Professional Documents
Culture Documents
1. ABSTRACT...............................................................................2
2. INTRODUCTION........................................................................3
3. FEASILBILITY STUDY...............................................................23
4. SYSTEM PROFILE....................................................................29
5. TOOLS AND TECHNOLOGY.......................................................30
6. SYSTEM FLOW DIAGRAM.........................................................33
7. TESTING................................................................................37
6. FORM LAYOUT........................................................................43
7. CONCLUSION..........................................................................49
8. FUTURE ENHANCEMENTS........................................................51
9. BIBLIOGRAPHY.......................................................................52
1. Abstract
What is Steganography?
Steganography is the practice of hiding private or sensitive information within something that
appears to be nothing out to the usual. Steganography is often confused with cryptology because
the two are similar in the way that they both are used to protect important information. The
difference between two is that steganography involves hiding information so it appears that no
information is hidden at all. If a person or persons views the object that the information is hidden
inside of he or she will have no idea that there is any hidden information, therefore the person
will not attempt to decrypt the information.
What steganography essentially does is exploit human perception, human senses are not trained
to look for files that have information inside of them, although this software is available that can
do what is called Steganography. The most common use of steganography is to hide a file inside
another file.
2. Introduction
One of the reasons that intruders can be successful is that most of the information they acquire
from a system is in a form that they can read and comprehend. Intruders may reveal the
information to others, modify it to misrepresent an individual or organization, or use it to launch
an attack. One solution to this problem is, through the use of steganography. Steganography is a
technique of hiding information in digital media. In contrast to cryptography, it is not to keep
others from knowing the hidden information but it is to keep others from thinking that the
information even exists.
Steganography is the art of hiding the fact that communication is taking place, by hiding
information in other information. Many different carrier file formats can be used, but digital
images are the most popular because of their frequency on the Internet. For hiding secret
information in images, there exists a large variety of steganographic techniques some are more
complex than others and all of them have respective strong and weak points. Different
applications have different requirements of the steganography technique used. For example,
some applications may require absolute invisibility of the secret information, while others
require a larger secret message to be hidden. This project intends to give an overview of image
steganography, its uses and techniques. It also attempts to identify the requirements of a good
steganographic algorithm and briefly reflects on which steganographic techniques are more
suitable for which applications.
Although, Steganography is not to be confused with Encryption, which is the process of making
a message unintelligibleSteganography attempts to hide the existence of communication. The
basic structure of Steganography is made up of three components: the carrier, the message,
and the key. Carrier is also known as cover-object, in which the message is embedded and serves
to hide the presence of the message. The carrier can be a painting, a digital image, an mp3, even
a TCP/IP packet among other things. It is the object that will carry the hidden message. A key is
used to decode/decipher/discover the hidden message. This can be anything from a password, a
pattern, a black-light, or even lemon juice. In this project we will focus on the use of
Steganography within digital images (BMP) using LSB Substitution, although the properties of
Image Steganography may be substituted with audio mp3s, zip archives, and any other digital
document format relatively easily.
Basically, the model for steganography is shown in Figure 1. Message is the data that the sender
wishes to remain it confidential. It can be plain text, ciphertext, other image, or anything that can
be embedded in a bit stream such as a copyright mark, a covert communication, or a serial
number. Password is known as stego-key, which ensures that only recipient who knows the
corresponding decoding key will be able to extract the message from a cover-object. The coverobject with the secretly embedded message is then called the stego-object.
Recovering message from a stego-object requires the cover-object itself and a corresponding
decoding key if a stego-key was used during the encoding process. The original image may or
may not be required in most applications to extract the message.
message so as to make its meaning obscure to malicious people who intercept it. Therefore, the
definition of breaking the system is different. In cryptography, the system is broken when the
attacker can read the secret message. Breaking a steganographic system need the attacker to
detect that steganography has been used and he is able to read the embedded message.
In cryptography, the structure of a message is scrambled to make it meaningless and
unintelligible unless the decryption key is available. It makes no attempt to disguise or hide the
encoded message. Basically, cryptography offers the ability of transmitting information between
persons in a way that prevents a third party from reading it. Cryptography can also provide
authentication for verifying the identity of someone or something.
In contrast, steganography does not alter the structure of the secret message, but hides it inside a
cover-image so it cannot be seen. A message in cipher text, for instance, might arouse suspicion
on the part of the recipient while an invisible message created with steganographic methods
will not. In other word, steganography prevents an unintended recipient from suspecting that the
data exists. In addition, the security of classical steganography system relies on secrecy of the
data encoding system. Once the encoding system is known, the steganography system is
defeated.
It is possible to combine the techniques by encrypting message using cryptography and then
hiding the encrypted message using steganography. The resulting stego-image can be transmitted
without revealing that secret information is being exchanged. Furthermore, even if an attacker
were to defeat the steganographic technique and detect the message from the stego-object, he
would still require the cryptographic decoding key to decipher the encrypted message. Table 1
shows that both technologies have counter advantages and disadvantages.
HISTORY OF STEGANOGRAPHY
The word Steganography technically means covered or hidden writing. Its ancient origins
can be traced back to 440 BC. Although the term steganography was only coined at the end of
the 15th century, the use of steganography dates back several millennia.
Some examples of use of Steganography is past times are:
In ancient Greece, messages were hidden on the back of wax writing tables where someone
would peel off the wax that was or written on the stomachs of rabbits.
In Ancient Greece they used to select messengers and shave their head, they would then write a
message on their head. Once the message had been written the hair was allowed to grow back.
After the hair grew back the messenger was sent to deliver the message, the recipient would
shave off the messengers hair to see the secrete message.
During World War 2 invisible ink was used to write information on pieces of paper so that the
paper appeared to the average person as just being blank pieces of paper. Liquids such as milk,
vinegar and fruit juices were used, because when each one of these substances were heated they
darken and become visible to the human eye. Invisible ink has been in use for centuriesfor fun
by children and students and for serious espionage by spies and terrorists.
Cryptography became very common place in the middle ages. Secret writing was employed by
the Catholic Church in its various struggles down the ages and by the major governments of the
time. Steganography was normally used in conjunction with cryptography to further hide secret
information.
STEGANOGRAPHY TYPES
The majority of todays steganographic systems uses multimedia objects like image, audio, video
etc. as cover media because people often transmit digital pictures over email and other Internet
communication. In modern approach, depending on the nature of cover object, steganography
can be divided into five types:
Text Steganography
Image Steganography
Audio Steganography
Video Steganography
Protocol Steganography
So, in the modern age so many steganographic techniques have been designed which work with
the above concerned objects. More often in todays security advancement, we sometimes come
across a combination of Cryptography and Steganography to achieve data privacy over secrecy.
Various software tools are also available in this regard.
format and the embedded message may survive conversion between lossy and lossless
compression.
In the next sections steganographic algorithms will be explained in categories according to image
file formats and the domain in which they are performed.
Image Domain
One possible solution is to sort the palette so that the color differences between consecutive
colors are minimized. Another solution is to add new colors which are visually similar to the
existing colors in the palette. This requires the original image to have less unique colors than the
maximum number of colors (this value depends on the bit depth used). Using this approach, one
should thus carefully choose the right cover image. Unfortunately any tampering with the palette
of an indexed image leaves a very clear signature, making it easier to detect. A final solution to
the problem is to use greyscale images. In an 8-bit greyscale GIF image, there are 256 different
shades of grey. The changes between the colors are very gradual, making it harder to detect.
Transform Domain
To understand the steganography algorithms that can be used when embedding data in the
transform domain, one must first explain the type of file format connected with this domain. The
JPEG file format is the most popular image file format on the Internet, because of the small size
of the images.
JPEG compression
To compress an image into JPEG format, the RGB color representation is first converted to a
YUV representation. In this representation the Y component corresponds to the luminance (or
brightness) and the U and V components stand for chrominance (or color).
According to research the human eye is more sensitive to changes in the brightness (luminance)
of a pixel than to changes in its color. This fact is exploited by the JPEG compression by downsampling the color data to reduce the size of the file. The color components (U and V) are halved
in horizontal and vertical directions, thus decreasing the file size by a factor of 2. The next step is
the actual transformation of the image. For JPEG, the Discrete Cosine Transform (DCT) is used,
but similar transforms are for example the Discrete Fourier Transform (DFT). These
mathematical transforms convert the pixels in such a way as to give the effect of spreading the
location of the pixel values over part of the image. The DCT transforms a signal from an image
representation into a frequency representation, by grouping the pixels into 8 8 pixel blocks and
transforming the pixel blocks into 64 DCT coefficients each. A modification of a single DCT
coefficient will affect all 64 image pixels in that block. The next step is the quantization phase of
the compression. Here another biological property of the human eye is exploited: The human eye
is fairly good at spotting small differences in brightness over a relatively large area, but not so
good as to distinguish between different strengths in high frequency brightness. This means that
the strength of higher frequencies can be diminished, without changing the appearance of the
image. JPEG does this by dividing all the values in a block by a quantization coefficient. The
results are rounded to integer values and the coefficients are encoded using Huffman coding to
further reduce the size.
JPEG steganography
Originally it was thought that steganography would not be possible to use with JPEG images,
since they use lossy compression which results in parts of the image data being altered. One of
the major characteristics of steganography is the fact that information is hidden in the redundant
bits of an object and since redundant bits are left out when using JPEG it was feared that the
hidden message would be destroyed. Even if one could somehow keep the message intact it
would be difficult to embed the message without the changes being noticeable because of the
harsh compression applied. However, properties of the compression algorithm have been
exploited in order to develop a steganographic algorithm for JPEGs.
One of these properties of JPEG is exploited to make the changes to the image invisible to the
human eye.
During the DCT transformation phase of the compression algorithm, rounding errors occur in the
coefficient data that are not noticeable. Although this property is what classifies the algorithm as
being lossy, this property can also be used to hide messages. It is neither feasible nor possible to
embed information in an image that uses lossy compression, since the compression would
destroy all information in the process. Thus it is important to recognize that the JPEG
compression algorithm is actually divided into lossy and lossless stages. The DCT and the
quantization phase form part of the lossy stage, while the Huffman encoding used to further
compress the data is lossless. Steganography can take place between these two stages. Using the
same principles of LSB insertion the message can be embedded into the least significant bits of
the coefficients before applying the Huffman encoding. By embedding the information at this
stage, in the transform domain, it is extremely difficult to detect, since it is not in the visual
domain.
Image or Transform domain
As seen in the diagram above, some steganographic algorithms can either be categorized as
being in the image domain or in the transform domain depending on the implementation.
Patchwork
Patchwork is a statistical technique that uses redundant pattern encoding to embed a message in
an image. The algorithm adds redundancy to the hidden information and then scatters it
throughout the image. A Pseudo random generator is used to select two areas of the image (or
patches), patch A and patch B. All the pixels in patch A is lightened while the pixels in patch B
are darkened. In other words the intensities of the pixels in the one patch are increased by a
constant value, while the pixels of the other patch are decreased with the same constant value.
The contrast changes in this patch subset encodes one bit and the changes are typically small and
imperceptible, while not changing the average luminosity.
A disadvantage of the patchwork approach is that only one bit is embedded. One can embed
more bits by first dividing the image into sub-images and applying the embedding to each of
them. The advantage of using this technique is that the secret message is distributed over the
entire image, so should one patch be destroyed, the others may still survive. This however,
depends on the message size, since the message can only be repeated throughout the image if it is
small enough. If the message is too big, it can only be embedded once. The patchwork approach
is used independent of the host image and proves to be quite robust as the hidden message can
survive conversion between lossy and lossless compression.
Spread Spectrum
In spread spectrum techniques, hidden data is spread throughout the cover-image making it
harder to detect. A system proposed by Marvel et al. combines spread spectrum communication,
error control coding and image processing to hide information in images. Spread spectrum
communication can be defined as the process of spreading the bandwidth of a narrowband signal
across a wide band of frequencies. This can be accomplished by adjusting the narrowband
waveform with a wideband waveform, such as white noise. After spreading, the energy of the
narrowband signal in any one frequency band is low and therefore difficult to detect. In spread
spectrum image steganography the message is embedded in noise and then combined with the
cover image to produce the stego-image. Since the power of the embedded signal is much lower
than the power of the cover image, the embedded image is not perceptible to the human eye or
by computer analysis without access to the original image.
ALGORITHM REQUIREMENTS
All steganographic algorithms have to comply with a few basic requirements. The most
important requirement is that a steganographic algorithm has to be imperceptible. These
requirements are as follows:
Invisibility The invisibility of a steganographic algorithm is the first and foremost
requirement, since the strength of steganography lies in its ability to be unnoticed by the human
eye. The moment that one can see that an image has been tampered with, the algorithm is
compromised.
Payload capacity Unlike watermarking, which needs to embed only a small amount of
copyright information, steganography in other hand requires sufficient embedding capacity.
Robustness against statistical attacks Statistical steganlysis is the practice of detecting
hidden information through applying statistical tests on image data. Many steganographic
algorithms leave a signature when embedding information that can be easily detected through
statistical analysis. To be able to pass by a warden without being detected, a steganographic
algorithm must not leave such a mark in the image as be statistically significant.
Robustness against image manipulation In the communication of a stego-image by trusted
systems, the image may undergo changes by an active warden in an attempt to remove hidden
information. Image manipulation, such as cropping or rotating, can be performed on the image
before it reaches its destination. Depending on the manner in which the message is embedded,
these manipulations may destroy the hidden message. It is preferable for steganographic
algorithms to be robust against either malicious or unintentional changes to the image.
Independent of file format With many different image file formats used on the Internet, it
might seem suspicious that only one type of file format is continuously communicated between
two parties. The most powerful steganographic algorithms thus possess the ability to embed
information in any type of file. This also solves the problem of not always being able to find a
suitable image at the right moment, in the right format to use as a cover image.
Unsuspicious files This requirement includes all characteristics of a steganographic algorithm
that may result in images that are not used normally and may cause suspicion. Abnormal file
size, for example, is one property of an image that can result in further investigation of the image
by a warden.
The levels at which the algorithms satisfy the requirements are defined as high, medium and low.
A high level means that the algorithm completely satisfies the requirement, while a low level
indicates that the algorithm has a weakness in this requirement. A medium level indicates that the
requirement depends on outside influences, for example the cover image used. LSB in GIF
images has the potential of hiding a large message, but only when the most suitable cover image
has been chosen.
The ideal, in other words a perfect steganographic algorithm would have a high level in every
requirement. Unfortunately it's hard to develop an algorithm that satisfies all of the requirements.
Thus a trade-off will exist in most cases, depending on which requirements are more important
for the specific application.
transform domain. JPEG is the most popular image file format on the Internet and the image
sizes are small because of the compression, thus making it the least suspicious algorithm to use.
However, the process of the compression is a very mathematical process, making it more
difficult to implement.
Suggested applications: The JPEG file format can be used for most applications of
steganography, but is especially suitable for images that have to be communicated over an open
systems environment like the Internet.
Patchwork The biggest disadvantage of the patchwork approach is the small amount of
information that can be hidden in one image. This property can be changed to accommodate
more information but one may have to sacrifice the secrecy of the information. Patchworks main
advantage, however, is its robustness against malicious or unintentional image manipulation.
Should a stego image using patchwork be cropped or rotated, some of the message data may be
lost but since the message is repeatedly embedded in the image, most of the information will
survive.
Suggested applications: Patchwork is most suitable for transmitting a small amount of very
sensitive information.
Spread spectrum Spread spectrum techniques satisfies most requirements and is especially
robust against statistical attacks, since the hidden information is scattered throughout the image,
while not changing the statistical properties.
Suggested applications: Spread spectrum techniques can be used for most steganography
applications, although it's highly mathematical and intricate approach may prove too much for
some.
IMAGE STEGANOGRAPHY TECHNIQUES
To hide information, straight message insertion may encode every bit of information in the image
or selectively embed the message in noisy areas that draw less attention- those areas where
there is a great deal of natural color variation. The message may also be scattered randomly
throughout the image. A number of ways exist to hide information in digital media. Common
techniques which with varying degrees of success include:
Patchwork and other similar tools do redundant pattern encoding, which is a sort of spread
spectrum technique. It works by scattering the message throughout the picture. This makes the
image more resistant to cropping and rotation. Smaller secret images work better to increase the
redundancy embedded in the cover image, and thus make it easier to recover if the stego-image
is manipulated.
Encrypt and Scatter
The Encrypt and Scatter technique tries to emulate white noise. It is mostly used in image
steganography. White Noise Storm is one such program that employs spread spectrum and
frequency hopping. It does this by scattering the message throughout an image on eight channels
within a random number that is generated by the previous window size and data channel. The
channels then swap rotate, and interlace amongst each other. Each channel represents one bit and
as a result there are many unaffected bits in each channel. This technique is a lot harder to extract
a message out of than an LSB scheme because to decode you must first detect that a hidden
image exists and extract the bit pattern from the file. While that is true for any stego-image you
will also need the algorithm and stego key to decode the bit pattern, both of which are not
required to recover a message from LSB. Some people prefer this method due to the considerable
amount of extra effort that someone without the algorithm and stego-key would have to go
through to extract the message. Even though White Noise Storm provides extra security against
message extraction it is just as susceptible as straight LSB to image degradation due to image
processing.
Algorithms and transformations
Transform techniques embed the message by modulating coefficients in a transform domain,
such as the Discrete Cosine Transform (DCT) used in JPEG compression, Discrete Fourier
Transform, or Wavelet Transform. These methods hide messages in significant areas of the
cover-image, which make them more robust to attack. Transformations can be applied over the
entire image, to block throughout the image, or other variants. LSB modification technique for
images does hold good if any kind of compression is done on the resultant stego-image e.g.
JPEG, GIF etc.
JPEG images use the discrete cosine transform to achieve compression. DCT is a lossy
compression transform because the cosine values cannot be calculated exactly, and repeated
calculations using limited precision numbers introduce rounding errors into the final result.
Variances between original data values and restored data values depend on the method used to
calculate DCT.
DETECTION TECHNIQUE FOR IMAGE STEGANOGRAPHY
Even though stego-images can rarely be spotted by the naked eye, they usually leave behind
some type of fingerprint or statistical hint that they have been modified. It is those discrepancies
which an analysis tool may be able to detect. Since some techniques and their effects are
commonly known, a statistical analysis of an image can be performed to check for a hidden
message(s) in it.
A widely used technique for image scanning involves statistical analysis. Most steganographic
algorithms that work on images, assume that the least significant bit is more or less random. This
is however, an incorrect assumption. While the LSB might not seem to be of much importance,
applying a filter which only shows the least significant bits, will still produce a recognizable
image. Since this is the case, it can be concluded that the LSB are not random at all, but actually
contain information about the whole image. When inserting a hidden message into an image, this
property changes. Especially with encrypted data, which has very high entropy, the LSB of the
cover image will no longer contain information about the original, but because of the
modifications they will now be more or less random. With a statistical analysis on the LSB, the
difference between random values and real image values can easily be detected. Using this
technique, it is also possible to detect messages hidden inside JPEG files with the DCT method,
since this also involves LSB modifications, even though these take place in the frequency
domain.
IMPLEMENTATION
There are currently three effective methods in applying Image Steganography in spatial domain:
LSB Substitution
Blocking (DCT)
Palette Modification.
LSB (Least Significant Bit) Substitution is the process of modifying the least significant bit of
the pixels of the carrier image.
Blocking works by breaking up an image into blocks and using Discrete Cosine Transforms
(DCT). Each block is broken into 64 DCT coefficients that approximate luminance and color
the values of which are modified for hiding messages.
Palette Modification replaces the unused colors within an images color palette with colors that
represent the hidden message.
STEGANOGRAPHY APPLICATIONS
Image Steganography has many applications, especially in todays modern, high-tech world.
Steganography can be used anytime you want to hide data. There are many reasons to hide data
but they all boil down to the desire to prevent unauthorized persons from becoming aware of the
existence of a message. In the business world steganography can be used to hide a secret
chemical formula or plans for a new invention. Steganography can also be used for corporate
espionage by sending out trade secrets without anyone at the company being any the wiser.
Steganography can also be used in the noncommercial sector to hide information that someone
wants to keep private.
Privacy and anonymity is a concern for most people on the internet. Image Steganography allows
for two parties to communicate secretly and covertly. It allows for some morally-conscious
people to safely whistle blow on internal actions; it allows for copyright protection on digital
files using the message as a digital watermark. One of the other main uses for Image
Steganography is for the transportation of high-level or top-secret documents between
international governments. While Image Steganography has many legitimate uses, it can also be
quite nefarious. It can be used by hackers to send viruses and Trojans to compromise machines,
and also by terrorists and other organizations that rely on covert operations to communicate
secretly and safely.
Spies have used it since the time of the Greeks to pass messages undetected. Terrorists can also
use steganography to keep their communications secret and to coordinate attacks. It is exactly
this potential that we will investigate in the next section. Because you can hide information
without the cover source changing, steganography can also be used to implement watermarking.
Although the concept of watermarking is not necessarily steganography, there are several
steganographic techniques that are being used to store watermarks in data. The main difference is
on intent, while the purpose of steganography is hiding information, watermarking is merely
extending the cover source with extra information. Since people will not accept noticeable
changes in images, audio or video files because of a watermark, steganographic methods can be
used to hide this.
In feature tagging, captions, annotations, time stamps, and other descriptive elements can be
embedded inside an image. Copying the stegoimage also copies of the embedded features and
only parties who possess the decoding stego-key will be able to extract and view the features. On
the other hand, secret communication does not advertise a covert communication by using
steganography. Therefore, it can avoid scrutiny of the sender, message and recipient. This is
effective only if the hidden communication is not detected by the others people
3. FEASILBILITY STUDY
Technical Feasibility
Image Steganography is a defense application with a back-end coding done in C#.NET
that allows a user to hide data (documents or text files) in an image. The user friendly interface
requires no technical skills and is easy to operate on. Visual Studio 2010 using .NET 4.0
framework is used for the design and coding purposes. Adobe Photoshop CS5 has also been used
to design the header of the application with an animated sequence of images.
Economic Feasibility
The project is economic and highly beneficial project as far as the cost of development is
considered. No extra costs were incurred apart from the software used.
Operational Feasibility
The project is operationally very feasible as it is user-friendly, the user doesnt need any kind of
knowledge about the software used in the project. The project is also really helpful as the user
can use it to send encrypted data at any moment of time using the internet or the LAN system.
OBJECTIVE
This project comprehends the following objectives:
To produce security tool based on steganography techniques.
To explore LSB techniques of hiding data using steganography.
SCOPE
The scope of the project as follows:
Implementation of a variation of LSB technique for hiding information i.e. text in image files.
IMAGE DEFINITION
The most popular image formats that use lossless compression is GIF (Graphical Interchange
Format) and 8-bit BMP (a Microsoft
Windows bitmap file).
Compression plays a very important role in choosing which steganographic algorithm to use.
Lossy compression techniques result in smaller image file sizes, but it increases the possibility
that the embedded message may be partly lost due to the fact that excess image data will be
removed. Lossless compression though, keeps the original digital image intact without the
chance of lost, although it does not compress the image to such a small file size. Different
steganographic algorithms have been developed for both of these compression types and will be
explained in the following sections.
LEAST SIGNIFICANT BIT
Least significant bit (LSB) insertion is a common, simple approach to embedding information in
a cover image. The least significant bit (in other words, the 8th bit) of some or all of the bytes
inside an image is changed to a bit of the secret message. When using a 24-bit image, a bit of
each of the red, green and blue color components can be used, since they are each represented by
a byte. In other words, one can store 3 bits in each pixel. An 800 600 pixel image, can thus
store a total amount of 1,440,000 bits or 180,000 bytes of embedded data. For example a grid for
3 pixels of a 24-bit image can be as follows:
(00101101 00011100 11011100)
(10100110 11000100 00001100)
(11010010 10101101 01100011)
When the number 200, which binary representation is 11001000, is embedded into the least
significant bits of this part of the image, the resulting grid is as follows:
Although the number was embedded into the first 8 bytes of the grid, only the 3 underlined bits
needed to be changed according to the embedded message. On average, only half of the bits in an
image will need to be modified to hide a secret message using the maximum cover size. Since
there are 256 possible intensities of each primary color, changing the LSB of a pixel results in
small changes in the intensity of the colors. These changes cannot be perceived by the human eye
- thus the message is successfully hidden. With a well-chosen image, one can even hide the
message in the least as well as second to least significant bit and still not see the difference.
In the above example, consecutive bytes of the image data from the first byte to the end of the
message are used to embed the information. This approach is very easy to detect. A slightly
more secure system is for the sender and receiver to share a secret key that specifies only certain
pixels to be changed. Should an adversary suspect that LSB steganography has been used, he has
no way of knowing which pixels to target without the secret key.
In its simplest form, LSB makes use of BMP images, since they use lossless compression.
Unfortunately to be able to hide a secret message inside a BMP file, one would require a very
large cover image. Nowadays, BMP images of 800 600 pixels are not often used on the
Internet and might arouse suspicion. For this reason, LSB steganography has also been
developed for use with other image file formats.
DETECTION/ ATTACKS
While the purpose of Steganography is to hide messages, it may not be very effective at doing so.
There are several attacks that one may execute to test for Steganography images. They are:
Visual Attacks
Enhanced LSB Attacks
Chi-Square Analysis, and
Therefore, if this method causes someone to suspect something hidden in the stego-image, then
the method is not success.
4. System Profile
Hardware Requirements:
System
Hard Disk
40 GB.
Floppy Drive :
1.44 Mb.
Monitor
15 VGA Color.
Mouse
Logitech.
Ram
256 Mb.
Software Requirements:
Operating system
Windows XP Professional.
Front End
Coding Language
Visual C# .Net.
Back End
SQL 2000.
Tool used
Visual Studio 2010, .NET Framework 4.0 and Adobe Photoshop CS5 installed on the system.
C# supports a strict Boolean data type, bool. Statements that take conditions, such as while and
if, require an expression of a type that implements the true operator, such as the Boolean type.
While C++ also has a Boolean type, it can be freely converted to and from integers, and
expressions such as if (a) require only that a is convertible to bool, allowing a to be an int, or a
pointer. C# disallows this "integer meaning true or false" approach on the grounds that forcing
programmers to use expressions that return exactly bool can prevent certain types of common
programming mistakes in C or C++ such as if (a = b) (use of assignment = instead of equality
==).
In C#, memory address pointers can only be used within blocks specifically marked as unsafe,
and programs with unsafe code need appropriate permissions to run. Most object access is done
through safe object references, which always either point to a "live" object or have the welldefined null value; it is impossible to obtain a reference to a "dead" object (one which has been
garbage collected), or to a random block of memory. An unsafe pointer can point to an instance
of a value-type, array, string, or a block of memory allocated on a stack. Code that is not marked
as unsafe can still store and manipulate pointers through the System.IntPtr type, but it cannot
dereference them.
Managed memory cannot be explicitly freed; instead, it is automatically garbage collected.
Garbage collection addresses the problem of memory leaks by freeing the programmer of
responsibility for releasing memory which is no longer needed.
In addition to the try...catch construct to handle exceptions, C# has a try...finally construct to
guarantee execution of the code in the finally block.
Multiple inheritance is not supported, although a class can implement any number of interfaces.
This was a design decision by the language's lead architect to avoid complication and simplify
architectural requirements throughout CLI.
C# is more type safe than C++. The only implicit conversions by default are those which are
considered safe, such as widening of integers. This is enforced at compile-time, during JIT, and,
in some cases, at runtime. There are no implicit conversions between Booleans and integers, nor
between enumeration members and integers (except for literal 0, which can be implicitly
converted to any enumerated type). Any user-defined conversion must be explicitly marked as
explicit or implicit, unlike C++ copy constructors and conversion operators, which are both
implicit by default.
Enumeration members are placed in their own scope.
C# provides properties as syntactic sugar for a common pattern in which a pair of methods,
accessor (getter) and mutator (setter) encapsulate operations on a single attribute of a class.
Full type reflection and discovery is available.
C# currently (as of version 4.0) has 77 reserved words.
Checked exceptions are not present in C# (in contrast to Java). This has been a conscious
decision based on the issues of scalability and version ability.
For constructing "DFD level 1", we need to identify and draw the process that make the level 0
process. In the project for transferring the personal data from source to destination, the personal
data is first encrypted and processed and latter decrypted.
GANTT CHART
7. TESTING
Testing defines the status of the working functionalities of any particular system.
Through testing particular software one can't identify the defects in it but can
analyses the performance of software and its working behavior. By testing the
software we can find the limitations that become the conditions on which the
performance is measured on that particular level. In order to start the testing
process the primary thing is requirements of software development cycle. Using
this phase the testing phase will be easier for testers. The capacity of the software
can be calculated by executing the code and inspecting the code in different
conditions such as testing the software by subjecting it to different sources as input
and examining the results with respect to the inputs. After the designing phase, the
next phase is to develop and execute the code indifferent conditions for any errors
and progress to the developing phase. Without testing and execution, the software
cannot be moved to the developing phase. There are two types of testing. They are:
The functional testing, which defines the specified function of a particular code in
the program. This type of testing gives us a brief description about the program's
performance and security in the various functional areas. The other type of testing
is non-functional testing. Non-functional testing defines the capabilities of
particular software like its log data etc. It is opposite to functional testing and so
will not describe the specifications like security and performance. The performance
of the particular program not only depends on errors in coding. The errors in the
code can be noticed during execution, but the other types of errors can affect the
program performance like when the program is developed based on one platform
that may not perform well and give errors when executed in different platform. So,
compatibility is another issue that reduce the software performance. The code
tuning helps us in optimizing the program to perform at its best utilizing minimal
resources possible under varied conditions.
AIM OF TESTING
The main aim of testing is to analyses the performance and to evaluate the errors
that occur when the program is executed with different input sources and running
indifferent operating environments. In this project, I developed a steganographic
application based on Microsoft Visual Studio which focuses on data hiding based
on Least Significant Bit algorithm. The main aim of testing in this project is to find
the compatibility issues as well as the working performance when different sources
are given as the inputs.
There are different types of approaches for testing a JAVA framework based
application. The types of testing are
Unit testing
Validation testing
Integration testing
User acceptance testing
Output testing
Black box and white box testing.
UNIT TESTING
'Unit testing' is the approach of taking a small part of testable application and
executing it according to the requirements and testing the application behavior.
Unit testing is used for detecting the defects that occur during execution. When an
algorithm is executed, the integrity should be maintained by the data structures.
Unit testing is made use for testing the functionality of each algorithm during
execution. Unit testing can be used in the bottom up test approach which makes the
integration test much easier. Unit testing reduces the ambiguity in the units. Unit
testing uses regression testing, which makes the execution simpler. Using
regression testing, the fault can be easily identified and fixed. In this project, I have
developed an application using different phases like encryption, decryption, etc.
So, for getting the correct output all the functions that are used are executed and
tested at least once making sure that all the control paths, error handling and
control structures are in proper manner. Unit testing has it's applications for
extreme programming, testing unit frame works and good support for language
level unit testing.
VALIDATION TESTING
Validation is the process of finding whether the product is built correct or not. The
software application or product that is designed should fulfil the requirements and
reach the expectations set by the user. Validation is done while developing or at the
final stage of development process to determine whether it is satisfies the specified
requirements of user.
Using validation test the developer can qualify the design, performance and its
operations. Also the accuracy, repeatability, selectivity, Limit of detection and
quantification can be specified using 'Validation testing'.
OUTPUT TESTING
After completion of validation testing the next process is output testing. Output
testing is the process of testing the output generated by the application for the
specified inputs. This process checks weather the application is producing the
required output as per the user's specification or not. The 'output testing' can be
done by considering mainly by updating the test plans, the behavior of application
with different type of inputs and with produced outputs, making the best use of the
operating capacity and considering the recommendations for fixing the issues.
INTEGRATION TESTING
'Integration testing' is an extension to unit testing, after unit testing the units are
integrated with the logical program. The integration testing is the process of
examining the working behavior of the particular unit after embedding with
program. This procedure identifies the problems that occur during the combination
of units.
The integration testing can be commonly done in three approaches
Top-down approach
Bottom-up approach
Umbrella approach
Top-down approach:
In the top-down approach the highest level module should be considered first and
integrated. This approach makes the high level logic and data flow to test first and
reduce the necessity of drivers. One disadvantage with top-down approach is its
poor support and functionality is limited.
Bottom-up approach
The third approach is umbrella approach, which makes use of both the top - bottom
and bottom - top approaches. This method tests the integration of units along with
its functional data and control paths. After using the top - bottom and bottom-top
approaches, the outputs are integrated in top - bottom manner. The advantage of
this approach is that it provides good support for the release of limited
functionality as well as minimizing the needs of drivers and hubs. The main
disadvantage is that it is less systematic than the other two approaches.
USER ACCEPTANCE TESTING
'User acceptance testing' is the process of obtaining the confirmation from the user
that the system meets the set of specified requirements. It is the final stage of
project; the user performs various tests during the design of the applications and
makes further modifications according to the requirements to achieve the final
result. The user acceptance testing gives the confidence to the clients about the
performance of system
'Black box testing' is the testing approach which tells us about the possible
combinations for the end-user action. Black box testing doesn't need the
knowledge about the interior connections or programming code. In the black box
testing, the user tests the application by giving different sources and checks
whether the output for the specified input is appropriate or not.
'White box testing' is also known as 'glass box' or 'clear box' or 'open box' testing.
It is opposite to the black box testing. In the white box testing, we can create test
cases by checking the code and executing in certain intervals and know the
potential errors.
The analysis of the code can be done by giving suitable inputs for the specified
applications and using the source code for the application blocks. The limitation
with the white box testing is that the testing only applies to unit testing, system
testing and integration testing
6. Form Layout
7.
Conclusion
In the present world, the data transfers using internet is rapidly growing
The major limitation of the application is designed for bit map images (.bmp). It
accepts only bit map images as a carrier file, and the compression depends on the
document size as well as the carrier image size.
The future work on this project is to improve the compression ratio of the image to
the text.
This project can be extended to a level such that it can be used for the different
types of image formats like .bmp, .jpeg, .tiff etc., in the future.
The security using Least Significant Bit Algorithm is good but we can improve the
level to a certain extent by varying the carriers as well as using different keys for
encryption and decryption.
8. Future Enhancements
In future this application has features of:Hiding data in to audio file.
Hiding data in to video file.
It will be password protected.
9. BIBLIOGRAPHY
http://www.engpaper.com/free-research-papers-steganography.htm
http://en.wikipedia.org/wiki/Steganography
www.ece.stevens-tech.edu/~mouli/lsbsteg.pdf
www.waset.org/journals/waset/v50/v50-74.pdf
mo.co.za/open/stegoverview.pdf
www.maths.nuigalway.ie/cstudents/mcomms/.../steganography.pdf
http://www.ijcaonline.org/archives/volume6/number2/1057-1378
ipublishing.co.in/jarvol1no12010/EIJAER1018.pdf
faculty.ksu.edu.sa/ghazy/Steg/References/ref26-2.pdf
www1.chapman.edu/~nabav100/.../ImageSteganography.pdf
Kesslet, Gary C. An Overview of Steganography for the Computer Forensics
Examiner, Burlington, 2004.