Over the centuries, there has been the need to transmit secret information between a sender and a receiver. So many techniques have been developed and used in order to achieve this aim. One popular technique is cryptography; an art that encodes information as a cipher and can only be accessed by the sender or a receiver that knows the decryption code. The mere sight of coded information raises a lot of curiosity and suspicion. Anybody interested in such information may then commence efforts at deciphering the code. In order to eliminate this development, there was the need to transmit covert information overtly. What if there is no indication to an observer that the information is a code? This birthed an art referred to as Steganography.
Steganography is an art of communication where secret information is sent openly by deceptively hiding the secret information through a medium that is open. The word steganography is of Greek origin and is roughly translated to mean “secret writing”. Many authors have used different terms and expressions to define this art of information hiding. (Tyagi et al., 1) described it as hiding the fact that communication is taking place by hiding information inside information. In whatever form it has been described, there is a data to be communicated covertly, referred to as the payload. The payload is hidden in an object (a file, another data etc.) which is referred to as the carrier while the resulting file containing the payload and the carrier is referred to as the stego file or package. The overall effect of this is to ensure that the stego package bears no detectable or visible difference to the carrier such that a casual observer cannot suspect the presence of a hidden message (Morkel, Eloff and Olivier 1).
As with most technologies, it has been used both legitimately and otherwise in industry, espionage, protection of intellectual property rights, terrorism and so many other areas. The subsequent sections of this paper will elaborate on the techniques used in steganography and the various applications of the technology.
- Techniques of Steganography
The techniques involved in steganography can be broadly classified into Physical and Digital techniques. The majority of the techniques under the physical category are historical cases of the use of steganography before the digital age. Those under the digital category are obviously those driven by the digital and information revolution that has taken over the world. The various techniques under these two broad categories will be considered in the following section.
2.1 Physical Techniques of Steganography
The use of physical forms of steganography dates back to early historical times mostly in military applications or better still, in times of war. In fact the very first recorded historical use of this art of overt secret communication was used with a wooden wax tablet. In the olden days, wax tablets were used to write multiple times by erasing the wax and reusing the tablet. A certain man named Demaratus used this wax tablet to alert the Greek of an impending attack by first writing the message (payload) on the wax tablet and then covered it with wax to put the carrier.
Messages were also concealed under the area that is covered by postage stamp on an envelope. Of course, this was also easily done in the olden days since a postage stamp accompanies the envelope to its destination and is not expected to be removed from the envelope while in transit. Only the sender and the intended recipient will expect to find a message there, and thus no suspicion is drawn towards such a stego package.
Furthermore, the use of secret inks to write secret messages on other text appearing normal to an unsuspecting observer also enjoyed widespread use. The writings with the secret ink can only be revealed when such is observed under a special kind of lighting – ultraviolet (uv) light. The payload is written either directly on the carrier text or written in the spaces in-between the text. This method was also not easy to detect, unless an observer has suspected the communication between the sender and receiver, and then subjects such a stego package to scrutiny under the appropriate lighting.
Another method of physical steganography that could easily escape detection was the use of Morse code in blinking of the eye. The genius in this method is that Morse code in itself is a cipher that not many can decode. For this cipher to be transmitted in an overt secret manner makes it even more difficult to suspect.
The list of the methods that have been employed in physical steganography techniques is endless. The ones discussed above have been selected in order to make obvious the fact that any method can be used for physical steganography. Even a novel approach is welcome. As long as the method or approach conceals a secret message in another message that hides the secret message from an observer.
2.2 Digital Steganography
The methods classified under digital steganography are the methods that make use of computers and related technologies to hide data within data.
Figure 1: techniques of steganography
Five major techniques have been identified under this category based on the carrier used for the stego package. These are
- Network Protocol
2.2.1 Textual Steganography
The simplest method of concealing a secret message in the body of a text under the digital technique is to change the colour of the font in which the secret message is written to the background colour of the document. This is no need for special software to do this. It is achieved with the use of a text editing software which is readily available on personal computers. The hidden message only appears as blank space since the font colour matches the background colour. The presence of a hidden message in the document will go unnoticed to the casual observer.
The font type, font size and spacing of a cover text can be modified to carry secret message. This can also produce a stego file with subtle changes that will not be obvious to a casual observer. Only a person that understands the technique used will be able to recover the hidden message.
Another form of the use of text in steganography entails replacement of phrases of the secret message by a totally different one. This technique creates a stego file that may not be syntactically coherent. This invites suspicion that a covert communication may be ongoing and does not uphold the basic principle of steganography – concealing the presence of communication. A software application that does this is Texto. There is however another technique that raises less suspicion but it generates quite a lot of text from a phrase containing a few words. It generates a spam message that contains the hidden message. Since this message looks like a normal spam message, it is less obvious that covert communication is taking place.
2.2.2 Image Steganography
In image steganography, still image is used as the carrier for the hidden payload and produces an image stego file. There are many different approaches to using an image as the carrier of a hidden message. These include distortion techniques, statistical methods, image element modification, image generation and palette embedding.
Before examining the techniques in detail, a quick description of the characteristics of an image will suffice. Images are composed of picture elements referred to as pixels. A pixel is made up of a combination of the three primary colours of Red, Green and Blue each in different concentration and number of bits. This is also known as the RGB model. For a 24bit bitmap image, a pixel is 24 bits and each of the Red, Green and Blue elements are 8 bits in size. Slight modifications of the number of bits of a pixel in an image cannot be detected by the human eye. The different image formats in use (JPEG, PNG, GIF, BMAP etc) also have different peculiar characteristics that are useful such as the header information. The two image compression schemes used are lossy compression and lossless compression. In lossy compression, some elements of the image which are difficult for the human eye to identify are removed to save storage space. This is used where the preservation of the original image in its exact form is not important. Lossless compression on the other hand preserves the original image.
In all of these, it is evident that the particular technique used is made to exploit a particular characteristic of the image to be used as the carrier.
One technique that is widely used and has different variants of it is the Least Significant Bit (LSB) modification. The Least significant bit of the pixels of an image is considered as random noise and thus does not have an effect on the image. In hiding the message, the LSBs are changed totally or undergo a little modification to carry the hidden information. Since all the pixels of the image are used in this scheme, the hidden information is highly susceptible to loss especially when the stego image is subjected to lossy compression.
Using the distortion techniques of image steganography, a series of modifications which correspond to the message to be sent is applied to the carrier image (Katzenbeisser, 2000). To extract the message, the original message is compared to the stego image to check the differences in the two images. This difference is the hidden message to be retrieved. In this technique, the original image has to be sent to the receiver alongside the stego image.
In the file embedding technique, the data is hidden in the header structure of an image file or at the end of the file. This method is used because in most image file formats, information can be appended to the end of the file or hidden in the header structure without affecting the image.
Image generation techniques apply a totally different approach. The message text to be secretly transmitted is converted into picture elements and then combined in an image file.
In image element modification, the elements (or objects) of the image are adjusted in a way that is undetectable (Bender et al, 2011). For instance, modifying the eye colour of a person as it appears in an image to carry hidden information. This technique is also difficult to suspect and the hidden message survives image modifications such as cropping, rotations and lossy compression.
2.2.3 Audio Steganography
The use of audio steganography is based on the range of frequencies that human ears can hear. The human ears can hear any sound between the 20Hz and 20 kHz range. Anything outside of this range will be imperceptible to the human ears. The hidden information is either embedded in the file through encryption or appended to the end of the file.
The Least Significant Bit (LSB) modification technique can also be used for audio steganography as applied for image steganography. However unlike image steganography, the effect of the LSB modification is evident in the form of noise in the stego file.
The detection and retrieval of the hidden message is done using a frequency spectrum analyzer or by calculating the total amount of data required to produce the same audible spectrum over that time interval. The second approach will require the original file for decoding. The use of audio files for steganography is more difficult than the use of image files.
Phase coding of audio files exploit the fact that the human ears cannot detect changes in the phase of sound signals the way it can detect noise. The bits of the secret message are then encoded as phase shifts in the phase spectrum of a digital signal.
2.2.4 Video Steganography
Video files are made up of images and audio. Most of the techniques involved with the use of images and audio for steganography also apply to the use of video files for steganography. The hidden message is embedded in a video sequence as the carrier.
A video stream is made up of frames and the secret message is hidden in the frames. Some forms use the LSB where the secret message is encrypted with a key before it is embedded in an AVI format carrier video file.
A method using Hash based LSB technique as described by (Dasgupta, Mandal and Dutta 3) used the number of frames, frame speed, frame height and width information extracted from the header of an AVI video file to break it into frames. 8 bits of the message is taken at once and distributed 3 its on the Red component, 3 bits to the Green component and 2 bits to the Blue component of the LSB of the frames. The Blue component takes only two bits because the human eye is more sensitive to the Blue component than to the Red and Green components. This makes it possible to evade detection by a casual observer and increase the volume of payload. The size of data that can be hidden in a stream of video bits is increased compared to other forms of data hiding that have been considered. Due to the relative complexity of the video file, it is more secure and more difficult to detect the presence of hidden messages (Dasgupta, Mandal and Dutta 1).
2.2.5 Network Protocol Steganography
This technique exploits the nature of a network protocol to hide secret information. One such protocol that is used is the Transmission Control Protocol / Internet Protocol (TCP/IP) over a network infrastructure. A unit of information communicated over a network is referred to as datagram. Each datagram in a TCP/IP network carries control information in its header to help in routing the data to the correct destination. The fields in the header for the information include the source address, destination address, offset, Protocol, flags etc. Some network protocol steganography schemes make use of the flags and identification fields of the header of an IPv4 datagram (Das et al., 7). The bits corresponding to the hidden message are transmitted with the redundant bits in fields of the header being used. Using the redundant bits in the fields of the header makes it also difficult to detect the existence of the hidden message and the volume of payload can be considerably large.
2.3 Applications of Steganography
Just like any other technology or innovation, it is used legitimately and it is also exploited by mischief makers.
Steganography can be used by individuals to exchange information from a sender to a receiver. One of the legitimate uses of steganography is in modern printing. The pages printed by such printers contain tiny extra yellow dots that are not visible to the human eye. These tiny dots are coded to carry the printer serial numbers and date and time stamps. This is useful in forensic investigations to trace the ownership of a printer from which a particular document has been printed.
It is used in military operations and intelligence gathering. In fact the first recorded historical use of this art was to communicate military strategy. Intelligence bureaus also make use of the art to gather useful information.
Furthermore, terrorist organisations have also been identified as using steganography to communicate hidden messages using digital techniques amongst their members in the public domain like the internet.
The process of detecting steganography, extracting the hidden message or destroying it to prevent extraction of the hidden message by a third party is termed steganalysis (Dickman, 6). Perhaps the most important step involved in steganalysis is first estimating the probability that a file is a stego package without a prior knowledge of the structure of the original form of the carrier. It must be stated however that a prior knowledge of the carrier will facilitate faster detection of steganography. Statistical analysis of the stego package plays an important role in predicting and detecting the presence of hidden information.
The detection techniques in textual steganography will involve the determination of the frequency of some words or letters, the logic and semantic continuity of the message, the message context, the grammar style and readability of the message.
Image discovery methods include creating a statistical profile of natural compressed images and checking the profile to compare with a stego image.
Steganography as an art of sending covert messages in an overt manner in its various forms have been examined. The digital age has improved the use of the art over the non-digital forms that date as far back as 440 BC. The digital techniques employ digital text, image files, audio files, video files and network protocol vulnerabilities to serve as carriers for the secret message. Whatever form is being employed to practice this art must take into consideration the basic principles involved and the ultimate goal of steganography. These include non-detection of the existence of covert communication to a casual observer, robustness of the method to survive attempts to remove the message and thus prevent loss of the hidden message and the payload capacity to allow a high volume of hidden data communication. This art finds great use in different areas of human endeavour. To stem the illegitimate use, steganalysis aims at detecting the presence and eliminating hidden messages in a carrier.
Das, Soumyendu, Das, Subhendu, Bandyopaddhyay Bijoy and Sanyal, Sugata. Steganography and Steganalysis: Different Approaches. Web. Accessed on 27 Oct, 2013. Available at http://www.tifr.res.in/~sanyal/papers/Soumyendu_Steganography_Steganalysis_different_approaches.pdf
Dasgupta, Kousik, Mandal, J.K. and Dutta, Paramartha. "Hash Based Least Significant Bit Technique for Video Steganography (HLSB)." International Journal of Security, Privacy and Trust Management (IJSPTM). 1.2 (2012): 1-11. Electronic.
Dickman, D. Shawn. “An Overview of Steganography.” Computer Forensics Term Paper, James Madison University. (2007). Electronic
Morkel, T, Eloff J.H.P. and Olivier M.S. "An Overview of Image Steganography." in Proceedings of the Fifth Annual Information Security South Africa Conference (ISSA2005), Sandton, South Africa, ( 2005): 1-12. Published electronically.
Tyagi,Vikas, Kumar Atul, Patel Roshan, Tyagi Sachin and Gwangwar, S. Saurabh. “Image Steganography Using Least Significant Bit with Cryptography.” Journal of Global Research in Computer Science. 3.3 (2012): 53-55. Electronic.