1 Steganography Secure CommunicationTeam Members: Lidong Wei, Siddharth Nair, Preethi Josephina Mudialba Security cross-cutting issues Image:http://www.telegraph.co.uk/news/2016/12/18/majority-74-journalists-killed-2016-targeted-deliberately-says/

2 Introduction 58 journalist lost their lives in 2016 alone while 117 journalists are currently imprisoned [1] With more than 32,000 people killed in from terrorism attacks around the world, more and more journalists, media advocates and netizens are being assigned to dangerous regions. Organizations like Reporters without Borders and the United Nations are fighting every day for freedom of information and human rights. But the dearth of secure modes of communication exposes these undercover journalists to unnecessary risks. [2] The aim of our project was to develop an application which will help journalists assigned to dangerous countries, communicate or carry back sensitive information. [1] RSF. (n.d.). Retrieved December, from https://rsf.org/ [2] Tucci, C. (2016). Topic: Terrorism. Retrieved December, from https://www.statista.com/topics/2267/terrorism/ Image :

3 Background Steganography: The technique of hiding a secret message within an ordinary message. Can be defined as the process of hiding data within data. Goal: Hide data inside other harmless or unlikely data in a manner that does not permit an attacker to even detect that there is a second secret message present. Highlight: The ‘unexpected element’ it bring into the picture, by making sensitive information look like every day normal information. Use: Used to transmit extremely important information, while ensuring that the confidentiality of the data is upheld. Image :

4 Measures for ComparisonMSE / PSNR:The mean-squared error (MSE) between two images I1(m, n) and I2 (m, n) is (M and N are the number of rows and columns in the input images, respectively. ) Peak Signal-to-Noise Ratio: PSNR is measured in decibels (dB). PSNR is a good measure for comparing restoration results for the same image. Image:https://www.coloribus.com/adsarchive/prints/freedom-of-press-association-map /

5 Measures for ComparisonCapacity Capacity: It is the size of the data in a cover image that can be modified without deteriorating the integrity of the cover image. Domain Type Domain Type (DOM): DOM is either Spatial(S) or Transform (T). Invisibility- strength of Steganography lies in its ability to be unnoticed by human eye. The moment that one can see that an image has been tampered with, thealgorithm is compromised Image:https://www.coloribus.com/adsarchive/prints/freedom-of-press-association-map /

6 Steganography : TechniquesThere are two basic types of steganography: Spatial steganography: There are many versions of spatial steganography, all directly change some bits in the image pixel values in hiding data. Eg LSB ( Least Least significant bit (LSB)- based steganography, is a type of spatial Steganography algorithm that hides a secret message in the LSBs of pixel values without too much perceptible distortions. It should be noted that to our human eye, any change in the value of the LSB are imperceptible. Embedding of message bits can be carried out either sequentially or randomly. Least Significant Bit (LSB) replacement, LSB matching, Matrix Embedding and Pixel value, differencing are some of the spatial domain techniques. Transform steganography: The process of embedding data in the frequency domain of a signal. Image :

7 Steganography TechniquesFor the purpose of the project we analysed several steganography and we finally implemented 2 algorithms namely: A New Secure Image Transmission Technique via Secret-fragment-visible Mosaic Images by Nearly-reversible Colour Transformations [3] A Novel Image Stenographic Technique using Fast Fourier Transform [4] [3] Lee, Y., & Tsai, W. (n.d.). A New Secure Image Transmission Technique via Secret-Fragment-Visible Mosaic Images by Nearly Reversible Color Transformations - IEEE Xplore Document. Retrieved December, from [4] Shaukat, A., & Chaurasia, M. (n.d.). A novel image steganographic technique using fast fourier transform - IEEE Xplore Document. Retrieved December, from Image:

8 StegAnalysis StegAnalysis is the practice of detecting the use of steganography. It detects messages or their transmission or  disables embedded information. There are various ways of statistical StegAnalysis, for the experiment here, we choose: Sample pair analysis : [5] is “based on a finite state machine whose states are selected multisets of sample pairs called trace multisets. Due to the statistical measures of sample pairs that are highly sensitive to LSB embedding operations, the length of hidden message can be estimated when it’s embedded into the LSB of medium. [5]Dumitrescu, Sorina, Xiaolin Wu, and Zhe Wang (2003). “Detection of LSB steganog- raphy via sample pair analysis”. In: Signal Processing, IEEE Transactions on 51.7, pp. 1995–2007. Image :

9 StegAnalysis RS analysis: [6] detects randomly scattered LSB embedding in grayscale and colour images by inspecting the differences in the number of regular and singular groups for the LSB and ’shifted’ LSB plane. Chi Square Attack: [7] compares the theoretically expected frequency distribution in steganography with some sample distribution observed in the possibly changed carrier medium. Primary Sets [8] is based on a statistical identity related to certain sets of pixels in an image. [6] Fridrich, Jessica, Miroslav Goljan, and Rui Du (2001). “Reliable detection of LSB steganography in color and grayscale images”. In: Proceedings of the 2001 workshop on Multimedia and security: new challenges. ACM, pp. 27–30. [7] Westfeld, Andreas and Andreas Pfitzmann (2000). “Attacks on steganographic systems”. In: Information Hiding. Springer, pp. 61–76. Image:http://www.telegraph.co.uk/news/2016/12/18/majority-74-journalists-killed-2016-targeted-deliberately-says/ [8] ] Dumitrescu, Sorina, Xiaolin Wu, and Nasir Memon (2002). “On steganalysis of random LSB embedding in continuous-tone images”. In: Image Processing Proceedings International Conference on. Vol. 3. IEEE, pp. 641–644.

10 Results of StegAnalysisWe tested the two steg image based on these statistical analysis, and get the result as follows: ( Peppers, Baboon, Lake are a few of the most commonly used image for steganography analysis ) Secret Cover Primary Sets Chi Square Sample Pairs RS analysis Fusion (mean) PSNR MSE FFT Peppers.tiff Lena.tiff Baboon.tiff House.tiff 9.42E-07 Lake.tiff Airplane.tiff Mosaic 2.50E+06 2.06E-12 36.257 4.04E+06 6.96E-04 2.30E+06 The table above measures the probability that a certain image is a Steg image. As the result above shows, when FFT method is applied on different pairs of cover image and secret image, the probability is higher than when Mosaic technique is used. So there is a higher chance that the image will be detected when using FFT method.

11 Steg Implementation resultsWhat is Chi-Square analysis? It is a statistical test to measure if a given set of observed data and an expected set of data are similar or not. The idea of this attack is to compare Pair-of-Values' observed frequencies with their expected frequencies and calculate p value which will represent the probability of having some embedded data in an image. What are Pair-of-Values? When some data like encrypted text is embedded into an image, the LSB values of the original data change in a way that the number of these pairs become nearly equal while they differ so much when there is no embedding. The occurrences of the individual color values in the image are counted and this observed frequencies data set is used in the chi-square test. An expected data set is also needed which according to the paper is the average of the occurrences of the values in a pair[9]. [9] ÇALIŞKAN, C. (n.d.). Steganalysis: Chi-Square Attack & LSB Enhancement. Retrieved December, from http://cuneytcaliskan.blogspot.com/2011/12/steganalysis-chi-square-attack-lsb.html Image:http://www.telegraph.co.uk/news/2016/12/18/majority-74-journalists-killed-2016-targeted-deliberately-says/

12 We tested for the chi square attack using a tool called Guillermito’s Chi-square steganography test. The results are shown below Chi-Square Result FFT [10] A few tools to discover hidden data. (n.d.). Retrieved December, from Chi-Square Mosaic The red line is the result of the chi-square test and if it is close to one, ( the topmost part of the graph) then the probability for a random embedded message is high. Every blue line represents 1Kb of embedded data and the green curve is the average value of the LSB’s on the current block. As we can see form the 2 graphs above the red line for the FFT extend further than that for Mosaic meaning the probability of embedded data is higher than that of the Mosaic for every 1 Kb of embed data. [10]

13 Steganography: Secret-Fragment-Visible Mosaic ImageCover Image: Secret Image : After running the analysis tests and comparing the Steg Images from FFT as shown above and the Mosaic technique, we decided to proceed with the recovery algorithm implementation of the Mosaic technique, since the probability of finding the hidden data in the Steg image was lesser in Mosaic, for the same similarity measure.

14 Steganography: Secret-Fragment-Visible Mosaic ImageSub Image Size: 2x2 Sub Image Size: 8x8 Steg Image (secret image + cover image) Steg Image (secret image + cover image) Recovered Image Recovered Image

15 Sub Image Size: 64x64 Steg Image (secret image + cover image)Recovered Image: As can be seen from the above results, varying the size of the Sub Image splitting, we are able to get pictures of varying quality. The split size of 2x2, gives the best results, and the closest match to the original cover image but the downside is the time taken.(~3 min) Depending on the split size chosen the time taken increases. So for a better quality image, lower split size is needed but time taken is more, while for larger split sizes time taken is much less (< 1 min) Also, as can be seen from the results, there isn’t much noticeable difference in the cover images for split sizes 2 and 8, but the recovered image has some blurring in case of 8 as compared to 2.

16 Encryption As an added layer of security, we experimented with encrypting the Secret Image to be hidden. Would make it almost impossible for the attacker to recover the original image, because even if they were able to correctly identify the Steg image containing the hidden information, they would not be able to recover the original image by just breaking the Steg, because all they would get is the encrypted image. To show this proof of concept, we integrated a standard image encryption technique based on key generation technique along with our existing steganography algorithm code[11]. The downside to this approach is that since the encrypted image is now being hidden, and the Steganography algorithm is not completely lossless, when the recovered encrypted image is decrypted, there is some amount of colour loss, although the general structure can still be identified. [11] Image Encryption - File Exchange - MATLAB Central. (2010). Retrieved December, from https://www.mathworks.com/matlabcentral/fileexchange/27698-image-encryption Image:http://www.telegraph.co.uk/news/2016/12/18/majority-74-journalists-killed-2016-targeted-deliberately-says/

17 Encryption+ Steganography ResultsRecovered Image which was Encrypted (Recovery + Decryption): Encrypted Secret image (before it is hidden into the cover image) Recovered Image which was Encrypted Encrypted Secret image

18 Conclusion& Future WorkEncryption: encrypting the secret image and then hiding it make its more secure from potential attacks but as data is lost during the steganography process, the recovered decrypted image is not very clear. However, the essential information is retained. As it can be seen in the photo of the recovered soldier, the facial feature of the soldier is retained. The information recovered is sufficient for Facial recognition algorithms to identify the individual in the photo. Thus, the current implementation can still be successfully used by journalist, military personal etc to transfer information about suspected, terrorists , especially across borders. In the future, the data lost can be minimized to obtain a clear recovered image. Image:https://panampost.com/rebeca-morla/2014/12/16/reporters-without-borders-66-journalists-murdered-in-2014/

19 Conclusion& Future WorkLocal application: a local application does reduce the risk of breach of hidden data for example it eliminates the possibility of occurrence of JPEG compression attacks. However, in the future, we hope to be able deploy a web application, thereby make the application more accessible. Secret-Fragment-Visible Mosaic Images: currently, this algorithm works only for same size cover image and secret image, in the future it can be improved to allow for different size images . Furthermore, improvements can be made to the algorithm to reduce the time taken to hide the secure image into the cover image and the time taken to recover the secret image from the cover image. Image:https://en.dailypakistan.com.pk/world/74-journalists-killed-worldwide-in-2016-reporters-without-borders/