Detection of Steganography using Metadata in Jpeg Files

Similar documents
Chapter 3 LEAST SIGNIFICANT BIT STEGANOGRAPHY TECHNIQUE FOR HIDING COMPRESSED ENCRYPTED DATA USING VARIOUS FILE FORMATS

A SECURE IMAGE STEGANOGRAPHY USING LEAST SIGNIFICANT BIT TECHNIQUE

Information Hiding: Steganography & Steganalysis

Exploiting the RGB Intensity Values to Implement a Novel Dynamic Steganography Scheme

LSB Encoding. Technical Paper by Mark David Gan

<Simple LSB Steganography and LSB Steganalysis of BMP Images>

An Integrated Image Steganography System. with Improved Image Quality

Basic concepts of Digital Watermarking. Prof. Mehul S Raval

Colored Digital Image Watermarking using the Wavelet Technique

A Study on Steganography to Hide Secret Message inside an Image

An Enhanced Least Significant Bit Steganography Technique

Steganography & Steganalysis of Images. Mr C Rafferty Msc Comms Sys Theory 2005

PRIOR IMAGE JPEG-COMPRESSION DETECTION

A Proposed Technique For Hiding Data Into Video Files

Introduction to More Advanced Steganography. John Ortiz. Crucial Security Inc. San Antonio

Jeffrey's Image Metadata Viewer

Different Steganography Methods and Performance Analysis

A New Steganographic Method for Palette-Based Images

Steganography using LSB bit Substitution for data hiding

An Implementation of LSB Steganography Using DWT Technique

Guide to Computer Forensics and Investigations Third Edition. Chapter 10 Chapter 10 Recovering Graphics Files

Comparative Analysis of Hybrid Algorithms in Information Hiding

A Study on Image Steganography Approaches in Digital Images

LECTURE 03 BITMAP IMAGE FORMATS

Modified Skin Tone Image Hiding Algorithm for Steganographic Applications

International Journal of Advance Engineering and Research Development IMAGE BASED STEGANOGRAPHY REVIEW OF LSB AND HASH-LSB TECHNIQUES

Image Compression and Decompression Technique Based on Block Truncation Coding (BTC) And Perform Data Hiding Mechanism in Decompressed Image

A New Steganographic Method Based on the Run Length of the Stego-Message. Eyas El-Qawasmeh and Alaa Alomari

Analysis of Secure Text Embedding using Steganography

Keywords Secret data, Host data, DWT, LSB substitution.

HTTP transaction with Graphics HTML file + two graphics files

STEGO-HUNTER :ATTACKING LSB BASED IMAGE STEGANOGRAPHIC TECHNIQUE

IMAGE STEGANOGRAPHY USING MODIFIED KEKRE ALGORITHM

Vernam Encypted Text in End of File Hiding Steganography Technique

Bitmap Image Formats

AN IMPROVED LSB METHOD OF STEGANOGRAPHY WITH JPEG COLORED IMAGE

Secret Communication on Facebook Using Image Steganography: Experimental Study

Image Steganography with Cryptography using Multiple Key Patterns

Transform Domain Technique in Image Steganography for Hiding Secret Information

Implementation of Effective, Robust and BPCS Data Embedding using LSB innovative Steganography Method

A Steganography Algorithm for Hiding Secret Message inside Image using Random Key

A New Secure Image Steganography Using Lsb And Spiht Based Compression Method M.J.Thenmozhi 1, Dr.T.Menakadevi 2

Images with (a) coding redundancy; (b) spatial redundancy; (c) irrelevant information

Carls-MacBook-Pro:Desktop carl$ exiftool -a -G1 EMMANUEL-MACRON-PORTRAIT-OFFICIEL.jpg [ExifTool] ExifTool Version Number : [System] File Name :

Digital Image Sharing using Encryption Processes

A New Image Steganography Depending On Reference & LSB

Genetic Algorithm to Make Persistent Security and Quality of Image in Steganography from RS Analysis

Improved RGB -LSB Steganography Using Secret Key Ankita Gangwar 1, Vishal shrivastava 2

ENHANCED SECURITY SYSTEM USING SYMMETRIC ENCRYPTION AND VISUAL CRYPTOGRAPHY

Dynamic Collage Steganography on Images

What You ll Learn Today

STEGANOGRAPHY. Sergey Grabkovsky

ISSN (PRINT): , (ONLINE): , VOLUME-4, ISSUE-11,

Secure Image Steganography using N-Queen Puzzle and its Comparison with LSB Technique

ELTYEB E. ABED ELGABAR

The Strengths and Weaknesses of Different Image Compression Methods. Samuel Teare and Brady Jacobson

Concealing Data for Secure Transmission and Storage

Performance Improving LSB Audio Steganography Technique

DESIGNING EFFICIENT STEGANOGRAPHIC ALGORITHM FOR HIDING MESSAGE WITHIN THE GRAYSCALE COVER IMAGE

HSI Color Space Conversion Steganography using Elliptic Curve

Hiding And Encrypting Binary Images Using A Different Approach

Data Hiding Technique Using Pixel Masking & Message Digest Algorithm (DHTMMD)

Resampling and the Detection of LSB Matching in Colour Bitmaps

Data Security Using Visual Cryptography and Bit Plane Complexity Segmentation

Image Compression Supported By Encryption Using Unitary Transform

FPGA Implementation of Secured Image STEGNOGRAPHY based on VIGENERE CIPHER and X BOX Mapping Techniques

UFO over Sao Bernardo do Campo SP Brazil Observations in red by Amanda Joseph Sept 29 th 2016

VARIABLE-RATE STEGANOGRAPHY USING RGB STEGO- IMAGES

The next table shows the suitability of each format to particular applications.

Secure Spread Spectrum Data Embedding and Extraction

Hiding Image in Image by Five Modulus Method for Image Steganography

Byte = More common: 8 bits = 1 byte Abbreviation:

A New Representation of Image Through Numbering Pixel Combinations

FPGA implementation of LSB Steganography method

Digital Investigation

Multimedia. Graphics and Image Data Representations (Part 2)

ScienceDirect. A Novel DWT based Image Securing Method using Steganography

Integer Wavelet Bit-Plane Complexity Segmentation Image Steganography

CSE 3482 Introduction to Computer Security.

ENHANCED SECURITY SYSTEM FOR REAL TIME APPLICATIONS USING VISUAL CRYPTOGRAPHY

A NOVEL APPROACH OF IMAGE STEGANOGRAPHY FOR SECRET COMMUNICATION USING SPACING METHOD

Implementation Of Steganography For Business Documents Security Using Discrete Wavelet Transform Method

Image Steganography using Sudoku Puzzle for Secured Data Transmission

Topics. 1. Raster vs vector graphics. 2. File formats. 3. Purpose of use. 4. Decreasing file size

Improved Quality of Image Steganography Using POLPA

Block Wise Data Hiding with Auxilliary Matrix

AN ENHANCED EDGE ADAPTIVE STEGANOGRAPHY APPROACH USING THRESHOLD VALUE FOR REGION SELECTION

A Secure Robust Gray Scale Image Steganography Using Image Segmentation

Bitmap Steganography:

Exploration of Least Significant Bit Based Watermarking and Its Robustness against Salt and Pepper Noise

Secret Communication Using Image Steganography

Data Hiding Using LSB with QR Code Data Pattern Image

Ch. 3: Image Compression Multimedia Systems

Keywords Audio Steganography, Compressive Algorithms, SNR, Capacity, Robustness. (Figure 1: The Steganographic operation) [10]

Digital Image Sharing and Removing the Transmission Risk Problem by Using the Diverse Image Media

HYBRID MATRIX CODING AND ERROR-CORRECTION CODING SCHEME FOR REVERSIBLE DATA HIDING IN BINARY VQ INDEX CODESTREAM

A Novel Approach for Image Steganography Using Dynamic Substitution and Secret Key

Pixel Image Steganography Using EOF Method and Modular Multiplication Block Cipher Algorithm

Application of Histogram Examination for Image Steganography

Image Steganography by Variable Embedding and Multiple Edge Detection using Canny Operator

Transcription:

IJoFCS (2015) 1, 23-28 DOI: 10.5769/J201501003 or http://dx.doi.org/10.5769/j201501003 The International Journal of FORENSIC COMPUTER SCIENCE www.ijofcs.org Detection of Steganography using Metadata in Jpeg Files Don Caeiro 1, and Sanjana S 2 (1) Assistant Professor, Jain University, Bangalore, India, Email: doncaeiro@gmail.com (2) B.Sc. Forensic Science Student, Jain University, Email: sanju25.sanjana@gmail.com Abstract: Steganography is to conceal information in a carrier file or cover file. This is done to make secure communications without attracting attention of any other person except the sender and the receiver. This paper deals with digital steganography. The carrier file used in this study is JPEG images. The hidden data is in various formats like audio, video, plain text, and pdf formats. The cover image with hidden data in it is called the steganography file. The files were steganographed using various applications like Quick Stego, Invisible secrets, Our secret and Steg. When data is incorporated to the original file there will be changes done to the integrity of the file that is not visible on viewing the file. This data added is hidden in the file. Therefore there is possibility that the metadata of the file changes and hence metadata analysis can be done to detect steganography.. Key words: Steganography, metadata, digital forensics, Jpeg analysis, steganalysis, computer forensics, integrity, exif data. 1. Introduction Steganography is to conceal or lurk information in a carrier file or cover file. In order to relegate privacy, multitudinal methods have been established and incorporated. Steganography is hiding the text as it is in a cover file, which cannot be noticed by anyone. The advantage of steganography over cryptography is that the file does not gain attention of the public, as only the sender and the receiver are aware of the message embedded in it. Steganography involves a carrier file which holds the information that is to be hidden. The data to be hidden can be in any form like plain text, image, video etc. The carrier file along with the embedded data is the stego-carrier. Steganalysis is the ability to detect the embedded message in the digital media concealed by steganography and recognizing the steganographic algorithms. 2. Types Of Steganalysis: 1. Visual detection: The original file and the steganography files are compared for any visual differences with the naked eye. Repeated patterns or small distortions may reveal the presence of the secret message. 2. Statistical detection: The statistics of an image are altered as information is embedded into it. This method identifies the underlying statistics of Paper submitted on: October 26 th, 2015

24 Detection of Steganography using Metadata in Jpeg Files the file and detects the hidden data in the file. There are two types of statistical analysis: a) Specific statistical steganalysis: These techniques are determined by going through the embedding operation and certain image statistics. Such techniques need more knowledge about the embedding process. b) Universal statistical steganalysis: This technique uses the statistical steganalysis method that is not made for a specific steganography embedding method. This study does not use the above techniques and this has been briefed just to throw light upon the existing techniques. Structural detection technique, which has been explained below is the technique used for the analysis in this study. 3. Structural detection: Structural detection is done by comparing the metadata of the original file and steganography file. There will be noticeable changes in the values of the attributes like file size, comment, bit rate, etc. Metadata can be described as data about data. It gives additional information about certain file s content. For example, in an image file, it gives information about color depth, image height, image width, dimension unit, mime type, en process etc, it also includes data about when the file was created, last accessed and modified. Few attributes are explained below: 1. File type: File type describes how the data has been stored in the file, i.e. the structure and contents of the file. Each file type has an extension. Few image file types are JPEG, BMP, PNG, GIF, and TIFF. 2. MIME: MIME stands for multi-purpose internet mail extension. This is a standard way of classifying files. MIME has two parts: a type and sub type. For example, an image file has a image/jpeg 3. Resolution: It is the number of pixels in the image usually represented in (width x height) like 2000 x 3000 pixels. It may also be given in the total numbers of pixels like 4 megapixels. 4. En process: It is the process of putting the sequence of characters like numbers letters or symbols in a particular digital format for efficient transmission. Few types of en methods are: a. Baseline en: This method usually encodes in lossy format which means some original information of the image or part of the image data is lost or cannot be restored. b. Progressive en: In this en method, the data is compressed in multiple passes of progressively higher detail, which is ideal for larger images. 5. Bit depth: It tells us the number of colors in an image s color palette. Higher the bit depth, more colors the image can store. 3. Methodology Four applications used for steganography were downloaded. The four applications are Invisible secrets, Quick stego, Our secret, and Steg. For metadata extraction, Exif tool and Jeffrey's Exif Viewer were used. Twenty JPEG files were segregated in a separate folder called original files. Separate folders were made under the folder original files for different applications used for steganography and five files were put in each folder for steganography. This was done to monitor which tool was used to conduct steganography a particular image. Then another folder called steganography files was created. Under this folder, another four folders in the name of the four applications used for steganography was created so that the file can be directly saved in that respective folder after performing steganography. Then the original files were processed using the steganography tools and were saved in their respective folders. The data hidden in the images were randomly selected. The data used for hiding is in different formats like plain text, audio, video, and pdf formats. The data hidden in each image was noted down. This completes the process of steganography. The next step is to extract metadata of the original file and the steganography file and compare them for changes in the properties of the files. The metadata has to be extracted from forty files, i.e. twenty original files and twenty steganography files. First the metadata of the original file was extracted using exif tool. Next the metadata of the same file which was Steganographed was extracted. Since the data extracted from this application cannot be copied, screenshots were taken and saved. The same process was done with all the forty files and

Don Caeiro and Sanjana S 25 screenshots were taken. After this, the metadata was extracted using Jeffrey s Exif Viewer online tool. The same process was carried out. The metadata was extracted from the original file and its identical steganography file. The extracted metadata was noted down. This was done for all the forty files. The metadata extracted from two tools was compared. They were same and few additional attributes were found for few files. The metadata extraction was complete. The metadata was tabulated and compared for analysis. Structural detection method has been used in this study, i.e. the changes in properties of the file like resolution, bit depth, file size, en process and so on for Steganalysis. There were changes observed in the properties of the file and they have been discussed below. 3. Findings 1. Invisible secrets: The five files processed using invisible secrets have shown few similarities. There are changes in the file size. It loads a comment when there is no comment in the original file. If a comment is already present in the original file, the comment is changed. It does not alter any other attributes. The differences in file size are very large which indicates steganography. However, JPEG images with large file size arises suspicion on the image. Table 1.1: Showing metadata of image 5 steganographed with Invisible Secret. ATTRIBUTE S ORIGINAL FILE File 1,440 900 JPEG (1.3 megapixel s) 168,854 bytes (165 kilobytes) STEGANOGR APHED FILE 1,440 900 JPEG (1.3 megapixel s) 816,342 bytes (797 kilobytes) JFIF Version 1.01 1.01 Resolution 1 pixels/none 1 pixels/none File Type JPEG JPEG MIME Type image/jpeg image/jpeg En Pro cess Baseline DCT, Huffman Baseline DCT, Huffman Bits Per Sam ple 8 8 Color Compo 3 3 nents File Size 165 kb 797 kb Image Size 1,440 900 1,440 900 Y Cb Cr Sub Sampling YCbCr4:2:0 (2 2) YCbCr4:2:0 (2 2) Comments CREATOR: %a2%8c0b!% gd-jpeg v1.0 a9%8e%ac%a (using IJG 2%cb%f5xN1~ JPEG v62), %ae%fb%92% quality = 90 10] %17%15% e3%fe%e2%b9 %14%a5%f2% e6%11%8f%a2 %8b%b9%db %cch.%ff%0f% c4ew%18%8fk w%a7%8d%b0 >v%cc%81%8 b%c8q%caf.% ba%d7a%9br %ed%ca%b81 <%d2%db%18 %a0%f7g[%f3 U]%8ef%aa%a a%aa%aa%0f.t mn%00%00% 00t%e0 1. Our secret: The five files were subjected to steganography using Our Secret has differences only in one attribute, i.e. file size. It has not made any changes to en process, resolution, creator tool, original document ID and file type, which makes it difficult to suspect steganography. The difference in the file size depends on the size of the data hidden. 2. Quick Stego: The five files were processed using Quick Stego have shown differences in few attributes. The main difference is the change in file format. The original files are in JPEG format and the output image after steganography is in BMP format. The MIME type also differs due to the change in file type. The file size also varies and the differences are large. Few attributes like compression, bit depth and planes have been found in the steganography files which may be added due to the change in file type. Other attributes like en process, bits per sample, color

26 Detection of Steganography using Metadata in Jpeg Files components, resolution which was there in the original file has not been found in the steganography file. Table 1.3: Showing metadata of image 5 steganographed with Quick Stego 3. Steg: The five files were processed using Steg has shown differences in few attributes. The major difference is the en process. The original files have Progressive DCT, Huffman en and the en process in the steganography files have been changed to Baseline DCT, Huffman en. The Progressive DCT, Huffman en is used in larger images with more clarity. Here the en is changed to Baseline DCT, Huffman en which has less clarity. Table 1.2: Showing metadata of image 5 steganographed with Our Secret ATTRIBUTE S ORIGINAL FILE File 200 200 JPEG 9,042 bytes (9 kilobytes) JFIF Version 1.00 1.00 Resolution 150 pixels/inch File Type JPEG JPEG STEGANOGRAPH ED FILE 200 200 JPEG 9,254 bytes (9 kilobytes) 150 pixels/inch MIME Type image/jpeg image/jpeg En Pr ocess Baseline Baseline DCT, DCT, Huffman Huffman 8 8 Bits Per Sam ple Color Comp 3 3 onents File Size 8.8 kb 9.0 kb Image Size 200 200 200 200 Y Cb Cr Sub Sampling YCbCr4:2:0 (2 2) YCbCr4:2:0 (2 2) From table 4.4, we can say that the comment present in the original file cannot be found in the steganography file. The file size also differs but the difference is very less. The difference in file size is less because after selecting the carrier file, the software suggests the space available to hide data.

Don Caeiro and Sanjana S 27 3. Conclusion Invisible Secrets: The presence of the comment in the steganography file and the differences in the file size indicates that the files were steganography files. Table 1.4: Showing metadata of image 5 steganographed with Steg. ATTRIBUTES ORIGINAL FILE STEGANOGRA PHED FILE File 800 520 JPEG 161,822 bytes (158 kilobytes) JFIF Version 1.01 1.01 800 520 JPEG 192,573 bytes (188 kilobytes) Resolution 72 pixels/inch 72 pixels/inch File Type JPEG JPEG MIME Type image/jpeg image/jpeg En Proces Progressive Baseline DCT, s DCT, Huffman Huffman Bits Per Sample 8 8 Color Componen 3 3 ts File Size 158 kb 188 kb Image Size 800 520 800 520 Y Cb Cr Sub Sampling YCbCr4:4:4 (1 1) YCbCr4:4:4 (1 1) Our Secret: The difference in the file size indicates that the files were subjected to steganography. Quick Stego: There is a change in the file format from JPEG to BMP and hence the MIME type changes. The file size differs and there are few attributes added to the steganography file due to the change in file format. Few attributes present in the original file is also not present in the steganography file. All these changes indicate that the files have been subjected to steganography. Steg: The en process has been changed from Progressive DCT, Huffman en to Baseline DCT, Huffman en. The comment in the original file has not been found in the steganography file. There are differences in the file size. All these differences indicate that the files are steganographed. Therefore from this study it is observed that there are definite changes made to the metadata of steganography files. During computer forensic investigation, metadata analysis of suspected images can be done in order to detect steganography to a certain extent. Once a file has been detected to be a steganography file, it can further processed to be decrypted in order to obtain the hidden information. References [1] Adrian VASILESCU, B. R. (2007). Steganographically Encoded Data. [2] Arvind Kumar, K. P. (November 2010). Steganography- A Data Hiding Technique. Meerut, India. [3] Bateman, P. (4th August 2008). Image Steganography and Steganalysis. United Kingdom. [4] Cancelli, I. G. (May 13th, 2009). New techniques for steganography and steganalysis in the pixel domain. [5] Cheddad, A. (march 2010). Digital Image Steganography : Survey and Analysis of Current Methods. United Kingdom. [5] D.Streetman, K. Steganography-Art of Covert Communications. [6] Ekta Dagar, S. D. (May 2014). Comparative Study of Various Steganography Techniques. Faridabad, India. [7] Fridrich, J. Steganalysis of JPEG Images: Breaking the F5 Algorithm. Binghamton.

28 Detection of Steganography using Metadata in Jpeg Files [8] Goel, P. (May, 2008). Data Hiding in Digital Image : A Steganographic Paradigm. Kharagpur. [9] KUMAR, M. (2011). STEGANOGRAPHY AND STEGANALYSIS OF JOINT PICTURE EXPERT GROUP. FLORIDA. [10] Ling, L. S. (2005). Study of Steganographic Techniques for Digital Images. October. [11] peter bayer, h. w. (august 2002). Information hiding: steganographic content in streaming media. Sweden. [12] Richer, P. (2003). Steganalysis: Detecting hidden information with computer forensic analysis. [13] YANG, Y. (2013). Information Analysis for Steganography and Steganalysis in 3D Polygonal Meshes. Durham University.

2024 © hobbydocbox.com Privacy Policy | Terms of Service | Feedback