Forensic image steganalysis for identification of steganographic software tools

Veena ST, Arivazhagan Selvaraj

Abstract


Today many steganographic software tools are freely available in Internet, which help even callow users to have covert communication through digital images. Targeted structural image steganalysers identify only a particular  teganographic software tool by tracing the unique fingerprint left in the stego images by the steganographic process. Image steganalysis proves to be a tough challenging task if the process is blind and universal, the secret payload is very less and the cover image is in lossless compression format. A payload independent universal steganalyser which identifies the steganographic software tools by exploiting the traces of artefacts left in the image and in its metadata for five different image formats is proposed. First, the artefacts in image metadata are identified and clustered to form distinct groups by extended K-means clustering. The group that is identical to the cover is further processed by extracting the artefacts in the image data. This is done by developing a signature of the steganographic
software tool from its stego images. They are then matched for steganographic
software tool identification. Thus, the steganalyser successfully identifies the stego images in five different image formats, out of which four are lossless, even for a payload of 1 byte. Its performance is also compared with the existing steganalyser software tool.


Keywords


Universal Image Steganalysis, Steganographic Software Tool, Image Metadata, Clustering, Signature Artefact,Structural Steganalysis

References


N. F. Johnson and S. Jajodia, “Exploring steganography: Seeing the unseen,” Computer, vol. 31, no. 2, pp. 26–34, 1998.

J. Fridrich, M. Goljan, and R. Du, “Reliable detection of LSB steganography in color and grayscale images,” in Proceedings of the 2001 workshop on Multimedia and security: new challenges. ACM, 2001, pp. 27–30.

——, “Detecting LSB steganography in color, and gray-scale images,” IEEE MultiMedia, vol. 8, no. 4, pp. 22–28, Oct. 2001.

A. Westfeld, “F5 - a steganographic algorithm,” in Information hiding. Springer, 2001, pp. 289–302.

T. Zhang and X. Ping, “Reliable detection of LSB steganography based on the difference image histogram,” in Acoustics, Speech, and Signal Processing, 2003. Proceedings.(ICASSP’03). 2003 IEEE International

Conference on, vol. 3. IEEE, 2003, pp. 545–548.

S. Dumitrescu, Xiaolin Wu, and Zhe Wang, “Detection of LSB steganography via sample pair analysis,” IEEE Transactions on Signal Processing, vol. 51, no. 7, pp. 1995–2007, Jul. 2003.

A. Ker, “Steganalysis of LSB matching in grayscale images,” Signal Processing Letters, IEEE, vol. 12, no. 6, pp. 441–444, Jun. 2005.

S. Lyu and H. Farid, “Steganalysis Using Higher-Order Image Statistics,” IEEE Transactions on Information Forensics and Security, vol. 1, no. 1, pp. 111–119, Mar. 2006.

Bin Li, Jiwu Huang, and Yun Qing Shi, “Steganalysis of YASS,” IEEE Transactions on Information Forensics and Security, vol. 4, no. 3, pp. 369–382, Sep. 2009.

J. Fridrich, J. Kodovsk`y, V. Holub, and M. Goljan, “Breaking HUGO - the process discovery,” in Information Hiding. Springer, 2011, pp. 85–101.

N. F. Johnson and S. Jajodia, “Steganalysis of images created using current steganography software,” in Information Hiding. Springer, 1998, pp. 273–289.

A. Westfeld and A. Pfitzmann, “Attacks on steganographic systems,” in Information Hiding. Springer, 2000, pp. 61–76.

N. Provos and P. Honeyman, “Detecting steganographic content on the internet,” Center for Information Technology Integration, Tech. Rep., 2001.

S. Geetha, S. S. Sindhu, and N. Kamaraj, “Detection of Stego Anomalies in Images Exploiting the Content Independent Statistical Footprints of the Steganograms,” Informatica, vol. 33, no. 1, pp. 25–40, 2009.

T. Sloan and J. Hernandez-Castro, “Steganalysis of OpenPuff through atomic concatenation of MP4 flags,” Digital Investigation, vol. 13, pp. 15–21, Jun. 2015.

G. Bell and Yeuan-Kuen Lee, “A Method for Automatic Identification of Signatures of Steganography Software,” Information Forensics and Security, IEEE Transactions on, vol. 5, no. 2, pp. 354–358, Jun.

“Steganography Software,” http://www.jjtc.com/Steganography/tools.html, 2015.

P. Alvarez, “Using extended file information (EXIF) file headers in digital evidence analysis,” International Journal of Digital Evidence, vol. 2, no. 3, pp. 1–5, 2004.

“Original McGill Colour Image Database,” http://tabby.vision.mcgill.ca/, 2014.

“SpyHunter,” http://www.spy-hunter.com/stegspydownload.htm, 2002.

“StegSecret. A simple steganalysis tool.” http://stegsecret.sourceforge.net/, 2007.

“StegExpose,” https://github.com/b3dk7/StegExpose, 2014.




DOI: http://doi.org/10.11591/ijict.v10i3.pp%25p

Refbacks

  • There are currently no refbacks.


Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

View IJICT Stats