STEGANOGRAPHY THE ART OF HIDING INFORMATION

As the information age is growing rapidly and data becomes highly valuable and sensitive, methods need to be discovered to protect and secure sensitive data. One such method that transfers data over network securely is Steganography. Many different carrier file formats can be used, but digital images are the most popular because of their frequency on the Internet. Different applications have different requirements of the steganography technique used. For example, some applications may require absolute invisibility of the secret information, while others require a larger secret message to be hidden. Steganography or Stego as it is often referred to in the IT community, literally means, "Covered writing" which is derived from the Greek language. Steganography is defined as follows, "Steganography is the art and science of communicating in a way which hides the existence of the communication. In contrast to Cryptography, where the enemy is allowed to detect, intercept and modify messages without being able to violate certain security premises guaranteed by a cryptosystem, the goal of Steganography is to hide messages inside other harmless messages in a way that does not allow any enemy to even detect that there is a second message present".

Techniques of Steganography:
There are three types of techniques : - PHYSICAL STEGANOGRAPHY - DIGITAL STEGANOGRAPHY - PRINTED STEGANOGRAPHY

A. PHYSICAL STEGANOGRAPHY:
This type of technique is used in ancient times. Within this picture, the letters position of a hidden message are represented by increase in numbers 1 to 20 and a letter value is given by intersection position in the grid. Hiding messages in wax tablets or hiding messages on body of messenger, Come under physical steganography.

B.DIGITAL STEGANOGRAPHY:
Digital steganography involves the modern steganography which entered the world in 1985.It is nothing but hiding information in an object digitally . This mainly involves embedding techniques.

C. PRINTED STEGANOGRAPHY:
Encoding secret messages in text can be a very challenging task. This is because text files have a very small amount of redundant data to replace with a secret message. Another drawback is the ease of which text based Steganography can be altered by an unwanted parties by just changing the text itself or reformatting the text to some other form (from .TXT to .PDF, etc.). There are numerous methods by which to accomplish text based Steganography. There are numerous methods by which to accomplish text based Steganography. Line-shift encoding involves actually shifting each line of text vertically up or down by as little as 3 centimeters. Depending on whether the line was up or down from the stationary line would equate to a value that would or could be encoded into a secret message. Word-shift encoding works in much the same way that line-shift encoding works, only we use the horizontal spaces between words to equate a value for the hidden message. This method of encoding is less visible than line-shift encoding but requires that the text format support variable spacing. Feature specific encoding involves encoding secret messages into formatted text by changing certain text attributes such as vertical/horizontal length of letters such as b, d, T, etc. This is by far the hardest text encoding method to intercept as each type of formatted text has a large amount of features that can be used for encoding the secret message. Note: All three of these text based encoding methods require either the original file or the knowledge of the original files formatting to be able to decode the secret message. Lets look at what a theoretically perfect secret communication. To illustrate this concept, consider three fictitious characters named Amy, Bret and Crystal. Amy wants to send a secret message (M) to Bret using a random (R) harmless message to create a cover (C) which can be sent to Bret without raising suspicion. Amy then changes the cover message (C) to a stego-object (S) by embedding the secret message (M) into the cover message (C) by using a stego-key (K). Amy should then be able to send the stego-object (S) to Bret without being detected by Crystal. Bret will then be able to read the secret message (M) because he knows the stego-key (K) used to embed it into the cover message (C).

A simple Steganographic System steganography_medium = secret_message + cover_message + key[11] As Fabien A.P. Petitcolas points out, "in a 'perfect' system, a normal cover should not be distinguishable from a stego-object, neither by a human nor by a computer looking for statistical patterns." In practice, however, this is not always the case. In order to embed secret data into a cover message, the cover must contain a sufficient amount of redundant data or noise. This is because the embedding process Steganography uses actually replaces this redundant data with the secret message. This limits the types of data that one can use with Steganography. In practice there are three types of steganography protocols used. They are Pure Steganography, Secret Key Steganography and Public Key Steganography. Pure Steganography : It is defined as a steganographic system that does not require the exchange of a cipher such as a stego-key. This method of Steganography is the least secure means by which to communicate secretly because the sender and receiver can rely only upon the presumption that no other parties are aware of this secret message. Using open systems such as the Internet, this is not the case at all. Secret Key Steganography : It is defined as a steganographic system that requires the exchange of a secret key (stego-key) prior to communication. Secret Key Steganography takes a cover message and embeds the secret message inside of it by using a secret key (stego-key). Only the parties who know the secret key can reverse the process and read the secret message. Unlike Pure Steganography where a perceived invisible communication channel is present,

Secret Key Steganography exchanges a stego-key, which makes it more susceptible to interception. The benefit to Secret Key Steganography is even if it is intercepted, only parties who know the secret key can extract the secret message. Public Key Steganography : Public Key Steganography is defined as a steganographic system that uses a public key and a private key to secure the communication between the parties wanting to communicate secretly. The sender will use the public key during the encoding process and only the private key, which has a direct mathematical relationship with the public key, can decipher the secret message. Public Key Steganography provides a more robust way of implementing a steganographic system. It also has multiple levels of security in that unwanted parties must first suspect the use of steganography and then they would have to find a way to crack the algorithm used by the public key system before they could intercept the secret message.

4. ENCODING SECRET MESSAGES IN IMAGE

The popular digital image encoding techniques used today are least significant bit (LSB) encoding , masking & filtering , Transformation , spread spectrum steganography, statistical steganography, distortion, and cover generation steganography. The following are some of these techniques. 4.1 Least significant bit (LSB) encoding : It is by far the most popular of the coding techniques used for digital images. By using the LSB of each byte (8 bits) in an image for a secret message, one can store 3 bits of data in each pixel for 24-bit imagesand 1 bit in each pixel for 8-bit images. Logic: A 24-bit bitmap will have 8 bits representing each of the three color values (red, green, and blue) at each pixel[2]. If we consider just the blue there will be 28 different values of blue. The difference between say 11111111 and 11111110 in the value for blue intensity is likely to be undetectable by the human eye. If we do it with the green and the red as well we can get one letter of ASCII text for every three pixel[12]. Therefore, the least significant bit can be used (more or less undetectably) for something else other than color information. As you can see, much more information can be stored in a 24-bit image file.

Disadvantages of using LSB alteration are mainly in the fact that it requires a fairly large cover image to create a usable amount of hiding space. Even now a days, uncompressed images of 800 x 600 pixels are not often used on the Internet, so using these might raise suspicion[5]. Another disadvantage will arise when compressing an image concealing a secret using a lossy compression algorithm. The hidden message will not survive this operation and is lost after the transformation[1]. 4.2 Masking and filtering : These techniques are usually restricted to 24 bits or grayscale images, take a different approach to hiding a message. These methods are effectively similar to paper watermarks, creating markings in an image[2]. This can be achieved for example by modifying the luminance of parts of the image. While masking does change the visible properties of an image, it can be done in such a way that the human eye will not notice the anomalies. Since masking uses visible aspects of the image, it is more robust than LSB modification with respect to compression, cropping and different kinds of image processing[14]. The information is not hidden at the noise level but is inside the visible part of the image, which makes it more suitable than LSB modifications in case a lossy compression algorithm like JPEG is being used[13]. [ 4.3 Transformations : A more complex way of hiding a secret inside an image comes with the use and modifications of discrete cosine transformations. Discrete cosine transformations (DST)), are used by the JPEG compression algorithm to transform successive 8 x 8 pixel blocks of the image, into 64 DCT coefficients each[13]. It follows Jsteg algorithm(D.Upham) used JPEG image format. According to Jsteg algorithm, Replace sequentially the least-significant bit of discrete cosine transform coefficients with the message data[7]. Logic: The secret data, is inserted into the cover image in the DCT domain. The signature(secret message) DCT coefficients are encoded using a lattice coding scheme before embedding. Each block of cover DCT coefficients is first checked for its texture content and the signatured codes are appropriately inserted depending on a local texture measure. Experimental results indicate that high quality embedding is possible, with no visible distortions. Signature images can be recovered even when the embedded data is subject to significant lossy JPEG compression.

Each DCT coefficient F(u, v) of an 8 x 8 block of image pixels f(x, y) is given by[5]:

where C(x) = 1/2 when x equals 0 and C(x) = 1 otherwise. After calculating the coefficients, the following quantizing operation is performed[5]:

where Q(u, v) is a 64-element quantization table. A simple pseudo-code algorithm to hide a message inside a JPEG image could look like this[1]: Input: message, cover image Output: steganographic image containing message while data left to embed do get next DCT coefficient from cover image if DCT 0 and DCT 1 then get next LSB from message replace DCT LSB with message bit end if insert DCT into steganographic image end while Although a modification of a single DCT will affect all 64 image pixels, the LSB of the quantized DCT coefficient can be used to hide information. Lossless compressed images will be suspectible to visual alterations when the LSB are modified. This is not the case with the above described method, as it takes place in the frequency domain inside the image, instead of the spatial domain and therefore there will be no visible changes to the cover image[5]. In addition to DCT, images can be processed with fast Fourier transform (FFT). FFT is "an algorithm for computing the Fourier transform of a set of discrete data values". The FFT

expresses a finite set of data points in terms of its component frequencies. It also solves the identical inverse problem of reconstructing a signal from the frequency data[8]. Thus simple logic for encoding and decoding using transforms is Hiding the data The steps are to take the DCT or wavelet transform of the cover image and find the coefficients below a specific threshold. Replace these bits with bits to be hidden (for example, use LSB insertion) and then take the inverse transform and store it as a regular image. Recovering the data To extract the hidden data take the transform of the modified image and find the coefficients below a specific threshold. Extract bits of data from these coefficients and combine the bits into an actual message. ] 4.4 Patchwork Patchwork is a statistical technique that uses redundant pattern encoding to embed a message in an image[14]. The algorithm adds redundancy to the hidden information and then scatters it throughout the image. Logic: A pseudorandom generator is used to select two areas of the image (or patches), patch A and patch B. All the pixels in patch A is lightened while the pixels in patch B is darkened. In other words the intensities of the pixels in the one patch are increased by a constant value, while the pixels of the other patch are decreased with the same constant value. The contrast changes in this patch subset encodes one bit and the changes are typically small and imperceptible, while not changing the average luminosity[7]. A disadvantage of the patchwork approach is that only one bit is embedded. One can embed more bits by first dividing the image into sub-images and applying the embedding to each of them[10]. The advantage of using this technique is that the secret message is distributed over the entire image, so should one patch be destroyed, the others may still survive. This however, depends on the message size, since the message can only be repeated throughout the image if it is small enough. If the message is too big, it can only be embedded once[13].

The patchwork approach is used independent of the host image and proves to be quite robust as the hidden message can survive conversion between lossy and lossless compression[10] There are also other methods that are not discussed in this paper which are of less utility over the above topics.

Applications for Steganography in an Open Systems Environment:

The three most popular and researched uses for steganography in an open systems environment are covert channels, embedded data and digital watermarking. Covert channels in TCP/IP involve masking identification information in the TCP/IP headers to hide the true identity of one or more systems. This can be very useful for any secure communications needs over open systems such as the Internet when absolute secrecy is needed for an entire communication process and not just one document as mentioned next. Embedding Data using containers (cover messages) is by far the most popular use of Steganography today. This method of Steganography is very useful when a party must send a top secret, private or highly sensitive document over an open systems environment such as the Internet. By embedding the hidden data into the cover message and sending it, you can gain a sense of security by the fact that no one knows you have sent more than a harmless message other than the intended recipients. Digital watermarking is usually used for copy write reasons by companies or entities that wish to protect their property by either embedding their trademark into their property or by concealing serial numbers/license information in software, etc. Digital watermarking is very important in the detection and prosecution of software pirates/digital thieves.

Conclusion:
Steganography detection can be used to prevent communication of malicious data. When properly implemented steganography can be difficult to detect but it is not impossible. Steganography involves the concealment of information in computer files. Steganography is disguised as a

BOOK OF MAGIC.