IPv6 including their ability to bypass some intrusion detection systems. Lastly, ideas to detect IPv6 covert channels are presented.

Currently, due to improvements in defensive systems network covert channels are increasingly drawing attention of cybercriminals and malware developers as they can provide stealthiness of the malicious communication and thus to bypass existing security solutions. On the other hand, the utilized data hiding methods are getting increasingly sophisticated as the attackers, in order to stay under the radar, distribute the covert data among many connections, protocols, etc. That is why, the detection of such threats becomes a pressing issue. In this paper we make an initial step in this direction by presenting a data mining-based detection of such advanced threats which relies on pattern discovery technique. The obtained, initial experimental results indicate that such solution has potential and should be further investigated.

Network covert channels are currently typically seen as a security threat which can result in e.g. confidential data leakage or in a hidden data exchange between malicious parties. However, in this paper we want to investigate network covert channels from a less obvious angle i.e. we want to verify whether it is possible to use them as a green networking technique. Our observation is that usually covert channels utilize various redundant "resources" in network protocols e.g. unused/reserved fields that would have been transmitted anyway. Therefore, using such "resources" for legitimate transmissions can increase the total available bandwidth without sending more packets and thus offering potential energy savings. However, it must be noted that embedding and extracting processes related to data hiding consumes energy, too. That is why, in this paper we try to establish whether the potentially saved energy due to covert channels utilization exceeds the effort needed to establish and maintain covert data transmission. For this purpose, a proof-of-concept implementation has been created to experimentally measure the impact of network covert channels on resulting energy consumption. The obtained results show that the approach can be useful mostly under specific circumstances, i.e., when the total energy consumption of the network devices is already relatively high. Furthermore, the impact of different types of network covert channels on the energy consumption is examined to assess their usefulness from the green networking perspective.

Network covert channels enable stealthy communications for malware and data exfiltration. For this reason, the development of effective countermeasures for covert channels is important for the protection of individuals and organizations. However, due to the number of available covert channel techniques, it can be considered impractical to develop countermeasures for all existing covert channels. In recent years, researchers started to develop countermeasures that (instead of only countering one particular hiding technique) can be applied to a whole family of similar hiding techniques. These families are referred to as hiding patterns. The main contribution of this paper is that we extend the idea of hiding patterns by introducing the concept of countermeasure variation. Countermeasure variation is the slight modification of a given countermeasure that was designed to detect covert channels of one specific hiding pattern so that the countermeasure can also detect covert channels that are representing other hiding patterns. We exemplify countermeasure variation using the compressibility score originally presented by Cabuk et al. The compressibility score is used to detect covert channels of the 'inter-packet times' pattern and we show that countermeasure variation allows the application of the compressibility score to detect covert channels of the 'size modulation' pattern, too.

With the rapid development of computer networks, multimedia information is widely used, and the security of digital media has drawn much attention. The revised photo as a forensic evidence will distort the truth of the case badly tampered pictures on the social network can have a negative impact on the parties as well. In order to ensure the authenticity and integrity of digital media, self-recovery of digital images based on information hiding is studied in this paper. Jarvis half-tone change is used to compress the digital image and obtain the backup data, and then spread the backup data to generate the reference data. Hash algorithm aims at generating hash data by calling reference data and original data. Reference data and hash data together as a digital watermark scattered embedded in the digital image of the low-effective bits. When the image is maliciously tampered with, the hash bit is used to detect and locate the tampered area, and the image self-recovery is performed by extracting the reference data hidden in the whole image. In this paper, a thorough rebuild quality assessment of self-healing images is performed and better performance than the traditional DCT(Discrete Cosine Transform)quantization truncation approach is achieved. Regardless of the quality of the tampered content, a reference authentication system designed according to the principles presented in this paper allows higher-quality reconstruction to recover the original image with good quality even when the large area of the image is tampered.

Subliminal channels in digital signatures provide a very effective method to clandestinely leak information from inside a system to a third party outside. Information can be hidden in signature parameters in a way that both network operators and legitimate receivers would not notice any suspicious traces. Subliminal channels have previously been discovered in other signatures, such as ElGamal and ECDSA. Those signatures are usually just sparsely exchanged in network protocols, e.g. during authentication, and their usability for leaking information is therefore limited. With the advent of high-speed signatures such as EdDSA, however, scenarios become feasible where numerous packets with individual signatures are transferred between communicating parties. This significantly increases the bandwidth for transmitting subliminal information. Examples are broadcast clock synchronization or signed sensor data export. A subliminal channel in signatures appended to numerous packets allows the transmission of a high amount of hidden information, suitable for large scale data exfiltration or even the operation of command and control structures. In this paper, we show the existence of a broadband subliminal channel in the EdDSA signature scheme. We then discuss the implications of the subliminal channel in practice using thee different scenarios: broadcast clock synchronization, signed sensor data export, and classic TLS. We perform several experiments to show the use of the subliminal channel and measure the actual bandwidth of the subliminal information that can be leaked. We then discuss the applicability of different countermeasures against subliminal channels from other signature schemes to EdDSA but conclude that none of the existing solutions can sufficiently protect against data exfiltration in network protocols secured by EdDSA.

Due to improvements in defensive systems, network threats are becoming increasingly sophisticated and complex as cybercriminals are using various methods to cloak their actions. This, among others, includes the application of network steganography e.g. to hide the communication between an infected host and a malicious control server by embedding commands into innocent-looking traffic. Currently, a new subtype of such methods called inter-protocol steganography emerged. It utilizes relationships between two or more overt protocols to hide data. In this paper, we present new inter-protocol hiding techniques which are suitable for real-time services. Afterwards, we introduce and present preliminary results of a novel steganography detection approach which relies on network traffic coloring.

3D steganography is used in order to embed or hide information into 3D objects without causing visible or machine detectable modifications. In this paper we rethink about a high capacity 3D steganography based on the Hamiltonian path quantization, and increase its resistance to steganalysis. We analyze the parameters that may influence the distortion of a 3D shape as well as the resistance of the steganography to 3D steganalysis. According to the experimental results, the proposed high capacity 3D steganographic method has an increased resistance to steganalysis.

Covert operations involving clandestine dealings and communication through cryptic and hidden messages have existed since time immemorial. While these do have a negative connotation, they have had their fair share of use in situations and applications beneficial to society in general. A "Dead Drop" is one such method of espionage trade craft used to physically exchange items or information between two individuals using a secret rendezvous point. With a "Dead Drop", to maintain operational security, the exchange itself is asynchronous. Information hiding in the slack space is one modern technique that has been used extensively. Slack space is the unused space within the last block allocated to a stored file. However, hiding in slack space operates under significant constraints with little resilience and fault tolerance. In this paper, we propose FROST – a novel asynchronous "Digital Dead Drop" robust to detection and data loss with tunable fault tolerance. Fault tolerance is a critical attribute of a secure and robust system design. Through extensive validation of FROST prototype implementation on Ubuntu Linux, we confirm the performance and robustness of the proposed digital dead drop to detection and data loss. We verify the recoverability of the secret message under various operating conditions ranging from block corruption and drive de-fragmentation to growing existing files on the target drive.

Even if information hiding can be used for licit purposes, it is increasingly exploited by malware to exfiltrate data or to coordinate attacks in a stealthy manner. Therefore, investigating new methods for creating covert channels is fundamental to completely assess the security of the Internet. Since the popularity of the carrier plays a major role, this paper proposes to hide data within VoIP traffic. Specifically, we exploit Voice Activity Detection (VAD), which suspends the transmission during speech pauses to reduce bandwidth requirements. To create the covert channel, our method transforms a VAD-activated VoIP stream into a non-VAD one. Then, hidden information is injected into fake RTP packets generated during silence intervals. Results indicate that steganographically modified VAD-activated VoIP streams offer a good trade-off between stealthiness and steganographic bandwidth.

In this paper, we present a new kind of near-optimal double-layered syndrome-trellis codes (STCs) for spatial domain steganography. The STCs can hide longer message or improve the security with the same-length message comparing to the previous double-layered STCs. In our scheme, according to the theoretical deduction we can more precisely divide the secret payload into two parts which will be embedded in the first layer and the second layer of the cover respectively with binary STCs. When embed the message, we encourage to realize the double-layered embedding by ±1 modifications. But in order to further decrease the modifications and improve the time efficient, we allow few pixels to be modified by ±2. Experiment results demonstrate that while applying this double-layered STCs to the adaptive steganographic algorithms, the embedding modifications become more concentrative and the number decreases, consequently the security of steganography is improved.