240 likes | 338 Vues
Undetectable Stegosystem Based on Noisy Channels. V. Korzhik, G. Morales Luna, K. Loban Singapor, NTU, 2010. 1. Introduction
E N D
Undetectable Stegosystem Based on Noisy Channels V. Korzhik, G. Morales Luna, K. Loban Singapor, NTU, 2010
1. Introduction Steganography (SG) is the information hiding technique that embeds the hidden information into an innocent cover message (CM) under the conditions that the CM is not corrupted significantly and that the presence of the additional information into the CM may not be detected. Basic principle of undetectability: The CM and the SG signal have to be indistinguishable even with the use of the best statistical methods.
Designer’s problem: He (or She) should know the full statistics of the CM, but it is a rather very hard to study completely the probability distribution of such CM as video or audio signals. In order to be successful within this risky situation (which is, indeed, a “bottleneck” of any SG system) we propose to move into another concept of SG system setting, namely to SG based on noisy channels. This setting can be justified if there exists in a natural manner a noisy channel and the attacker (“stegobreaker”) is able to receive the stegosignal just over this channel and nothing else.
Attacker’s problem: To distinguish statistically the CM after its passing over the noisy channel and SG signal passing over the same noisy channel. Reducing of the steganalysis problem: Recognition of channel noise and the sum of the channel noise and the embedded signal. Since the channel noise distribution is, as a rule, known much better than the CM distribution, the problem to design SG systems which are resistant to their detection is simplified. New assumption: CM can be publicized; such assumption is impossible for conventional SG, because otherwise they can be detected trivially – if SG ≠ CM, then something has been embedded.
Model of SG design for a Gaussian noisy channel: (1) After a passing of thewatermarked signal through the Gaussian channel we get: (2)
Approximation of D for large : More early results [1] for the case when an attacker knows CM: (3) Where D is the relative entropy (introduced in [2] as a measure of SG system security, (4) It is well known from Information Theory [2] the following inequality for any hypothesis testing: (5) (6) From eq. (4) it follows that (7)
(8) The bit error probability [1]: (9) The general relation that comprises both security and reliability [1]: (10)
For any security level D and the number of secure bits m there can be chosen an appropriated N such that the SG system provides any given reliability . The more is N for given D the less (see eq.(7)) should be “signal-to-noise” ratio and this results in a problem for practical implementation (especially for digital processing). Pessimistic draw: Optimistic draw: Example. Let D=0.1 (that provides an acceptable level of security) and let m=10 be the number of the secure embedded bits If we choose then by (10) which is acceptable. But . by (7) and if the CM signal-to-noise ratio . where then which is indeed unacceptable. Our proposal: To use so called spread-time stegosystem (STS) – see next Section.
2. Description of STS and its performance evolution. Practical implementation: Let be an increasing sequence of indexes, generated by a secret stegokey K, determining the samples in which the WM’s are to be embedded (see Fig.1.) Then for a large value of N we may assume that Fig.1. STS system with embedding into pseudorandom samples. In order to embed one secret bit b are used consecutive chosen samples. Hence the total number of secret bits embedded into samples is 2.1. Uncoded system. (11)
Legal user knows the stegokey K, hence he knows exactly the samples with embedding and can execute the decision rule (8). The error probability can be found by (9). Optimal STS detecting by an attacker: The two hypothesis have to be tested: (12)
By changing the threshold in (13) it is possible to pass to the logarithmic livelihood ratio: The optimal hypothesis testing based on maximum livelihood ratio [3] is (13) (14) Let us assume that (for a good security guarantee), then we get from (14) after simple normalization. (15)
The series expansion of up to its linear term and next the series expansion of . up to its linear term renders the following decision rule: (16) Let us estimate (using the Central Limit Theorem) the missing and false alarm probabilities, (17) (18)
Let us select (for simplicity) the threshold in such away to be Then after simple transforms of eq’s (17)-(18) we get (19) (20) Substituting (20) into (19) we obtain: (21)
We can see that for large enough N it is possible to provide a good undetectability ( ) and reliability ( ) of STS and embed up to 232 secure bits.
2.2. Coded system. We restrict our attention to binary linear systematic Embedding: (22) Decoding: (23) (24)
The simplex codes (SC): The Reed-Muller codes (RMC): Example:
3. Optimal SG system detecting rule. Let us verify if the use of the optimal decision rule (15) can provide an appreciable improvement of STS detecting in comparison with the suboptimal decision rule (16)? Since N is sufficiently large, we can apply the Central Limit Theorem [4] to the sum in (15). Similar to the proof of (19) we get for such a choice of threshold , which provides where random values have the probability distributions by (12)
1 20 0.1431 0.00161414 0.00162667 0.00240398 0.401753 50 0.3578 0.00157674 0.00158801 0.00229017 0.401759 100 0.7156 0.00156462 0.00157585 0.00225445 0.401737 5 20 0.1431 0.00161414 0.00162590 0.00240398 0.401754 50 0.3578 0.00157675 0.00158821 0.00229017 0.401745 100 0.7156 0.00156462 0.00157583 0.00225445 0.401726 1 20 0.04526 0.000512618 0.000513737 0.000767001 0.401741 50 0.1131 0.000500332 0.000501449 0.000729712 0.401809 100 0.2263 0.000496672 0.000497830 0.000718483 0.401737 5 20 0.04526 0.000512618 0.000513854 0.000767001 0.401772 50 0.1131 0.000499062 0.000500277 0.000727769 0.401806 100 0.2263 0.000496672 0.000497795 0.000718483 0.401745 1 20 0.01431 0.000162288 0.000162393 0.000243341 0.401835 50 0.03578 0.000158479 0.000158585 0.000231440 0.401862 100 0.07156 0.000157686 0.000157808 0.000228397 0.401548 5 20 0.01431 0.000162288 0.000162435 0.000243187 0.401752 50 0.03578 0.000158479 0.000158598 0.00023144 0.401711 100 0.07156 0.000157686 0.000157797 0.000228397 0.401461 We can see that the use of the optimal decision rule does not break undetectability of STS.
4. Simulation of STS for audio cover messages. We use audio music file with duration about 29 sec in format wav where the sampling frequency is 44.1 kHz. The CM signal-to-noise ratio , whereas watermark-to-noise ratio (WNR) The embedding rule was taken by (11), where . In Fig. 2 the wave forms of original audio signal, audio signal after passing over a noisy channel and after secret message embedding at the same time interval are presented. One can see that noise corrupts slightly the audio signal and this fact can also be appreciated by human ear, whilist, at the same time, the embedding procedure is not observable by human ear.
Fig.2. The waveforms of audio signal (a), audio signal after its passing over noisy channel with CM signal-to-noise ratio (b), and after embedding by STS algorithm with (c)
In Fig.3 the waveforms of channel noise are shown, as well as this noise after embedding. Fig.3. The waveform of channel noise (a) and the same channel noise after embedding (b).
5. Conclusion. • Some modification of the stegosystem based on noisy channel called spread-time stegosystem (STS) has been proposed. • Both STS security and reliability can be provided by an appropriate selection of the system parameters. • The main defect of STS is its low embedding rate. The use of error correcting codes improve this situation but only slightly. • The suboptimal system detection by (16) is practically as much efficient as the optimal by (15). • Simulation of the STS with audio CM shows that its detection by ear and eye is impossible, whereas the embedded bits can be extracted reliably.
Open problems. • To specify security of STS for digital CM and after a saving the stegosignal in digital formats. • Consider applications of STS in real noisy channels (including optical fiber channels). • An extraction of secret bits by a “blind” decoder (see [6]) while keeping a good undetectability of STS. • Investigation of attack to prevent an extraction of secure embedded bits (additive noise, compression/decompression, resynchronization ). • Improvement of coded STS (farther optimization of codes and decoding algorithms).
References. [1] Valery Korzhik, Moon Ho Lee, Gullermo Morales Luna, “Stegosystem Based on Noisy Channels”, Trans. VII Spanish Meeting on Cryptography and Information Security, 2006; [2] Cachin C., “An information theoretic model for stegonography”. In: International workshop on IH, 1998, pp. 306-318. [3] Van Der Warden, “Mathematische Statistik”, Springer-Verlag, 1957. [4] Papoulis, A. “Pobability, Random Variables, and Stochastic Processes”, McGraw-Hill, New-York, 1984. [5] MacWilliams, F. Sloan, N. “The Theory of Error Correcting Codes”. Bell Labs, 1991. [6] Malvar, H.S. Florencio, D. “Improved spread spectrum: A new modulation technique for robust watermarking”. IEEE Transaction on Signal Processing 51 (2003), pp. 898-905/ [7] Valery Korzhik, Guillermo Morales-Luna,Ksenia Loban, “Undetectable Spread-time Stegosystem Based on Noisy Channels”. Submitted for journal “Information Hiding”, Lecture Notes in Computer Science, 2009