Biblio

Data exfiltration is of increasing concern throughout the world. The number of incidents and capabilities of data exfiltration attacks are growing at an unprecedented rate. However, such attack vectors have not been deeply explored in the literature. This paper aims to address this gap by implementing a data exfiltration methodology, detailing some data exfiltration methods. Groups of exfiltration methods are incorporated into a program that can act as a testbed for owners of any network that stores sensitive data. The implemented methods are tested against the well-known network intrusion detection system Snort, where all of them have been successfully evaded detection by its community rule sets. Thus, in this paper, we have developed new countermeasures to prevent and detect data exfiltration attempts using these methods.

Image steganography is a technique of hiding confidential data in the images. We do this by incorporating the LSB(Least Significant Bit) of the image pixels. LSB steganography has been there for a while, and much progress has been made in it. In this paper, we try to increase the security of the LSB steganography process by incorporating a random data distribution method which we call pixel locator sequence (PLS). This method scatters the data to be infused into the image by randomly picking up the pixels and changing their LSB value accordingly. This random distribution makes it difficult for unknowns to look for the data. This PLS file is also encrypted using AES and is key for the data encryption/decryption process between the two parties. This technique is not very space-efficient and involves sending meta-data (PLS), but that trade-off was necessary for the additional security. We evaluated the proposed approach using two criteria: change in image dynamics and robustness against steganalysis attacks. To assess change in image dynamics, we measured the MSE and PSNR values. To find the robustness of the proposed method, we used the tool StegExpose which uses the stego image produced from the proposed algorithm and analyzes them using the major steganalysis attacks such as Primary Sets, Chi-Square, Sample Pairs, and RS Analysis. Finally, we show that this method has good security metrics for best known LSB steganography detection tools and techniques.

In recent years, coverless image steganography attracts significant attentions due to its distortion-free trait on carrier images to avoid the detection by steganalysis tools. Despite this advantage, current coverless methods face several challenges, e.g., vulnerability to geometrical attacks and low hidden capacity. In this paper, we propose a novel coverless steganography algorithm based on chaotic encrypted dual radial harmonic Fourier moments (DRHFM) to tackle the challenges. In specific, we build mappings between the extracted DRHFM features and secret messages. These features are robust to various of attacks, especially to geometrical attacks. We further deploy the DRHFM parameters to adjust the feature length, thus ensuring the high hidden capacity. Moreover, we introduce a chaos encryption algorithm to enhance the security of the mapping features. The experimental results demonstrate that our proposed scheme outperforms the state-of-the-art coverless steganography based on image mapping in terms of robustness and hidden capacity.

Steganography is one of the techniques for secure transformation of data which aims at hiding information inside other media in such a way that no one will notice. The cover media that can accommodate secret information include text, audio, image, and video. Images are the most popular covering media in steganography, due to the fact that, they are heavily used in daily applications and have high redundancy in representation. In this paper, we propose an adaptive steganography algorithm for hiding information in RGB images. To minimize visual perceptible distortion, the proposed algorithm uses edge pixels for embedding data. It detects the edge pixels in the image using the Sobel filter. Then, the message is embedded into the LSBs of the blue channel of the edge pixels. To resist statistical attacks, the distribution of the blue channel of the edge pixels is used when embedding data in the cover image. The experimental results showed that the algorithm offers high capacity for hiding data in cover images; it does not distort the quality of the stego image; it is robust enough against statistical attacks; and its execution time is short enough for online data transfer. Also, the results showed that the proposed algorithm outperforms similar approaches in all evaluation metrics.

In this current age, stakeholders exchange legal documents, as well as documents that are official, sensitive and confidential via digital channels[1]. To securely communicate information between stakeholders is not an easy task considering the intentional or unintentional changes and possible attacks that can occur during communication. This paper focuses on protecting and securing data by hiding the data using steganography techniques, after encrypting the data to avoid unauthorized changes or modification made by adversaries to the data through using the Simplified Data Encryption Technique. By leveraging on these two approaches, secret data security intensifies to two levels and a steganography image of high quality is attained. Cryptography converts plaintext into cipher text (unreadable text); whereas steganography is the technique of hiding secret messages in other messages. First encryption of data is done using the Simplified Data Encryption Standard (S-DES) algorithm after which the message encrypted is embedded in the cover image by means of the Least Significant Bit (LSB) approach.

With the rapid development of the internet of things and cloud computing, users can instantly transmit a large amount of data to various fields, with the development of communication technology providing convenience for people's life, information security is becoming more and more important. Therefore, it is of great significance to study the technology of image hiding information detection. This paper mainly uses the support vector machine learning algorithm to detect the hidden information of the image, based on a standard image library, randomly selecting images for embedding secret information. According to the bit-plane correlation and the gradient energy change of a single bit-plane after encryption of an image LSB matching algorithm, gradient energy change is selected as characteristic change, and the gradient energy change is innovatively applied to a support vector machine classifier algorithm, and has very good detection effect and good stability on the dense image with the embedding rate of more than 40 percent.

In the field of image steganography, edge detection based implantation methods play vital rules in providing stronger security of hided data. In this arena, researcher applies a suitable edge detection method to detect edge pixels in an image. Those detected pixels then conceive secret message bits. A very recent trend is to employ multiple edge detection methods to increase edge pixels in an image and thus to enhance the embedding capacity. The uses of multiple edge detectors additionally boost up the data security. Like as the demand for embedding capacity, many applications need to have the modified image, i.e., stego image, with good quality. Indeed, when the message payload is low, it will not be a better idea to finds more local pixels for embedding that small payload. Rather, the image quality will look better, visually and statistically, if we could choose a part but sufficient pixels to implant bits. In this article, we propose an algorithm that uses multiple edge detection algorithms to find edge pixels separately and then selects pixels which are common to all edges. This way, the proposed method decreases the number of embeddable pixels and thus, increases the image quality. The experimental results provide promising output.

This article shows the possibility of detection of the hidden information in images. This is the approach to steganalysis than the basic data about the image and the information about the hiding method of the information are unknown. The architecture of the convolutional neural network makes it possible to detect small changes in the image with high probability.

There has been a growing expansion in the use of steganography, due to the evolution in using internet technology and multimedia technology. Hence, nowadays, the information is not secured sufficiently while transmitting it over the network. Therefore, information security has taken an important role to provide security against unauthorized individuals. This paper proposes steganography and cryptography technique to secure image based on hybrid edge detector. Cryptography technique is used to encrypt a secret image by using Vernam cipher algorithm. The robust of this algorithm is depending on pseudorandom key. Therefore, pseudo-random key is generated from a nonlinear feedback shift register (Geffe Generator). While in steganography, Hybrid Sobel and Kirch edge detector have been applied on the cover image to locate edge pixels. The least significant bit (LSB) steganography technique is used to embed secret image bits in the cover image in which 3 bits are embedded in edge pixel and 2 bits in smooth pixel. The proposed method can be used in multi field such as military, medical, communication, banking, Electronic governance, and so on. This method gives an average payload ratio of 1.96 with 41.5 PSNR on average. Besides, the maximum size of secret image that can be hidden in the cover image of size 512*512 is 262*261. Also, when hiding 64800 bits in baboon cover image of size 512*512, it gives PSNR of 50.42 and MSE of 0.59.

Video Steganography is an extension of image steganography where any kind of file in any extension is hidden into a digital video. The video content is dynamic in nature and this makes the detection of hidden data difficult than other steganographic techniques. The main motive of using video steganography is that the videos can store large amount of data in it. This paper focuses on security using the combination of hybrid neural networks and hash function for determining the best bits in the cover video to embed the secret data. For the embedding process, the cover video and the data to be hidden is uploaded. Then the hash algorithm and neural networks are applied to form the stego video. For the extraction process, the reverse process is applied and the secret data is obtained. All experiments are done using MatLab2016a software.

In this paper, we develop a statistical framework for image steganography in which the cover and stego messages are modeled as multivariate Gaussian random variables. By minimizing the detection error of an optimal detector within the generalized adopted statistical model, we propose a novel Gaussian embedding method. Furthermore, we extend the formulation to cost-based steganography, resulting in a universal embedding scheme that works with embedding costs as well as variance estimators. Experimental results show that the proposed approach avoids embedding in smooth regions and significantly improves the security of the state-of-the-art methods, such as HILL, MiPOD, and S-UNIWARD.

Now-a-days, video steganography has developed for a secured communication among various users. The two important factor of steganography method are embedding potency and embedding payload. Here, a Multiple Object Tracking (MOT) algorithmic programs used to detect motion object, also shows foreground mask. Discrete wavelet Transform (DWT) and Discrete Cosine Transform (DCT) are used for message embedding and extraction stage. In existing system Least significant bit method was proposed. This technique of hiding data may lose some data after some file transformation. The suggested Multiple object tracking algorithm increases embedding and extraction speed, also protects secret message against various attackers.

In recent years, various cloud-based services have been introduced in our daily lives, and information security is now an important topic for protecting the users. In the literature, many technologies have been proposed and incorporated into different services. Data hiding or steganography is a data protection technology, and images are often used as the cover data. On the other hand, steganalysis is an important tool to test the security strength of a steganography technique. So far, steganalysis has been used mainly for detecting the existence of secret data given an image, i.e., to classify if the given image is a normal or a stego image. In this paper, we investigate the possibility of identifying the locations of the embedded data if the a given image is suspected to be a stego image. The purpose is of two folds. First, we would like to confirm the decision made by the first level steganalysis; and the second is to provide a way to guess the size of the embedded data. Our experimental results show that in most cases the embedding positions can be detected. This result can be useful for developing more secure steganography technologies.

Steganography means hiding secrete message in cover object in a way that no suspicious from the attackers, the most popular steganography schemes is image steganography. A very common questions that asked in the field are: 1- what is the embedding scheme used?, 2- where is (location) the secrete messages are embedded?, and 3- how the sender will tell the receiver about the locations of the secrete message?. Here in this paper we are deal with and aimed to answer questions number 2 and 3. We used the popular scheme in image steganography which is least significant bits for embedding in edges positions in color images. After we separate the color images into its components Red, Green, and Blue, then we used one of the components as an index to find the edges, while other one or two components used for embedding purpose. Using this technique we will guarantee the same number and positions of edges before and after embedding scheme, therefore we are guaranteed extracting the secrete message as it's without any loss of secrete messages bits.

Network steganography is a branch of steganography that hides information through packet header manipulation and uses protocols as carriers to hide secret information. Many techniques were already developed using the Transmission Control Protocol (TCP) headers. Among the schemes in hiding information in the TCP header, the Initial Sequence Number (ISN) field is the most difficult to be detected since this field can have arbitrary values within the requirements of the standard. In this paper, a more undetectable scheme is proposed by increasing the complexity of hiding data in the TCP ISN using dynamic identifiers. The experimental results have shown that using Bayes Net, the proposed scheme outperforms the existing scheme with a low detection accuracy of 0.52%.

Part of our team proposed a new steganalytic method based on NIST tests at MMM-ACNS 2017 [1], and it was encouraged to investigate some cipher modifications to prevent such types of steganalysis. In the current paper, we propose one cipher modification based on decompression by arithmetic source compression coding. The experiment shows that the current proposed method allows to protect stegosystems against steganalysis based on NIST tests, while security of the encrypted embedded messages is kept. Protection of contemporary image steganography based on edge detection and modified LSB against NIST tests steganalysis is also presented.

In this paper, a general content adaptive image steganography detector in the spatial domain is proposed. We assemble conventional Haar and LBP features to construct local co-occurrence features, then the boosted classifiers are used to assemble the features as well as the final detector, and each weak classifier of the boosted classifiers corresponds to the co-occurrence feature of a local image region. Moreover, the classification ability and the generalization power of the candidate features are both evaluated for decision in the feature selection procedure of boosting training, which makes the final detector more accuracy. The experimental results on standard dataset show that the proposed framework can detect two primary content adaptive stego algorithms in the spatial domain with higher accuracy than the state-of-the-art steganalysis method.

Steganography is defined as the art of hiding secret data in a non-secret digital carrier called cover media. Trading delicate data without assurance against intruders that may intrude on this data is a lethal. In this manner, transmitting delicate information and privileged insights must not rely on upon just the current communications channels insurance advancements. Likewise should make more strides towards information insurance. This article proposes an improved approach for video steganography. The improvement made by searching for exact matching between the secret text and the video frames RGB channels and Random Key -Dependent Data, achieving steganography performance criteria, invisibility, payload/capacity and robustness.

In traditional steganographic schemes, RGB three channels payloads are assigned equally in a true color image. In fact, the security of color image steganography relates not only to data-embedding algorithms but also to different payload partition. How to exploit inter-channel correlations to allocate payload for performance enhancement is still an open issue in color image steganography. In this paper, a novel channel-dependent payload partition strategy based on amplifying channel modification probabilities is proposed, so as to adaptively assign the embedding capacity among RGB channels. The modification probabilities of three corresponding pixels in RGB channels are simultaneously increased, and thus the embedding impacts could be clustered, in order to improve the empirical steganographic security against the channel co-occurrences detection. Experimental results show that the new color image steganographic schemes incorporated with the proposed strategy can effectively make the embedding changes concentrated mainly in textured regions, and achieve better performance on resisting the modern color image steganalysis.

Least Significant Bit (LSB) as one of steganography methods that already exist today is really mainstream because easy to use, but has weakness that is too easy to decode the hidden message. It is because in LSB the message embedded evenly to all pixels of an image. This paper introduce a method of steganography that combine LSB with clustering method that is Fuzzy C-Means (FCM). It is abbreviated with LSB\_FCM, then compare the stegano result with LSB method. Each image will divided into two cluster, then the biggest cluster capacity will be choosen, finally save the cluster coordinate key as place for embedded message. The key as a reference when decode the message. Each image has their own cluster capacity key. LSB\_FCM has disadvantage that is limited place to embedded message, but it also has advantages compare with LSB that is LSB\_FCM have more difficulty level when decrypted the message than LSB method, because in LSB\_FCM the messages embedded randomly in the best cluster pixel of an image, so to decrypted people must have the cluster coordinate key of the image. Evaluation result show that the MSE and PSNR value of LSB\_FCM some similiar with the pure LSB, it means that LSB\_FCM can give imperceptible image as good as the pure LSB, but have better security from the embedding place.

The security of image steganography is an important basis for evaluating steganography algorithms. Steganography has recently made great progress in the long-term confrontation with steganalysis. To improve the security of image steganography, steganography must have the ability to resist detection by steganalysis algorithms. Traditional embedding-based steganography embeds the secret information into the content of an image, which unavoidably leaves a trace of the modification that can be detected by increasingly advanced machine-learning-based steganalysis algorithms. The concept of steganography without embedding (SWE), which does not need to modify the data of the carrier image, appeared to overcome the detection of machine-learning-based steganalysis algorithms. In this paper, we propose a novel image SWE method based on deep convolutional generative adversarial networks. We map the secret information into a noise vector and use the trained generator neural network model to generate the carrier image based on the noise vector. No modification or embedding operations are required during the process of image generation, and the information contained in the image can be extracted successfully by another neural network, called the extractor, after training. The experimental results show that this method has the advantages of highly accurate information extraction and a strong ability to resist detection by state-of-the-art image steganalysis algorithms.

At the first Information Hiding Workshop in 1996 we tried to clarify the models and assumptions behind information hiding. We agreed the terminology of cover text and stego text against a background of the game proposed by our keynote speaker Gus Simmons: that Alice and Bob are in jail and wish to hatch an escape plan without the fact of their communication coming to the attention of the warden, Willie. Since then there have been significant strides in developing technical mechanisms for steganography and steganalysis, with new techniques from machine learning providing ever more powerful tools for the analyst, such as the ensemble classifier. There have also been a number of conceptual advances, such as the square root law and effective key length. But there always remains the question whether we are using the right security metrics for the application. In this talk I plan to take a step backwards and look at the systems context. When can stegosystems actually be used? The deployment history is patchy, with one being Trucrypt's hidden volumes, inspired by the steganographic file system. Image forensics also find some use, and may be helpful against some adversarial machine learning attacks (or at least help us understand them). But there are other contexts in which patterns of activity have to be hidden for that activity to be effective. I will discuss a number of examples starting with deception mechanisms such as honeypots, Tor bridges and pluggable transports, which merely have to evade detection for a while; then moving on to the more challenging task of designing deniability mechanisms, from leaking secrets to a newspaper through bitcoin mixes, which have to withstand forensic examination once the participants come under suspicion. We already know that, at the system level, anonymity is hard. However the increasing quantity and richness of the data available to opponents may move a number of applications from the deception category to that of deniability. To pick up on our model of 20 years ago, Willie might not just put Alice and Bob in solitary confinement if he finds them communicating, but torture them or even execute them. Changing threat models are historically one of the great disruptive forces in security engineering. This leads me to suspect that a useful research area may be the intersection of deception and forensics, and how information hiding systems can be designed in anticipation of richer and more complex threat models. The ever-more-aggressive censorship systems deployed in some parts of the world also raise the possibility of using information hiding techniques in censorship circumvention. As an example of recent practical work, I will discuss Covertmark, a toolkit for testing pluggable transports that was partly inspired by Stirmark, a tool we presented at the second Information Hiding Workshop twenty years ago.

This paper presents an effective steganalytic scheme based on CNN for detecting MP3 steganography in the entropy code domain. These steganographic methods hide secret messages into the compressed audio stream through Huffman code substitution, which usually achieve high capacity, good security and low computational complexity. First, unlike most previous CNN based steganalytic methods, the quantified modified DCT (QMDCT) coefficients matrix is selected as the input data of the proposed network. Second, a high pass filter is used to extract the residual signal, and suppress the content itself, so that the network is more sensitive to the subtle alteration introduced by the data hiding methods. Third, the \$ 1 $\backslash$times 1 \$ convolutional kernel and the batch normalization layer are applied to decrease the danger of overfitting and accelerate the convergence of the back-propagation. In addition, the performance of the network is optimized via fine-tuning the architecture. The experiments demonstrate that the proposed CNN performs far better than the traditional handcrafted features. In particular, the network has a good performance for the detection of an adaptive MP3 steganography algorithm, equal length entropy codes substitution (EECS) algorithm which is hard to detect through conventional handcrafted features. The network can be applied to various bitrates and relative payloads seamlessly. Last but not the least, a sliding window method is proposed to steganalyze audios of arbitrary size.

Leading steganography systems make use of the Syndrome-Trellis Code (STC) algorithm to minimize a distortion function while encoding the desired payload, but this constrains the distortion function to be additive. The Gibbs Embedding algorithm works for a certain class of non-additive distortion functions, but has its own limitations and is highly complex. In this short paper we show that it is possible to modify the STC algorithm in a simple way, to minimize a non-additive distortion function suboptimally. We use it for two examples. First, applying it to the S-UNIWARD distortion function, we show that it does indeed reduce distortion, compared with minimizing the additive approximation currently used in image steganography, but that it makes the payload more – not less – detectable. This parallels research attempting to use Gibbs Embedding for the same task. Second, we apply it to distortion defined by the output of a specific detector, as a counter-move in the steganography game. However, unless the Warden is forced to move first (by fixing the detector) this is highly detectable.

From the three basic paradigms to implement steganography, the concept to realise the information hiding by modifying preexisting cover objects (i.e. steganography by modification) is by far dominating the scientific work in this field, while the other two paradigms (steganography by cover selection or -synthesis) are marginalised although they inherently create stego objects that are closer to the statistical properties of unmodified covers and therefore would create better (i.e. harder to detect) stego channels. Here, we revisit the paradigm of steganography by synthesis to discuss its benefits and limitations on the example of face morphing in images as an interesting synthesis method. The reason to reject steganography by modification as no longer suitable lies in the current trend of steganography being used in modern day malicious software (malware) families like StuxNet, Duqu or Duqu 2. As a consequence, we discuss here the resulting shift in detection assumptions from cover-only- to cover-stegoattacks (or even further) automatically rendering even the most sophisticated steganography by modification methods useless. In this paper we use the example of face morphing to demonstrate the necessary conditions1 'undetectability' as well as 'plausibility and indeterminism' for characterizing suitable synthesis methods. The widespread usage of face morphing together with the content dependent, complex nature of the image manipulations required and the fact that it has been established that morphs are very hard to detect, respectively keep apart from other (assumedly innocent) image manipulations assures that it can successfully fulfil these necessary conditions. As a result it could be used as a core for driving steganography by synthesis schemes inherently resistant against cover-stego-attacks.