A Gentle Introduction to Digital Media Steganography
That file you downloaded may contain hidden messages that aren’t part of its regular contents.
Introduction
The widespread of data transmission over the Internet and insecure public networks exposes secret data to risky situations. In such case, that secret data become vulnerable to disclosure by whatever it is called, a hacker, an intruder, an attacker, or a bad guy. Secret data can be passwords, secret images, a voice record, license files, document files, etc.
One of the fundamental elements in securing your secret data from any unauthorized disclosure or usage is encryption. Encryption refers to transforming your data into an un-understandable, scrambled form. When an attacker gets access to your secret data, it will be hard for him to figure out what that data means, and even it may be impossible to interpret what secret information behind that scramble.
Another state-of-the-art method for ensuring secure transmission and storage of secret information is steganography. Steganography refers to hiding secret data, called payload, inside another data element that looks innocent and clean on the surface, called cover or host medium.
Digital Media Steganography
The most common form of cover media is an image, audio, and video files. In that cover media that looks like an ordinary and clean file, we hide our sensitive data. In this way, when an attacker gets access to our stored or transmitted data, he will never suspect the existence of any sensitive data.
To achieve a successful steganography scheme, we must have three elements: a cover media, a secret data to hide, and a steganography algorithm. The most common approach to steganography is Least Significant Bit Replacement (LSBR). In order to explain how LSBR steganography works, we need to describe how is data is represented digitally.
Any data, whether they are images, documents, audio files, video files, or executable applications, are stored on the computer as a sequence of binary strings. That is, everything inside the computer is a sequence of 0s and 1s. For example, the text “password” is represented by the binary string “0111000001100001011100110111001101110111011011110111001001100100”. The way that a text is converted to a binary string is based on the ASCII table.
ASCII table, shown in the figure below, is a table that lists all characters, symbols, and numbers with its representation as decimal numbers and its corresponding representation in hexadecimal, octal, and HTML representations.
So, if we look for the individual characters of the text “password”, we get its decimal representation as “p”=112, “a”=97, “s” =115, …, “d”=100. Each of these decimal numbers is converted to binary.
The same concept is applied for storing images and audio files, but with a little difference. Grayscale images are stored as a 2-dimensional matrix of decimal numbers, where each number is between 0 and 255 representing a pixel value of 8 bits. Meanwhile, RGB images are represented as a 2D matrix of three layers: Red layer, Green layer, and Blue layer, each pixel of the three layers is represented by 8 bits. For audio files, they are represented as a vector of decimal numbers, where each number is represented as 8, 16, 24, 32, or 64 bits.
A noteworthy characteristic of binary numbers is that the rightmost bit in a binary string is called the Least Significant Bit (LSB), meanwhile, the leftmost bit is called the Most Significant Bit (MSB). A change in the value of the LSB does not cause the decimal value to change considerably. However, a change in MSB changes the decimal value considerably. For example, if we have the binary “11011010” which is 218, if we change the LSB, which is 0, to 1; we get the decimal value 219. However, if we change the MSB, which is 1, to 0; we get the decimal value 90. That is it, the difference between 219 and 218 is just 1, a small value. But the difference between 218 and 90 is 128, a large value.
Hence, that is the trick of steganography, given a cover medium such as an image, if we changed the LSB of a pixel of the image; there will very un-noticeable changes in the image. The goal is to replace the LSB of each pixel of the image with a bit of the secret message. To make the concept clear, refer the figure 2. Figure 2 shows a grayscale image of a cameraman, the red box focuses on a segment of the image to show the pixels grid. Zooming on the pixels grid we can see the values of each pixel highlighted by a blue box.
Now, for any pixel {p} at row {i} and column {j}, if we replace the the LSB of that pixel by the bit {b} from the secret message; the pixel’s value either increased by 1, decreased by 1, or remains the same if {b= pixel’s LSB}. Thus, if we have a secret message of {n} bits, we need {n} pixels to conceal each secret bit inside the LSB of each pixel.
Such pixels’ value modification will change the shades of gray, but such change will not be detectable by the human vision system (HVS). Hence, the image looks very innocent to attackers, but actually, it hosts secret data inside it. Practically, we usually hide our secret data in the K-LSBs of each pixel, where {K} is in the range 1 to 8. The higher the value of {K}, the more noise appears on the image which makes it suspicious. Typically, a value of {K=1,2, or 3} is acceptable and not detectable to HVS.
Figure 2 illustrates the concept of hiding the text “dog” into 4 RGB pixels using K-LSB steganography, where {K=2}. Although some pixels’ values are modified, the modification is small and cannot be detected by HVS.
This how steganography works for a digital image. The same concept can be extended to other digital media such as audio and video files as long as this digital media can tolerate the modifications in its original values. One challenge that can face you to achieve a successful steganography scheme is the payload size versus the cover media capacity. We must have a cover media that can hide the full secret message without sacrificing much of the original quality of the cover media. Video files can hide much more data than image or audio files only, as videos are composed of a set of images with audio.
The capacity of the cover media is calculated by {capacity = K * Number_of_media_elements}, where {K} is the number of bits to replace, and {Number_of_media_elements} refers to the available number of cover media elements that will hosts the secret message, a pixel in case of the cover is an image, or a sample if the cover is an audio file.
There are various tools available for hiding data inside digital media such as the open-source program Steghide, Xiao Steganography, OpenStego, and Camouflage. There are various approaches are presented for state-of-the-art steganography such as those that work on the coefficients that result from wavelet transformations.
The reverse concept of steganography is the art of steganalysis, which is the art of attempting to find and recover secret data hidden inside digital media. steganalysis may fail or succeed depending on the robustness of the steganographic algorithm used. Most of the steganalysis tools are targeted to digital images, as images are the most common cover media used to hide secret data. An open-source comprehensive steganalysis tool that is always updated with recent steganalysis algorithms is Aletheia, which provides a set of statistical attacks and machine learning-based attacks.
Conclusion
Steganography is a robust approach for ensuring data secrecy and privacy when transferring the data over insecure channels or storing them on your computer. There are various tools and algorithms proposed to achieve a robust and secure steganographic scheme. But take care of steganalysists.
References:
https://www.kaspersky.com/blog/digital-steganography/27474/
https://www.comptia.org/blog/what-is-steganography
Hassaballah, M. (Ed.). (2020). Digital Media Steganography: Principles, Algorithms, and Advances. Academic Press.
