1 / 16

Enhancing Steganalysis with Stegi@Work: Real-World Applications and Distributed Frameworks

This work highlights the practical implementation of steganalysis techniques outside the laboratory setting. It features two significant case studies: Provos et al. (2003), which utilized massive datasets of JPEG images to identify hidden content, and the Stegi@Work framework, designed for distributed steganalysis. Both initiatives emphasize the importance of developing efficient tools and methodologies to detect steganographic content across diverse internet platforms. The findings underscore the limitations in current detection methods and advocate for innovative approaches to enhance accuracy and scalability.

ena
Télécharger la présentation

Enhancing Steganalysis with Stegi@Work: Real-World Applications and Distributed Frameworks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Steg in the Real World • Two examples that move the work of steganalysis out of the lab • The massive data survey of Provos et al. 2003 • The Stegi@work distributed steganalysis framework

  2. Steg on the Web? • Provos et al. 2003* • 2 million JPEG images from • 1 million JPEG images from Usenet • Images restricted in size between 20KB and 400KB • stegdetect • Identified potential hidden content in 1% of the images *N. Provos and P. Honeyman, IEEE Security and Privacy Magazine, May/June 2003

  3. Steg on the Web? • Percentage of (false) positives • JPHide “detected” most often

  4. Steg on the Web? • Verifying hidden content • Stegbreak • Dictionary attack against Jsteg, JPHide, and Outguess • Ebay: multi-lingual dictionary of 850,000 words • Usenet: short PIN numbers and pass phrases; 1.8 millions words

  5. Steg on the Web? • Performance of Stegbreak 1.2 GHz PIII JPHide: 10 days Outguess: ? Jsteg: 8 days

  6. Towards a larger steganalysis framework • Disconcert - a distributed computing framework for loosely coupled workstations • Distribute indices into stegbreak’s dictionary • Ebay: 60 nodes, 200,000 per second for JPHide • Usenet: 230 nodes, 870,000 keys per second

  7. Is anything out there??? • Conclusions of Provos et al. 2003 • All steganographic systems users carefully choose passwords that are not susceptible to dictionary attacks • Images from sources not analyzed carry steganographic content • Images carried content embedded by tools that stegdetect does not consider • Messages are too small for detection

  8. Distributed Steganalysis: Stegi@Work • Objective • The development of an architecture for an extensible distributed application for steganalsyis • User alerts • Facility for content destruction of quarantine • SOA to facilitate the inclusion of new and improved steganalysis algorithms

  9. Overall Architecture

  10. Stegi@Work Communications

  11. Flexible Network Architectures

  12. Flexible Network Architectures

  13. User Interface

  14. Steganalysis Support • Publicly available wrapped tools • Stegdetect (JPEG) • Digital Invisible Ink Toolkit (BMP, PNG) • Detects LSB methods • Custom “supertool” • Detects via signatures: • In Plain View, S-Tools, Mandelsteg, Hide and Seek v.4 And v.5, Hide4PGP • Statistical tests: • 2 and 2 histogram

  15. Steganalysis Tool Wrapping Support • Full featured tool wrapping API • Tool wrapping support for C/C++, Java, and Matlab programs • Network communication with XML messages between worker clients and Stegi@Work server

  16. Implementation Details • Entire framework written in Java 5 • Tool support in a variety of languages • JNI low-level system support for Linux and Windows • JBOSS backend server • EJB 3 Object Model

More Related