4* National Conference on Telecommunication Technology Proceedings, Shah Alam, Malaysia
Information Hiding using Steganography
M. M Amin, M. Salleh, S . Ibrahim, M.R.Katmin,and M.Z.I. Shamsuddin
Faculty of Computer Science & Information Systems,
Universiti Teknologi Malaysia.
81300 Skudai, Johor, Malaysia.
Abstract - Due to advances in ICT, most of
information are kept electronically. Consequently,
the security of information has become a
fundamental issue. Besides cryptography,
steganography can be employed to secure
information. Steganography is a technique of
hiding information in digital media. In contrast to
cryptography, the message or encrypted message is
embedded in a digital host before passing it
through the network, thus the existence of the
message is unknown. Besides hiding data for
confidentiality, this approach of information hiding
can be extended to copyright protection for digital
media: audio, video, and images.
1. Introduction
The growing possibilities of modem
communications need the special means of security
especially on computer network. The network
security is becoming more important as the number
of data being exchanged on the Internet increases.
Therefore, the confidentiality and data integrity are
required to protect against unauthorized access.
This has resulted in an explosive growth of the
field of information hiding.
- In addition, the rapid growth of publishing and
broadcasting technology also requires an
altemative solution in hiding information. The
copyright of digital media such as audio, video and
other media available in digital form may lead to
large-scale unauthorized copying. This is because
the digital formats make it possible to provide high
image quality even under multi-copying. The
problem of unauthorized copying is of great
concem especially to the music, film, book and
software publishing industries. To overcome this
problem, some invisible information can be
embedded in the digital media in such a way that it
could not be easily extracted without a specialized
technique [I].
Information hiding is an emerging research
area, which encompasses applications such as
copyright protection for digital media,
watermarking, fingerprinting, and steganography
[Z].All these applications of information hiding are
quite diverse.
i. In watermarking applications, the message
contains information such as owner
identification and a digital time stamp, which
is usually applied for copyright protection.
0-7803-7773-7/03/$17.00 02003 IEEE.
ii. With fingerprint, the owner of the data set
embeds a serial number that uniquely identifies
him as the owner. This adds to copyright
information and makes it possible to trace any
unauthorized used of the data set.
iii. Steganography hides the secret message within
the host data set and its presence is
imperceptible.
In those applications, information is hidden
within a host data set and is to be reliably
communicated to a receiver. The host data set is
purposely corrupted, but in a covert way, and
designed to be invisible to an informal analysis.
However, this paper will only focus on information
hiding using steganography approach.
In section 2, we give an overview about
steganography in detail in order to avoid confusion
with cryptography since steganography is normally
interpreted as a synonym for cryptography. Section
3 discusses several sfeganographic techniquesn..
Section 4 describes an information hiding system
that was developed by using one of the
steganography techniques. Finally, section 5
outlines further work that will he carried out in the
near future.
2. Overview on Steganography
The word steganography comes from the
Greek Steganos, which means covered or secret
and -graphy means writing or drawing. Therefore,
steganography means, literally, covered writing.
Steganography is the art and science of hiding
information such that its presence cannot be
detected [3]. A secret information is encoded i n a
manner such that the very existence of the
information is concealed. Paired with existing
communication methods, steganography can be
used to carry out hidden exchanges.
The main goal of steganography is to
communicate securely in a completely undetectable
manner [4] and to avoid drawing suspicion t o t he
transmission of a hidden data [SI. It is not to keep
others from knowing the hidden information, but it
is to keep others from thinking that the information
even exists. If a steganography method causes
someone to suspect there is a secret information in
a carrier medium, then the method has failed [6].
21
 Until recently, information hiding techniques
received very much less attention from the research
community and from industry than cryptography.
This situation is, however, changing rapidly and the
first academic conference on this topic was
organized in 1996. Since then, there has been a
rapid growth of interest in steganography. This is
due to two main reasons [7]:
i. The publishing and broadcasting industries
have become interested in techniques for
hiding encrypted copyright marks and serial
numbers in digital films, audio recordings,
hooks and multimedia products.
ii. Moves by various governments to restrict the
availability of encryption services have
motivated people to study methods by which
private messages can be embedded in
seemingly innocuous cover messages.
The basic model of steganography consists of
Carrier, Message and Password. Carrier is also
known as a cover-object, which embeds the
message and serves to hide its presence.
Basically, the model for steganography is
shown in Figure 1. Message is the data that the
sender wishes to remain it confidential. It can he
plain text, ciphertext, other image, or anything that
can be embedded in a hit stream such as a
copyright mark, a covert communication, or a serial
number. Password is known as a stega-key, which
ensures that only the recipient who knows the
corresponding decoding key will be able to extract
the message from a cover-object. The cover-object
- --
with the secretly embedded message is then called
the stego-object.
L3t-I
Stego-key,
Figure 1 -Basic Steganography Model
Recovering message from a stego-object
requires the cover-object itself and a corresponding
decoding key if a stego-key was used during the
encoding process. The original image may or may
not be required in most applications to extract the
message.
There are several suitable carriers that can he
used as the cover-object as listed below [SI:
i. Network Protocols such as TCP, IP and UDP.
ii. Audio that use digital audio formats such as
way, midi, avi, mpeg, mpi and voc.
22
iii. File and Disk that can hide and append files by
using the slack space.
iv. Text files such as html and java.
v. Image files such as bmp, gif and jpg, where
they can be both color and gray-scale.
In general, the information hiding process
extracts redundant bits from cover-object. The
process consists of two steps [9, IO].
i. Identification of redundant bits in a cover-
object. Redundant hits are those bits that can
he modified without corrupting the quality or
destroying the integrity of the cover-object.
ii. Embedding process. It selects the subset of the
redundant bits to be replaced with data from a
secret message. The stego-object is created by
replacing the selected redundant bits with
message bits.
2.1 Steganography vs Cryptography
Basically, the purpose of cryptography and
steganography is to provide secret communication.
However, steganography is not the same as
cryptography. Cryptography hides the contents of a
secret message from malicious people, whereas
steganography even conceals the existence of the
message. Steganography must not be confused with
cryptography, where we transform the message so
as to make its meaning obscure to malicious people
who intercept it. Therefore, the definition of
breaking the system is different [ll]. In
cryptography, the system is broken when the
attacker can read the secret message. Breaking a
steganographic system needs the attacker to detect
that steganography has been used and he is able to
read the embedded message.
In cryptography, the structure of a message is
scrambled to make it meaningless and
unintelligible unless the decryption key is
available. It makes no attempt to disguise or hide
the encoded message. Basically, cryptography
offers the ability of transmitting information
between persons in a way that prevents a third
party from reading it. Cryptography can also
provide authentication for verifying the identity of
someone or something.
In contrast, steganography does not alter the
structure of the secret message, but hides it inside a
cover-image so that it cannot be seen. A message in
a ciphertext, for instance, might arouse suspicion
on the part of the recipient while an “invisible”
message created with steganographic methods will
not. In other word, steganography prevents an
unintended recipient from suspecting that the data
exists. In addition, the security of classical
steganography system relies on secrecy of the data
encoding system [9].Once the encoding system is
known, the steganography system is defeated.
 It is possible to combine the techniques by hidden communication is not detected by other
encrypting message using cryptography and then people.
hiding the encrypted message using steganography.
The resulting stego-image can be transmitted 3. Stegauographic Techniques
without revealing that secret information is being
exchanged. Furthermore, even if an attacker were There have been many techniques for hiding
to defeat the steganographic technique and detect information or messages in images in such a
the message from the stego-object, he would still manner that the alterations made to the image are
require the cryptographic decoding key to decipher perceptually indiscemible. Common approaches
the encrypted message [I?.]. Table 1 shows that include [5]:
both technologies have counter advantages and i. Least significant bit insertion (LSB)
disadvantages [SI. ii. Masking and filtering
iii. Transform techniques
TABLE 1
Comparison between Steganography and LSB is a simple approach to embed
Cryptography. information in image file. The simplest
steganographic techniques embed the bits of the
Steganography Cryptography message directly into least significant bit plane o f
Unknown message Known message the cover-image in a deterministic sequence.
passing. passing. Modulating the least significant bit does not .result
in human-perceptible difference because the
Little known Common technology. amplitude of the change is small.
technology. Masking and filtering techniques, usually
restricted to 24 bits and gray scale images, hide
Technology still being Most algorithms information by marking an image, in a manner
developed for certain known to govemment similar to paper watermarks. The techniques
formats. departments. performs analysis of the image,. thus embed the
information i n significant areas sot hat the hidden
Once detected message Strong algorithms are message is more integral to the cover-image than
is known. currently resistant to just hiding it in the noise level.
brute force attack. Transform techniques embed the message by
Large expensive modulating coefficients in a transform domain,
computing power such as the Discrete Cosine Transform (DCT) used
required for cracking. in P E G compression, Discrete Fourier Transform,
Technology increase or Wavelet Transform. These methods bide
reduces strength. messages in significant areas of the cover-image,
which make them more robust to attack.
Many Carrier formats Transformations can be applied over the entire
image, to block through out the image, or other
variants.

2.2 Steganography Applications 4. Secure Information Hiding System (SIHS)

There are many steganographic applications
for digital image, including copyright protection,
feature tagging, and secret communication [12,13].
Copyright notice or watermark can be embedded
inside an image to identify it as intellectual
property. If someone attempts to use this image
without permission, we can prove by extracting the
watermark.
In feature tagging, captions, annotations, time
stamps, and other descriptive elements can be
embedded inside an image. Copying the sfego-
image also copies the embedded features and only
parties who possess the decoding sfego-key will be
able to extract and view the features. On the other
hand, secret communication does not advertise a
covert communication by using steganography.
Therefore, it can avoid scrutiny of the sender,
message and recipient. This is effective only if the
An information hiding system, Secure
Information Hiding System (SIHS) has been
developed to provide confidentiality security
service. SIHS employs an image file as a carrier to
hide a message and focuses on Least Signifcant Bit
(LSB) as one of the steganography techniques as
mentioned in previous section 3.
Before embedding process, the size of image
and the message must be defined by the system.
This is important to ensure the image can support
the message to be embedded. The ideal image size
is 800x600 pixels, which can embed up to 60kB
messages. As a preliminary work, SIHS simply
embeds the message into the cover-image without
using any password or sfego-key.

23
 We tested the system by using several images.
However, in this paper, a sample of the image will
be presented. The image in Figure 4, which is in
the gij format to hold the hidden information and
an btml tile in Figure 3 as the message to be
bidden. Figure 2 illustrates the process of hiding
the message in the cover-image.
Coverlmaee Rein
Stego Image
Message
i When some bits in the LSB plane of the stego-
Figure 2 -Producing Stego-Image Process
Figure 3 -Message
. .
. . O ' .
Figure 5 -Result of Stego-Image
24
The resultant Stego-image is shown in Figure
5 . The Stego-image obtained seems identical to the
cover-image even though the cover-image is
combined with the message. This is because the
amplitude of the change is small, and therefore
modulating the LSB does not result in a human-
perceptible difference. Thus allowing high
perceptual transparency of LSB.
In the experiment, we found that the size of
information to he hidden relatively depends on the
size of the cover-image. The message size must he
smaller than the image [14]. A large capacity
allows the use of smaller cover-image for the
message of fixed size, and thus decreases the
bandwidth required to transmit the stego-image.
image are altered then the original message
embedded in the cover-image cannot be obtained.
Therefore, if this method causes someone to
suspect something hidden in the stegc-image, then
the method is not secure. In addition the stego-
image cannot be manipulated in any way, such as
through scaling, rotation, cropping, addition of
noise or lossy compression because manipulation
will also destroy the hidden message.
5. Conclusion
In this paper we gave an overview of
steganograpby. It can enhance confidentiality of
information and provides a means of
communicating privately. We have also presented .
an image steganographic system using LSB
approach. However, there are some advantages and
disadvantages of implementing LSB on a digital
image as a carrier.
The advantage of LSB is its simplicity to
embed the bits of the message directly into the LSB
plane of cover-image and many applications use
this method [15]. Another advantage is its
perceptual transparency whereby the changes made
to the cover-image cannot be traced by human eye.
One of the disadvantages is that LSB is not
robust. It is very sensitive to any kind of filtering or
manipulation of the stegc-image. Another
weakness is that it is tamper resistance. An attacker
can casily dcstruct the message by rentoting or
modified stegc-image.
Further work on this research is to enhance the
system by using a password to embed the message.
We will also implement another two approaches of
steganographic system on a digital image. Then, a
comparative study on these different approaches
will be done.
 6. References

[l] Z. Hrytskiv, S. Voloshynovskiy & Y. Rytsar [12] E.T. Lin and E.J. Delp, “A Review of Data
“Cryptography of Video Information In Hiding in Digital Images”,
Modem Communications”, Electronics And [I31 W. Bender, D. Gruhl, N. Morimoto and A.
Energefics, vol. 11, pp. 115-125, 1998. Lu, “Techniques for Data Hiding”, Sysfems
[2] P.Moulin & J.A. O’Sullivan, “Information - Journal, vol. 35, 1996.
Theoretic Analysis of Information Hiding”, at [14] M.Z.I. Shamsuddin, “Menggunakan Least
IEEE Infernational Symposium on Informafion Significant Bit: Steganografi“, 2002.
Theory, Boston, MA, October, 1999. [IS] N.F. Johnson & S. Jajodia, “Steganalysis of
[3] C . Cachin, “An Information-Theoretic Model Images Created Using Current
for Steganography”, in proceeding 2nd Steganography Software”, in
Information Hiding Workshop, vol. 1525, pp. Proceeding for the Second Information
306-318, 1998 Hiding Workhop, Portland 0 regon,
[4] R Chandramouli, N. Memon, “Analysis of USA, April 1998, pp. 273-289.
LSB Based Image Steganography [ 161 N.F. Johnson and S. Jajodia, “Exploring
Techniques”, IEEE pp. 1019-1022,2001. Steganography: Seeing the Unseen”, IEEE,
[SI N.F. Johnson, S. Jajodia, “Staganalysis: The pp. 26-34, 1998.
Investigation of Hiding Information”, IEEE, [17] M. Ramkumar & A.N. Akansu. “Some
pp. 113-116, 1998. Design Issues For Robust Data biding
[6] D. Artz, “Digital Steganography: Hiding Data Systems”
within Data”, IEEE Internet Compufing, pp. [18] Richard Popa,”An Analysis of Steganographic
75-80, May-Jun 2001. System”, 1998.
[7] R.J. Anderson, F.A.P. Petitcolas, “On The [I91 Y.K. Lee and L.H. Chen, “High Capacity
Limits of Steganography”, IEEE Journal of Image Steganographic Model”.
Selected Area in Communicafions, pp. 474- [ZO] Y.K. Lee and L.H. Chen, “A Secure Robust
481, May 1998. Image Steganographic Model”, in parf by
[SI R A Isbell, “Steganography: Hidden Menace or the Nafional Science Council.
Hidden Saviour”, Steganography White Paper, [21] S. Tanako, K. Tanaka and T. Sugimura, “Data
IO May 2002. Hiding via Steganographic Image
[9] N. Provos, P. Honeyman, “Detecting Transformation”, ZEICE Tram.
Steganography Content on the Internet”. Fundamentals, vol. E83-A, pp. 31 1-319,
[lo] N. Provos, “Probabilistic Methods for February, 2000
Improving Information Hiding”, CITI [221] F.A.P Peticolas, R.J. Anderson and M.G.
Technical Report 01-1, January 31,2001. Kuhn, “Information Hiding - A Survey”, in
[ l l ] J. Zollner, H. Federrath, H. Klimant, et al., proceeding of IEEE, pp. 1062-1078, July
“Modeling the Security of Steganographic 1999.
Systems”, in 2nd Workshop on Informafion [23] S. Katzenbeisser and F.A.P. Peticolas,
Hiding, Portland, April 1998, pp. 345-355. “Defining Security in Steganographic
Systems”.

25