Hiding in plain sight: Examining support for steganographically hidden content on the internet

Similar documents
CHAPTER 1 INTRODUCTION

Safer data transmission using Steganography

STEGANOGRAPHY: TEXT FILE HIDING IN IMAGE YAW CHOON KIT CA10022

Alaa Alhamami, Avan Sabah Hamdi Amman Arab University Amman, Jordan

Online Voting System Powered by Biometric Security using Cryptography and Stegnography

Hiding Tracks on the Net

International ejournals

A Concept of Digital Picture Envelope for Internet Communication

Steganography- A Data Hiding Technique

Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography

Keywords Decryption, Encryption,password attack, Replay attack, steganography, Visual cryptography EXISTING SYSTEM OF KERBEROS

INTERNATIONAL JOURNAL OF APPLIED ENGINEERING RESEARCH, DINDIGUL Volume 1, No 3, 2010

Leonardo Hotels Group Page 1

Course Title: Computer Forensic Specialist: Data and Image Files

The Danger of Data Exfiltration over Social Media Sites

Multi-factor Authentication in Banking Sector

Savitribai Phule Pune University

Security and protection of digital images by using watermarking methods

Steganography Detection for Digital Forensics

Digital evidence obfuscation: recovery techniques

Connected from everywhere. Cryptelo completely protects your data. Data transmitted to the server. Data sharing (both files and directory structure)

USM Web Content Management System

Layar Privacy Policy

by Ian Brown and Brian Gladman

Is your data safe out there? -A white Paper on Online Security

Welcome to ncrypted Cloud!... 4 Getting Started Register for ncrypted Cloud Getting Started Download ncrypted Cloud...

Chap. 1: Introduction

Institute of Southern Punjab, Multan

Privacy Policy Version 1.0, 1 st of May 2016

TETRA Security for Poland

AN ENHANCED MECHANISM FOR SECURE DATA TRANSMISSION USING STEGANOGRAPHY MERGED WITH VISUAL CRYPTOGRAPHY

Online Voting System Using Three Factor Authentication

Entrust Managed Services PKI. Getting started with digital certificates and Entrust Managed Services PKI. Document issue: 1.0

PINAL COUNTY POLICY AND PROCEDURE 2.50 ELECTRONIC MAIL AND SCHEDULING SYSTEM

introducing COMPUTER ANTI FORENSIC TECHNIQUES

BEST GRADUATE INITIATIVE - KPMG

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?

Secret Communication through Web Pages Using Special Space Codes in HTML Files

Covert Channels. Some instances of use: Hotels that block specific ports Countries that block some access

DEVELOPING SECURED INTEROPERABLE CLOUD COMPUTING SERVICES

End-User Reference Guide

End-User Reference Guide

End-User Reference Guide

Digital Identity & Authentication Directions Biometric Applications Who is doing what? Academia, Industry, Government

Protect Your Online Footprint. HINTS & TIPS provided by MWR InfoSecurity and the Data Baby project

Image Information Hiding: An Survey

Welcome to ncrypted Cloud!

A Secure Data Transmission By Integrating Cryptography And Video Steganography

Triple Security of Information Using Stegnography and Cryptography

Professional Ethics for Computer Science

Identifying and Cracking Steganography Programs

A Model-based Methodology for Developing Secure VoIP Systems

AN OVERVIEW OF IMAGE STEGANOGRAPHY

Study on Image Steganography Techniques

INTRODUCTION We respect your privacy and are committed to protecting it through our compliance with this privacy policy.

Trend Micro Hosted Security. Best Practice Guide

Mac OS X User Manual Version 2.0

FMGateway by FMWebschool

Practice Exercise March 7, 2016

1110 Cool Things Your Firewall Should Do. Extending beyond blocking network threats to protect, manage and control application traffic

Quick Start Guide. Cerberus FTP is distributed in Canada through C&C Software. Visit us today at

Information Security Basic Concepts

Reducing Threats

Genie Gateway Buyer s Guide. Introducing the Features, Functions & Tools

Social Media Policy. Policies and Procedures. Social Media Policy

Seagate Dashboard User Guide

Security Digital Certificate Manager

MovieLabs Specification for Enhanced Content Protection Version 1.0

Security Digital Certificate Manager

Keep Yourself Safe from the Prying Eyes of Hackers and Snoopers!

Michael Seltzer COMP 116: Security Final Paper. Client Side Encryption in the Web Browser Mentor: Ming Chow

Encryption Key Best Practices Nasuni Corporation Natick, MA

Information Security Policy. Appendix B. Secure Transfer of Information

Spreed Keeps Online Meetings Secure. Online meeting controls and security mechanism.

EBMS Secure . February 11, 2016 Instructions. Version 2

Wakefield Council Secure and file transfer User guide for customers, partners and agencies

Secure File Exchange

Privacy Policy/Your California Privacy Rights Last Updated: May 28, 2015 Introduction

Risk Free Instant Messaging

Forrestville Valley School District #221

CAMBRIDGE GCSE MATHEMATICS ONLINE TERMS OF USE

Steganography and Visual Cryptography in Computer Forensics

Cyber solutions for the fight against crime

MULTIFACTOR AUTHENTICATION FOR SOFTWARE PROTECTION

Electronic business conditions of use

The Hepldesk and the CLIQ staff can offer further specific advice regarding course design upon request.

Hang Seng HSBCnet Security. May 2016

Image Authentication Scheme using Digital Signature and Digital Watermarking

Annual Continuing Education (ACE) (Print version) Information Privacy and I.T. Security and Compliance

Sending and Receiving Secure with Berea365

A Guide to Mobile Security For Citizen Journalists

On Covert Data Communication Channels Employing DNA Steganography with Application in Massive Data Storage

Exchange 2003 Standard Journaling Guide

SHARPCLOUD SECURITY STATEMENT

Pretty Good Privacy (PGP)

PCI Security Compliance in KANA Solutions How KANA Applications Helps Companies Comply with PCI Security Standards

Secured Global Communication version 4.6

CREDIT CARD SECURITY POLICY PCI DSS 2.0

For all other applications, including new applications, please visit

Secure - Customer User Guide How to receive an encrypted

Transcription:

Hiding in plain sight: Examining support for steganographically hidden content on the internet Author: Vivek Kaushik Fraud Management and Digital Forensics COE Enterprise Security and Risk Management, TCS

1. Introduction Steganography is the practice of hiding a message or a file within another file so that only the sender and receiver know of its existence. It may also involve the use of cryptography, where the secret message/file is encrypted before being hidden. The objective is to ensure that transmission of secret data remains unsuspected and undetectable. Unlike encrypted files, steganographically hidden messages do not attract attention or arouse suspicion. Steganography is both an art and a science. As a science it has evolved with advancement in technology, hiding techniques & tools, and as an art it has evolved with ingenuity of man. This advancement has made it easy for anyone to practice it from anywhere on the planet. There are useful applications of steganography like digital In October 2011, the New York watermarking for copyright protection, however, it is an Times published an article equally potent tool for unlawful activities. It can be suggesting that Al-Qaeda had used instrumental in communicating information and instructions steganography and instructed its from handlers to terrorists, in siphoning out confidential terrorists that all their information without detection, and so on. On the other hand, communications were to be made what is important for digital forensic examiner is, to identify through pictures posted on the suspected tool, technique and algorithm used for hiding the Internet. data, determine whether or not any payload has been encoded in it, and to, recover that payload to the extent possible. This is popularly called Steganalysis. The internet presents countless avenues to upload, share, host, and download files that could be potentially used as carriers of secret messages. This could be a nightmare for law enforcement, security agencies and forensic experts across the world. This article presents an approach to examine whether a website allows support for steganographically hidden content by evaluating a varied mix of social media sites, image hosting sites, media sites and a few easily available steganography tools. 2. Requirements for hiding data Apart from the data to be hidden, other requirements to steganographically hide data are: 1. A carrier file/ cover channel (which is a non-secret file that does not arouse suspicion) 2. Hidden file/ information of size less than carrier file ( depends upon the algorithm) 3. An algorithm to hide the data in the carrier file 4. A means to transfer the file to the recipient

2.1. Carrier file and secret data: There could be various possible combinations of secret data hidden inside a carrier file, some typical examples could be: 1. Hiding a text message in an image file (.bmp,.gif,.jpg) 2. Hiding a text file (.txt) in an image file 3. Hiding an image file inside another image file 4. Hiding a text message, txt file or image file inside an audio file (.mp3,.wav) 5. Hiding a text message inside a video file (.3gp,.mp4) This article, examines text message,.txt files and.jpg files as hidden messages inside image, audio and video files 2.2. Steganography tool: There are several steganography tools available on the internet such as Quick Crypto, Invisible Secrets 4, StegoMagic, MP3Stego, MobiStego, Stegais etc. This article, examines Quick Crypto, Invisible Secrets 4 and Stego Magic as Steganography tools 2.3. Transmission medium: The internet can be used as a very effective medium of transmission. There are several websites that allow uploading digital content like pictures, audio files and video files. Some websites even allow unregistered uploads and downloads. This article, examines facebook, youtube, soundcloud, tinypic, postimage, imgur, okcupid, clownbasket, and picosong websites 3. Approach to examine support for steganographically hidden data The approach mentioned in this section is a general approach that can be undertaken to examine whether a website supports steganographically hidden data. For the purpose of illustration, only a few representative websites and tools have been chosen in this article, however, other tools and websites and can be evaluated using the same approach. Select a website to be examined, and select a carrier file that can be uploaded on the target website Create a secret message / txt file / image file to be hidden inside the carrier file Use a steganography tool and hide the secret data inside the carrier file Upload the loaded carrier file on the website Download the file (preferably from another account or anonymously) and try to recover hidden data

If the hidden message / file is recovered back then it can be inferfed that the website does not validate / edit/ strip the uploaded content and can be used for transmitting hidden data steganographically. 4. Examining support for steganographically hidden data 4.1. Image based websites There are numerous websites that allow uploading of images which can be downloaded by others. This article examines the following websites: Facebook.com Postimage.org Imgur.com Okcupid.com Tinypic.com 4.1.1. Selecting a website, tool and carrier file: For the purpose of illustration, shown below is the tool InvisibleSecrets 4 and website tinypic.com. The carrier file chosen is a jpg image of female fireflies called jugni.jpg 4.1.2. Secret message / file to be hidden: A text file called secret.txt with a secret hidden message is chosen to be hidden.

4.1.3. Hiding the secret data in the carrier file: Secret.txt is hidden in jugni.jpg using InvisibleSecrets 4. It is encrypted before being hidden and the password provided is jugni 4.1.4. Uploading the loaded carrier file on the website: The file is uploaded on tinypic.com. The website provides a unique address for every image uploaded, which can be used to view / download it.

4.1.5. Downloading and recovery of hidden data: The file was downloaded from its address and InvisibleSecrets 4 was used to recover the secret.txt from the jpg file. The hidden file was successfully recovered and the message was read. 4.1.6. Analyzing the results: It was found that tinypic.com and postimage.org support steganographed content, whereas Facebook, imgur and okcupid perform certain validations / modifications /striping where the carrier files is changed and the hidden message couldn t be recovered from the downloaded carrier file. Tinypic and postimage can also be accessed from TOR browser to maintain anonimity. However, there is a dependency involved in downloading content from both these website. The dependency is that there is a link created for every image uploaded and that link has to be shared with anyone who wants to download the image. These uploaded pics cannot be readily searched by anyone. Hidden content type /recovery status Facebook imgur okcupid tinypic postimage text no no no yes yes text file (.txt) no no no yes yes image file (.img) no no no yes yes

4.2. Audio based websites There are numerous websites that allow uploading of audio content which can be downloaded by others. This article examines the following websites: Soundcloud.com Clownbasket.com Picosong.com 4.2.1. Selecting a website, tool and carrier file: For the purpose of illustration, shown below is the tool quick crypto and website clownbasket.com. The carrier file chosen is an mp3 file called qc mp3 with m.mp3 4.2.2. Secret message / file to be hidden: A secret hidden message was chosen to be hidden inside the mp3 file. 4.2.3. Hiding the secret data in the carrier file: The secret message is hidden inside qc mp3 with m.mp3 using quick crypto.

4.2.4. Uploading the loaded carrier file on the website: The file is uploaded on clownbasket.com. The website requires registration prior to allowing uploading and downloading of content on the website. A band was created by the name of dj dd1 and the file title was given as dj dd1 qc mp3 4.2.5. Downloading and recovery of hidden data: The mp3 file was downloaded from its address and quick crypto was used to recover the secret message hidden in the mp3 file. The hidden file was successfully recovered and read.

4.2.6. Analyzing the results: It was found that it was not possible to recover the hidden message from content posted on soundcloud and picosong, however, clownbasket supported content with steganographic content and the hidden message could be successfully recovered. Clownbasket.com is accessible from a TOR browser, anyone can register on it with a false name and address and it allows anyone to search a song by its name or its band name and download it from anywhere on the internet. Hidden content type /recovery status soundcloud picosong clownbasket text no Yes Yes text file (.txt) no Yes Yes image file (.img) no yes Yes

4.3. Video based websites There are several websites that allow uploading of video content which can be downloaded by others. This article examines one such famous website called Youtube.com 4.3.1. Selecting a website, tool and carrier file: For the purpose of illustration, shown below is the tool StegoMagic and website Youtube.com. The carrier file chosen is a 3gp file called evolution of steganography.3gp 4.3.2. Secret message / file to be hidden: A secret text file is chosen for hiding inside the 3gp file. 4.3.3. Hiding the secret data in the carrier file: The secret txt file is hidden inside evolution of steganography.3gp using StegoMagic. The loaded carrier file is called sv.3gp 4.3.4. Uploading the loaded carrier file on the website: The file is uploaded on youtube.com. This uploaded file can be searched by name by any user and can be downloading using popular youtube downloading tools. One such tool youtube audio and video downloader addon for firefox was used to download the uploaded video in the same format and quality.

4.3.5. Downloading and recovery of hidden data: The 3gp file was downloaded in the same format and quality but the hidden text file could not be extracted successfully from the downloaded 3gp file. 4.3.6. Analyzing the results: It was found that it was not possible to recover the hidden file successfully from content posted on youtube.com

5. Conclusion Various websites were examined and some were found to allow steganographically hidden content to be hosted and downloaded. It was also found that all such websites are available on TOR making access anonymous and tracing difficult. Though law enforcement, security agencies and forensic experts worldwide are aware of this method of communication and have cutting edge Steganalysis tools and techniques to detect hidden content across websites, they have to keep evolving and upgrading their methods of detection and monitoring with the advent of new steganography tools and techniques. Equal attention needs to be paid to the countless new websites coming up every-day providing avenues for hosting steganographic content.

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information