Embed Size (px)
Citation preview
Tejas&Dakve&Jason&Hiney&
Introduc)on*! Facebook&compresses&uploaded&images,&which&results&in&disrupted&steganography.&
&! Can&we&preprocess&images&so&that&disruption&is&minimized&and&steganography&can&be&conducted&on&Facebook?&
Related*Work*! Google&Chrome&plug&in&tool,&Secretbook,&developed&by&Owen&CampbellIMoore&
&! Handles&compression&problem&by&precompressing&as&Facebook&would&compress&and&using&redundancy&
! Limited&to&Google&Chrome&and&hidden&text&
Hypothesis/Ques)on*! If&we&can&observe&common&file&type(s)&and&image&resolution(s)&resulting&from&Facebook&image&file&downloads,&can&we&use&this&to&increase&the&chances&of&successful&Facebook&steganography?&
&! If&we&do&the&compression&that&Facebook&would&do&prior&to&loading&the&cover&file,&can&we&minimize&the&compression&that&Facebook&will&do&and&thereby&increase&the&chance&of&success?&
Phase*I*Experimenta)on*! Uploaded&almost&100&images&to&Facebook&and&downloaded&them&from&FB&to&observe&how&it&alters&image&formats&and&sizes&
! Converts&TIFFs,&GIFs,&and&PNGs&to&JPEGs&! Does¬&accept&BMPs&! Converts&JPEG/EXIFs&to&JPEG/JFIFs&! Some&large&files&compressed&more&than&99%&! We&concluded&that&JPEG/JFIF&images&are&probably&changed&the&least&by&FB&and&are&the&best&candidate&for&FB&image&steganography.&
Phase*2*Experimenta)on*! First&goal&was&to&find&common&image&output&resolutions&for&Facebook.&&
! Used&high&resolution&setting&in&Facebook&album&to&produce&large&images&that&would&offer&greater&steganography&capacity&
! Two&common&outputs&were&2048&x&****&and&960&x&***.&! Download&image&resolution&depends&on&upload&image&resolution&and&processing/graphics&capability&of&download&platform.&
Phase*2*Experimenta)on*(2)*! Then&we&used&a&photo&processing&program&to&convert&test&images&to&the&2048&x&****&and&960&x&****&sizes,&uploaded&them&to&a&FB&album,&downloaded&them&from&FB,&and&observed&the&results.&
! As&hoped,&FB&did¬&alter&the&image&resolutions.&! Most&of&the&input&to&output&file&size&ratios&were&in&the&1.0&to&3.0&range,&but&some&were&higher.&
! Decided&to&send&the&images&through&a&FB&album&again&in&phase&3&to&get&ratios&close&to&1.0&
Phase*3*Experimenta)on*! Uploading&the&test&images&to&FB&and&downloading&them&from&FB&a&second&time&achieved&input&to&output&file&size&ratios&at&or&very&close&to&1.0.&
! With&FB&changing&the&JPEG&resolution&and&image&sizes&very&little,&we&were&ready&to&proceed&with&testing&steganography&programs.&
Phase*4*(Steganography*Programs)*! For&each&steganography&program,&we&hid&a&small&text&file&in&the&same&20&preIprocessed&JPEG&test&carriers,&uploaded&them&to&a&FB&album,&downloaded&them&from&FB,&and&attempted&to&recover&the&hidden&file.&
! Achieved&the&following&success&rates:&! JP&Hide&&&Seek&(Windows)&–&50%&! Steghide&(Windows)&–&15%&! Steg&(Windows)&–&20%&
Phase*4*(Steganography*Programs)*! No&success&with&the&following&programs:&&&
! Open&Puff&(Windows)&! &Outguess&Reborn&(Windows)&! F5&(Windows)&! Our&Secret&(Windows)&! Steganography&(Android)&
! Facebook&changed&the&preIprocessed&JPEG&is&such&a&way&that&the&steganography&program&could¬&recover&the&hidden&text&or&the&hidden&text&was&recovered&but&corrupted.&
Phase*5*(Tes)ng*JPHS)*! JPHS&&had&the&highest&success&rate&in&Phase&4&and&was&selected&for&testing&maximum&hidden&file&sizes&successfully&recovered&in&phase&5.&
! Procedure&! Create&text&or&image&file&of&selected&size&! Hide&in&preIprocessed&JPEG&carrier&! Test&recovery&using&JPHS&! Upload&carrier&to&a&Facebook&album&! Download&the&carrier&image&from&Facebook&! Attempt&to&recover&hidden&image&or&text&
JP*Hide*&*Seek*
JP*Hide*&*Seek*(2)*&
! Freeware&tool&available&for&Windows&and&Linux&
! Uses&a&random&process&to&select&least&significant&bits&(LSB)&of&the&discrete&cosine&transform&coefficients.&&Then&uses&the&Blowfish&algorithm&for&LSB&randomization&and&encryption.&
Success*rates*for*hiding*text*messages*in*960*x*****carriers*
0&
10&
20&
30&
40&
50&
60&
70&
1&byte& 65&bytes& 180&bytes& 400&bytes& 500&bytes& 1024&bytes&3000&bytes&
Success*rates*for*hiding*text*messages*in*2048*x******carriers*
0&
10&
20&
30&
40&
50&
60&
70&
1&bytes& 65&bytes&
180&bytes&
400&bytes&
500&bytes&
1024&bytes&
3000&bytes&
5000&bytes&
12000&bytes&
15000&bytes&
Success*rates*for*hiding*images*in*2048*x******carriers*
0&
5&
10&
15&
20&
25&
30&
35&
2.1&KB& 3.75&KB& 8.37&KB& 15.3&KB&
Recovered*Image*Samples*&&&&&! Successfully&hidden&and&recovered&8.37&KB&image&! Successfully&hidden&and&recovered&3.75&KB&image&! Example&of&recovered&but&damaged&3.75&KB&image&
Steganalysis*! In&most&applications&you&won’t&have&the&original&file&to&compare&to&a&suspected&carrier&file.&
! In&general&done&by&a&program&that&looks&for&structural&oddities&(the&steganography&program’s&signature)&
! Programs&can&also&look&for&abnormalities&in&statistical&measures&(means,&variances,&chiIsquare)&and&perform&high&order&tests&(linear&analysis,&Markov&fields,&wavelet&statistics).&
! There&are&many&commercially&available&tools&and&a&few&freeware&tools.&
Steg*Secret*! Steg&Secret&detected&steganography&using&Our&Secret&before&the&carrier&was&uploaded&to&Facebook&but¬&after&the&carrier&was&downloaded&from&Facebook.&
! Steg&Secret&failed&to&detect&steganography&using&! Open&Puff&! JP&Hide&&&Seek&! F5&! Steg&! Steghide&! Outguess&Reborn&! Steganography&(Android)&
****Future*Work*! More&experiments&to&firm&up&success&rate&percentages&
! More&testing&to&get&a&better&success&rate&&! Develop&a&program&similar&to&Secretbook&that&can&accommodate&files&including&images&
****Conclusions*! Can&send&long&text&messages&and&small&images,&but&it&requires&preprocessing&work,&multiple&attempts,&and&testing&to&ensure&success.&
! Facebook&did¬&garble&the&carrier&files&so&that&steganography&could&be&visually&detected.&
! Image&errors&and&data&corruption&caused&by&the&Facebook&algorithm&increase&as&hidden&file&size&increases.&
! 2048&x&****&carrier&JPEGs&offer&a&higher&payload,&but&may&be&resized&by&Facebook&depending&on&capabilities&of&download&platform.&&FB&resizing&will&disrupt&steganography.&
&
