1. INTRODUCTION
1.2 The Property Of Steganography
1.2.7 Data Payload
國
立 政 治 大 學
‧
N a tio na
l C h engchi U ni ve rs it y
carrier is rotated. But as long as the carrier is rotated to the original direction, the algorithm then can extract the embedded watermark.
1.2.7 Data Payload
Data payload refers to the number of bits embedded into a frame, audio or image files per second. The larger data payload the faster and more scalable for the data hiding mechanism is.
‧
Steganographic encoding processes [9] are as the figure showed.
Figure 1. Steganographic Encoding
Only the authorized users who know the key can decrypt the message from watermarked files. The method can be used in feature tagging, such as hiding someone’s name in a photo or recording locations in a map. It can also be used for secret communications to transform some sensitive messages without alerting possible attackers. Most of common tools are all based on this method for embedding secret data into cover files. There are some common methods used to embed data into files:
Least-Significant Bit embedding [19] modifies the least significant bit that the changes are too small to detect by human eyes. The advantage of LBS is simple and it allows high perceptual transparency. However, scaling, rotation, lossy compression or some changes in cover may easily destroy the message.
Data Embedding
‧
Transform embedding method such as discrete-cosine transform (DCT) [8], discrete fourier transform (DFT) [8], or discrete wavelet transform (DWT). [1] embedding message in data files by changing the coefficients of the transform function. They can offer robustness and are widely used in watermark embedding in digital content, which are in the frequency domain.
2.1 Image Steganography
Reddy, Prasad, and Rao [17] develop an algorithm that can embed watermark without distortions to the image based on human visual system by modifying the frequency coefficients of the Image. The embedding and extracting of watermarks are in frequency domain. Their algorithm is based on Spread spectrum Watermarking.
The method has more robust against attacks using a key to control a pseudo number generator. Pseudorandom sequences are used as the spreading sequences.
Ko (2013) [5] focused on the data-hiding algorithm based on quantization index modulation (QIM). The author developed a two level nest-structure algorithm based on the fractional discrete cosine transform that can hide two times bits, and reached higher transparency. Also, the author improved data hiding method based on pixel difference and histogram modification. This improvement increased transparency by 27.78%, and 48.48% hidden inside.
In [18] is about using Quantization index modulation (QIM) techniques in data hiding in image because of the robustness. Hypothesis testing was held for the detection of whether the data is hidden in the data or not. The experiment conclusion
‧
is that QIM can be detectable depends strongly on the host statistics. The detectability could be reduced by reducing the level of robustness against attacks, or by reducing the embedding rate.
Lin, and Shiu [8] increase the capacity of DCT-based images and developed a new data-hiding scheme by notation transformation concept. The security of the hidden data is guaranteed because the secret data is embedded into DCT coefficients of the cover image by dividing the coefficients into six areas.
Muhammad, Ahmad, Farman, and Zubair [13] presents a unique approach for image steganography using Hue-Saturation-Intensity (HSI) color space based on Least Significant Bit (LSB). The proposed method transforms the image from RGB color space to Hue-Saturation-Intensity (HSI) color space and then embeds secret data inside the Intensity Plane (I-Plane) and transforms it back to RGB color model after embedding.
Lee, Tsai [6] conduct a method about a lossless data hiding based on histogram shifting and the research break a bottleneck of data hiding rate in image that it can hide more data and produces stego-images with high qualities.
2.2 Streaming Steganography
In [15] propose a novel compression-domain video data-hiding algorithm as little perceptual distortion that determines the optimal embedding strategy to minimize both the output perceptual distortion and the output bit rate. The hidden data is embedded into selective Discrete Cosine Transform (DCT) coefficients, which are
‧
國立 政 治 大 學
‧
N a tio na
l C h engchi U ni ve rs it y
found in most video compression standards.
Hefeeda and Mokhtarian [4] conducted the quantitative analysis for authentication schemes by defining five metrics, which are computation cost, communication overhead, receiver buffer size, delay, and tolerance to packet losses.
The research reveals the merits and shortcomings of each scheme.
[7] is a robust audio watermarking scheme with high robustness against malicious attack precented for AVS audio. The original audio is segmented into frames. They insert the watermark into the audible spectrum area and keep the distortion imperceptible.
2.3 Steganography tools introduction
We introduce four tools and have four experiments to verify the properties of steganography, and we choose deep blue and white as the color of our original image below.
Figure 2. Original image
OpenPuff[23], a advanced professional steganography tool written for Windows platform, is closed source and hard to modify.
‧
國立 政 治 大 學
‧
N a tio na
l C h engchi U ni ve rs it y
Openpuff[23] is a steganography tool developed by Cosimo Oliboni (2009). It has its public available executable running on Windows. It supports various functions to embed data into videos or images with a set of 16 kinds of 256bit open-source cryptography algorithms that can be used to protect embedded messages. We can embed media files or text into files, including audio, video, image and also text.
However, up to 256Mb capacity can be hidden. It sets noises by random number generator (CSPRNG) to insist security and obfuscate stream pattern and sensitive data.
The tool is powerful not only because it is the only one, which supports video format, but also it has transparency, undetectability, and integrity. We cannot distinguish the difference between the origin image and embedded one by eyes, and the data size is also the same. However, severe modifications will destroy the embedded watermark, so it is not robust. OpenPuff[23] is just used by normal user now and has not applied to commercial services yet.
Figure 3. Embedded image
‧
國立 政 治 大 學
‧
N a tio na
l C h engchi U ni ve rs it y
Figure 4. The interface of OpenPuff OpenStego[24]:
OpenStego can run on all platforms and written in java. It provides two functions, one is data hiding and the other is invisible signature Watermarking.
DES algorithm is used for data encryption, along with MD5 hashing to derive the DES key from the password provided. Currently, it supports two plugins - RandomLSB (Randomized LSB) for data hiding and Dugad's algorithm for watermarking.
The tool has no robustness cause modifications still destroy the embedded image.
We embedded an image in the cover image, and embedded image size is several times larger than original one. With the change of data size, attackers can easily detect that there’s a secret even if the images look the same.
‧
國立 政 治 大 學
‧
N a tio na
l C h engchi U ni ve rs it y
Figure 5. Embedded image
Figure 6. The interface of OpenStego Steganography Studio [25]:
Steganography Studio is a tool written in java, allowing using in windows but not in mc os x. The functionalities are encode, decode, simulate and analysis. The limit range of support data format is only image (BMP, PNG,GIF). We can only embed one image to another image with one password by selecting one of 7 kinds of algorithms.
Algorithms include BattleSteg, BlindHide, DynamicBattleSteg, DynamicFilterFirst, FilterFirst,HideSeek and SLSB.
The tool is weak, because the embedded files can only be saved as BMP or PNG format, so the files format is probable to be forced to change. This tool has another
‧
國立 政 治 大 學
‧
N a tio na
l C h engchi U ni ve rs it y
big problem that it can only check whether there is a watermark or not with the corresponding password and the chosen algorithm, but it cannot revert the original data even if the password is correct, so it has no integrity.
Figure 7. Embedded image
Figure 8. The interface of Steganography Studio
‧
Table 1. Algorithms induction (From Steganography: LSB Methodology Progress Report Angel N. Sierra, 2012)
SilentEye[26]
SilentEye is written in C++, and run as a cross-platform service, using LSB (Least Significant Bit) to embed text or image in image or audio. It encrypted data using AES algorithm. The method for embed contain inline and distribution.
The tool is not robust so we cannot modify our cover file or the embedded
Name Description
BattleSteg Hides by filtering the image to obtain a list of ships (best places to hide), then randomly ‘shoots’ at the image until a
‘ship’ is ‘hit’. For a short while the shots are clustered around the ship, and then it moves away and begins randomly shooting again.
BlindHide Starts writing at (0, 0) and moves along each pixel, colour and bit in scan lines across the image. Uses pure
steganography.
DynamicBattleSteg Works like BattleSteg only uses dynamic programming to prevent lots of memory from being used. This is NOT compatible with normal BattleSteg.
DynamicFilterFirst Works like FilterFirst only uses dynamic programming to prevent lots of memory from being used. This is NOT compatible with normal FilterFist
FilterFirst A pure steganography method, FilterFirst uses edge
detecting filters to obtain an ordered list of the best places to hide. It then writes to this list in the order given.
HideSeek HideSeek randomly picks a pixel / colour / bit and hides there. If it picks a bit it’s written to before, it will skip over it and go onto the next randomly selected bit
‧
國立 政 治 大 學
‧
N a tio na
l C h engchi U ni ve rs it y
watermark will be destroyed, and we can easily detect some black spot in the encrypted file so the tool does not have both transparency and undetectability. Also, the encrypted file size will be smaller than original one. According to the result of the experiment, the more black parts in the photos, the more data can be hidden inside, which will not be found easily.
Figure 9. Embedded image Table 2. Steganography properties of Tools Comparison
OpenPuff OpenStego Stegangraphy
Studio SlientEye
Robustness X X X X
Transparency O O O X
Undetectability O X X X
Integrity O O X O
Capacity Up to 256Mb Not mentioned Not mentioned 0.02%~0.1%
of cover image
Password O O O O/X
Black spots
‧
content. We find out the only one program that can support video format is OpenPuff [23] and that’s the reason why we chose OpenPuff [23]at the back end, then automatically embed and extract the invisible watermarks.Program Image files support algorithms Notes
Openpuff
OpenStego BMP, PNG Windows all and Linux
Studio BMP, PNG,GIF Widows all
FilterFirst(LSB
VE Cross-platform AES128, AES256
Open source Authored by
Anselme Chorein
‧
OpenPuff[23] to realize the data hiding services for digital content in our web because it is the only one tool for video encryption and decryption, and also it is free. We build a Multimedia Intelligent Authentication (MIA) [33] web service, and use OpenPuff[23] in the back-end to provide some methods to encrypt video and decrypt video online. It plays a vital role in MIA [33]. In order to use OpenPuff[23], we implement the web on Windows as mentioned that it can only run on that operating system. Embedding image in video is named Decrypt Video, and extracting image form video is named Decrypt Video. Another function composition is for embedding text in video and extracting it from video. The profile page is for playing the uploaded video.Figure 10. Functions of MIA [33]
Users can freely sign up for an account and upload their videos and images in order to embed a watermark into the videos. The format of the watermark can be image or text, which will be embedded into videos with an invisible way. Also, we can upload an encrypted video to decrypt the inside watermark out. All the encrypting and decrypting processes will automatically complete by back-end.
‧
In this way, we can set our own signature or unique watermark into our videos to protect the intelligent authentication and also we can embed some text, which may be a code in the video. We use the function to protect our digital content authentication by embedding watermark in it. Whenever our video is duplicated or distributed by unauthorized users, we can claim the authority of the videos by extracting our own authentication.
3.1 System Structure
The whole system can be separated into three main parts, including the front-end, back-end and the data processing.
Figure 11. System Architecture (Encryption) Carrier (Video)
‧
Figure 12. System Architecture (Decryption)
In the front-end, we use some general web skill, such as HTML, CSS and Javascript. Use AngularJS [35] as the framework that is provided by Google to implement our website presentation.
In the back-end, we use PHP as programing language and implement Model-View-Control (MVC) [32]design pattern to set up an API (Application Interface) service. With these APIs, we can connect the front-end and our database for data presentation, communication and manipulation.
The data processing is the most important part of the three. In this part we use OpenPuff [23] application to resolve data hiding of encryption and decryption.
OpenPuff [23] has been discussed in the previous section. However, the author of it didn’t publish the source code so that we implement the encryption and decryption with another program named 按鍵精靈 9[27]. We use it in order to automate the data
Carrier (Video)
‧
國立 政 治 大 學
‧
N a tio na
l C h engchi U ni ve rs it y
hiding function by simulating mouse to click the button on OpenPuff [23] for all the embedding work.
Figure 13. Simulating mouse by按鍵精靈 9
Figure 14. The interface of OpenPuff[23]
This is the interface of OpenPuff[23], the functions we use is Hide and Unhide.
We use these two functions to hide image into video, and to extract it from video so we need to follow some rules of this software.
‧
國立 政 治 大 學
‧
N a tio na
l C h engchi U ni ve rs it y
Figure 15. The data hiding function
In this page, we need to insert three passwords as the keys for encryption, which we could get from our database after they are inserted by the user in our website.
Then, we have to choose a carrier and an embedded file. In our research, we focused on hiding image or text in video format.
Figure 16. The data unhiding function
This page is the screenshot of data unhiding function, we need to insert the
‧
exactly the same three keys to decryption. Then select a carrier file.
For all the steps of encryption and decryption, we use 按鍵精靈 9[27] to
recorded every step of mouse’s positions to automate the function as mention above.
We use it to write scripts to record every step of the embedding and extracting work like the screenshot.
Figure 17. The data flow for script of按鍵精靈 9
First, we have to let the mouse move to the position (x,y), then left click the button. Sometimes, we need a delay between actions to wait the program executing.
The script will load one established text file to get the variable including the input path of image and video, the inserted passwords and the output path. The variables will be output at the step of selecting the file, inserting passwords or selecting the path of output finished file.
Figure 18. A part of 按鍵精靈 9 code
About the information in the text file, we store them in the database by php and Insert
‧
use java to establish the text file for按鍵精靈 9. After all the steps, we’ll output them
as .exe files. These .exe files will be executed whenever java scheduler calls it because of discovering the new input video.
Moreover, another providing function is embedding text in the video. When we want to embed text into the video, we use php to create a text file and save it as a bmp file. The action can mislead OpenPuff[23] as it will regard the text file as an image. In this way, the steps of embedding text are the same as embedding image. The variable keyText is somewhat we want to embed in the video.
Figure 19. PHP code of changing text into image
However, Openpuff [23] has a few limitations on the input files. As show in the figure we mentioned in chapter two. Three passwords cannot be similar with each other or we would not pass the examination by the tool to go to the next step. Also, the input size has to be many times bigger than the embedded data size or all the steganography work will not start. According to our testing, a 250 mb carrier can only embed approximately 3kb image. We need to follow all of these rules or we cannot complete the steganography work, and we cannot return the finished video to our user.
The last part of the system is about the Scheduler. We schedule jobs in Java, and
‧
國立 政 治 大 學
‧
N a tio na
l C h engchi U ni ve rs it y
detect whether the file is empty according to the column “is_finish”. The column records 0 for not finished and 1 as the work is completed. Once java program detects that we receive data uploaded form the front-end, the it will automatically call the scrip of 按鍵精靈 9 to automatically complete all the encryption and decryption
works. After the works, the is_finish column will be modified to 1 and the user of our website fianlly can play the encrypted video online.
Figure 20. Database
Figure 21. Java file
‧
國立 政 治 大 學
‧
N a tio na
l C h engchi U ni ve rs it y
3.2 System functionality
Our system can embed or extract two types of format into videos. One is image and the other is text. To extend the usability of MIA [33], the embedded text can be a program. We use PHP to save the text as a BMP format of image, and we can embed it into video using the same way without the limiting of characters by OpenPuff [23].
As we can embed the text into videos, we can also automatically extract it when we need. The texts which can be bound as a scripting language runtime as the callback, giving the developer the possibility to design their own variant from passive authentication to active code execution. Run the code after decrypting from video.
We use several languages in our web MIA to implement the functions we provide:
3.2.1 Html/Css
Every function page is corresponding to an .html file, and uses css to control the view of class in each div.
‧
國立 政 治 大 學
‧
N a tio na
l C
Figure 22.h engchi U
Html fileni ve rs it y
Figure 23. Css file
3.2.2 Javascript
Every page is also corresponding to a javascript file and they all looks familiar
‧
國立 政 治 大 學
‧
N a tio na
l C h engchi U ni ve rs it y
cause they are all for uploading file onto server no matter what function they process.
It is because both encryption and decryption will need to upload files. The input video, image, and passwords will be sent to back-end to store in the database on server by php and sql.
Figure 24. Getting upload file at the front-end using javascript
3.2.3 Php/SQL
We use php at the back-end to upload data to server and use sql to isert or delete some detail information in the table of database. The movie table contain seven coulmns.
‧
國立 政 治 大 學
‧
N a tio na
l C h engchi U ni ve rs it y
Figure 25. Adding video function is named addMovieRecord
Figure 26. Inserting information by SQL