Pattern Recognition 41 (2008) 2945 – 2955

www.elsevier.com/locate/pr

High-performance JPEG steganography using complementary embedding

strategy
Chiang-Lung Liu ∗ , Shiang-Rong Liao
Department of Electrical and Electronic Engineering, Chung Cheng Institute of Technology, National Defense University, Tahsi, Taoyuan 33509, Taiwan, ROC

Received 12 June 2006; received in revised form 27 April 2007; accepted 3 March 2008

Abstract
A high-performance JPEG steganography should be secure enough to resist modern steganalysis. In this paper, we propose a high-performance
JPEG steganographic method. The proposed method adopts the complementary embedding strategy to avoid the detections of several statistical
attacks. To show the effectiveness of the proposed method, several statistical attacks are simulated and used to detect the stego-images created
by the proposed method. Several famous JPEG steganographic algorithms are also simulated for comparisons with the proposed method.
Experimental results show that the proposed steganographic method has superior performance both in capacity and security, and is practical
for the application of secret communication.
䉷 2008 Elsevier Ltd. All rights reserved.

Keywords: Image hiding; JPEG steganography; Chi-square family attack; S family attack; Statistical steganalysis; Complementary embedding

1. Introduction steganographic schemes, and are especially referred to as image

The success of the Internet facilitates communications of
people, but also enables illegal users to access data transmitted
on the Internet. To protect the important data from being ille-
gally accessed, various modern cryptosystems [1] can be used
to encrypt the content of these data prior to their transmissions.
However, the encrypted data exists in a meaningless form and
may attract the intention of the interceptors to break the secret
codes. Steganographic methods can be used to make up this
drawback.
Steganographic methods [2–24] and various watermarking
schemes[25–28] are applications of information hiding tech-
niques [29]. Steganographic methods hide the secret informa-
tion in the cover carrier so that the existence of the embedded
information is undetectable. The cover carrier can be many
kinds of digital media such as text, image, audio, and video.
Because of the insensitivity of the human visual system, dig-
ital images have been widely used as cover carriers in most
∗ Corresponding author. Tel.: +886 3 3809991-370; fax: +886 3 3801407.
E-mail addresses: chianglung.liu@gmail.com (C.-L. Liu),
shiang.ron@msa.hinet.net (S.-R. Liao).
hiding techniques [2,3,15].
Each image hiding system consists of an embedding process
and an extraction process. An innocuous-looking original im-
age is used as the cover-image to conceal the secret data. The
secret data are embedded into the cover-image by modifying
the cover-image to form a stego-image. According to Kerck-
hoffs’ principle [30], the embedding algorithm is supposed to
be known to the public. Therefore, the embedding process may
use an embedding key so that only the legal user can success-
fully extract the embedded data by using the corresponding ex-
traction key in the extraction process. The embedding key and
the extraction key are referred to as stego-keys. If they are the
same, the image hiding system is symmetric, otherwise asym-
metric [1].
Most image hiding systems use uncompressed images (e.g.,
BMP) or losslessly compressed images (e.g., GIF) as cover-
images. These images potentially contain much visual redun-
dancy so that they can provide large capacity to hide secret
data. Many image hiding systems [2–24] have been proposed
and several stego-products have been developed based on loss-
less image formats (e.g., EzStego [19]). For reducing transmis-
sion bandwidth and storing space, the JPEG image is currently
the most common format used on the Internet. Several image

0031-3203/$30.00 䉷 2008 Elsevier Ltd. All rights reserved.

doi:10.1016/j.patcog.2008.03.005
2946 C.-L. Liu, S.-R. Liao / Pattern Recognition 41 (2008) 2945 – 2955
hiding techniques for JPEG images have been proposed, such as
J-Steg [18], F5 [16], and OutGuess [17]. They are usually called
the JPEG steganography or the JPEG steganographic methods
which use the DCT coefficients to embed the secret bits, and
will be mentioned alternately in the rest of this paper. As we
know, the JPEG compression is based on the discrete cosine
transform (DCT), and reduces the visual redundancy to achieve
good compression performance. Therefore, the embedding ca-
pacity provided by JPEG steganography is relatively smaller
than those provided by the other steganographic methods. In
this paper, our discussions focus on the JPEG steganography.
Generally, there are potentially two basic requirements for
a secure image hiding system. First, the secret data embedded
in the stego-image should be perceptually invisible. Secondly,
the receiver can exactly recover the original data without the
knowledge of the cover-image. These requirements can be eas-
ily achieved by LSB insertion methods that embed the secret
data in the cover-image by directly replacing the least signifi-
cant bit (LSB) in spatial domain or frequency domain. For ex-
ample, the JPEG steganographic tool J-Steg embeds the secret
data by sequentially flipping the LSB of the quantized DCT
coefficients (except 0s and 1s) without causing detectable ar-
tificial distortion. Unfortunately, modern steganalysis tries to
discover hidden data by examining the statistical properties of
stego-images. Therefore, many existing steganographic tech-
niques seem to be insecure when modern steganalysis is em-
ployed to test their security.
Westfeld and Pfitzmann [31] proposed a steganalytic method
based on statistical analysis of Pairs of Values (PoVs) that are
exchanged during message embedding. They observed that the
embedding function replacing LSBs transforms PoVs into each
other which only differ in the LSB. If the secret bits used for
replacing the LSBs are equally distributed, the frequencies of
both values of each PoV become equal. Based on this obser-
vation, they proposed a statistical method to automatically cal-
culate the similarity of PoVs of the stego-image. Their method
is generally known as the chi-square attack and provides very
reliable results when the LSB placement is known (e.g., the
sequential embedding). Therefore, the data embedded by the
J-Steg can be detected by chi-square attack. Actually, the chi-
square attack can be slightly modified to successfully detect
randomly scattered data by applying the same idea to smaller
portions of the stego-image [17]. The modified chi-square at-
tack is especially referred to as the extended chi-square attack
in the rest of this paper. We also briefly use the chi-square fam-
ily attack to represent both attacks together.
To provide a secure and high-capacity JPEG steganography,
Westfeld [16] proposed the F5 algorithm in 2001. Instead of
replacing the LSBs of the quantized DCT coefficients with the
secret bits, the absolute value of the coefficient is decreased
by 1. Besides, the F5 algorithm randomly chooses DCT coeffi-
cients to embed the secret bits. Combining these two strategies,
the F5 algorithm successfully defends both the chi-square and
the extended chi-square attacks.
In the same year, Provos [17] also proposed the OutGuess
steganographic algorithm to counter the chi-square family at-
tack. The OutGuess uses two passes to achieve the embedding
mission. In the first pass, the secret bits are embedded in the
LSBs of the quantized DCT coefficients (skipping 0s and 1s)
along a random walk. In the second pass, the histogram of the
stego-image is adjusted to match that of the cover-image. Be-
cause the histogram of the final stego-image is similar to that of
the cover-image, the stego-image created by the OutGuess al-
gorithm can avoid the detection of the chi-square family attack.
Although stego-images created by the F5 algorithm or the
OutGuess algorithm can survive the chi-square family attack,
they can be detected by a special steganalytic method proposed
by Fridrich et al. [32]. The most important part of their method
is to obtain the approximation of the cover-image. This is done
by decompressing the stego-image, cropping by four pixels in
each direction, and recompressing using the same quantiza-
tion table. The estimated cover-image possesses many statisti-
cal properties that approximately equal to those of the original
cover-image. These statistical properties can be used to design
the distinguishing statistic S that also predictably changes with
the embedded message length. The unknown message length is
therefore can be obtained by comparing the values of S for the
stego-image and the estimated cover-image. This kind of ste-
ganalysis has been successfully developed to detect the length
of the secret bits embedded by the F5 and the OutGuess algo-
rithms. We refer to the method used to break the F5 as the S1
attack, and OutGuess, the S2 attack, in the rest of this paper.
We also briefly use the S family attack to represent both attacks
together.
In this paper, we propose a secure and high-capacity JPEG
steganography. Instead of flipping the LSBs of the DCT co-
efficients, the secret bits are embedded in the cover-image by
subtracting one from or adding one to the non-zero DCT coeffi-
cients. Therefore, the proposed steganographic method cannot
be detected by both the chi-square and the extended chi-square
attacks. Moreover, a complementary strategy is also included
in the proposed method to defend the S1 and S2 attacks.
To completely describe the proposed steganographic tech-
nique, the rest of this paper is organized as follows. In Section
2, the JPEG compression technique is briefly reviewed. The
proposed embedding and extraction processes are described
in Section 3. Several experimental results are demonstrated
in Section 4 to show the effectiveness of the proposed JPEG
steganography. Section 5 justifies the significance that the pro-
posed method can resist both S1 and S2 attacks. Section 6 con-
cludes this work.
2. Review of JPEG compression
Because the proposed steganographic method is a JPEG-
based steganography, we briefly describe the JPEG compression
technique in this section.
Original Entropy Compressed
FDCT Quantization code
image encoding
Fig. 1. The block diagram of the JPEG compression process.
 C.-L. Liu, S.-R. Liao / Pattern Recognition 41 (2008) 2945 – 2955
Compressed Entropy
Dequantization
code decoding
Fig. 2. The block diagram of the JPEG decompression process.
JPEG is an international standard for continuous-tone still
image compression which has been approved by International
Standard Organization (ISO) under the denomination of Inter-
national Standard-10918 (IS-10918) [33]. The JPEG compres-
sion is based on the DCT and allows substantial compression to
be achieved while producing a reconstructed image with high
visual fidelity.
Fig. 1 shows the JPEG encoding process which comprises
three major steps: forward DCT (FDCT), quantization, and en-
tropy encoding. The input image is first divided into 8 × 8
non-overlapping blocks, and each block is transformed by the
FDCT into a set of 64 DCT coefficients. These coefficients are
then quantized using a quantization table with 64 entries. The
quantized results are all integers and defined as the division of
each DCT coefficient by its corresponding quantization value,
and rounding to the nearest integer.
The quantization step is lossy because of the rounding error.
The quantized coefficients are then passed to the entropy en-
coding step to form the compressed code. One of two tables
must be provided in this step according to different entropy
coding schemes. If Huffman encoding is used, a Huffman table
must be provided. If arithmetic encoding is used, an arithmetic
coding conditioning table must be provided. It should be noted
that the entropy encoding step is lossless.
The JPEG decoding process is shown in Fig. 2, and also
comprises three major steps: entropy decoding, dequantization,
and inverse DCT (IDCT). Each step in decoding process per-
forms essentially the inverse of its corresponding step in en-
coding procedure. The entropy decoding step decodes the com-
pressed code to the quantized DCT coefficients. The dequanti-
zation step then converts each quantized DCT coefficient to its
approximate value by multiplying with its quantization value.
DCT is then used to convert the dequantized coefficients to
their spatial value.
As mentioned above, the entropy encoding step in the JPEG
encoding process is lossless. It means that if the secret bits are
embedded in the quantized DCT coefficients, they will not be
destroyed by the follow-up encoding steps. Most of the JPEG
steganographic methods (such as J-Steg, F5, OutGuess, etc.)
adopt this strategy. In the next section, we propose a stegano-
graphic method which also uses the quantized DCT coefficients
to embed the secret bits.
3. The proposed JPEG steganography
In this section, a secure and high-capacity JPEG steganogra-
phy is proposed. As mentioned previously, the S family attack
obtains the approximate cover-image to break the F5 and Out-
Guess schemes. To counter the detection of such attack, the
proposed JPEG steganographic method adopts a complemen-
2947
Reconstructed
IDCT image
tary strategy to reduce the loss of statistical property of the
cover-image. This purpose is achieved by dividing the quan-
tized DCT coefficients and the secret bits into two parts ac-
cording to a predefined partition ratio. The two parts of DCT
coefficients are used to embed the corresponding parts of se-
cret bits with different embedding algorithms. Specifically, the
secret bits are embedded by subtracting one from one part of
coefficients, and adding one to the other part of coefficients.
Specially, we call our proposed embedding algorithm the com-
plementary embedding. Moreover, because the proposed em-
bedding algorithm is not an LSB insertion one, the proposed
JPEG steganographic method can also resist the chi-square fam-
ily attack.
The proposed stegnographic method comprises an embed-
ding process and an extraction process. The details of the em-
bedding and extraction process are described in the following
subsections.
3.1. Embedding process
The proposed embedding process is integrated with JPEG
encoding process. Fig. 3 shows the block diagram of the em-
bedding process. The raw data of the cover-image is first trans-
formed by DCT. The DCT coefficients are then quantized and
rounded to the nearest integers. A stego-key, which provides
the major security of the embedding algorithm, is then used to
permute the DCT coefficients. The permuted coefficients are
then divided into two parts according to a predefined separa-
tion ratio which serves an important parameter to reduce the
loss of statistical property of the cover-image resulted from the
follow-up secret-bits embedding process.
On the other hand, the original message is encrypted to
form the secret bits by using a crypto-key. The secret bits are
also divided into two parts according to the same separation
ratio. Each part of secret bits is embedded in its correspond-
ing part of the permuted non-zero DCT coefficients by us-
ing the proposed complementary embedding algorithm. The
two parts of the modified coefficients are then combined, de-
permutated, and entropy encoded to generate a JPEG stego-
image. The details of the proposed embedding process are as
follows.
Step 1: Transform the raw data of the cover-image (e.g., the
luminance component) into DCT coefficients.
Step 2: Quantize the DCT coefficients, and round the quan-
tized coefficients to the nearest integers D.
Step 3: Use a stego-key K1 to permute the quantized coeffi-
cients. That is,
Q = PERMK1 (D), (1)
2948 C.-L. Liu, S.-R. Liao / Pattern Recognition 41 (2008) 2945 – 2955

Stego-key

Cover Coefficient Coefficient Coefficient

FDCT quantization permutation
image separation

Crypto-key
Cryptographic Secret-bits Secret-bits
encryption separation embedding
Original
message

JPEG Entropy Coefficient Coefficient

stego-image encoding de-permutation combination

Fig. 3. The block diagram of the proposed embedding process.

where PERM(·) is a key-dependent permutation Table 1

function, and Q denotes the permuted coefficient The proposed E1 embedding algorithm
sequence.
Algorithm: E1 embedding
Step 4: Divide Q into two parts, Q1 and Q2 , according to a
Input:
predefined separation ratio .
B: the bit sequence to be embedded
Step 5: Use a crypto-key K2 to encrypt the original message C: a coefficient sequence
O, and obtain the secret-bit sequence S. That is, : adjustment parameter
Output:
S = ENCK2 (O), (2) C  : the modified version of C
Begin /* E1 embedding */
where ENC(·) is a cryptographic encryption function. for i = 1 to length(B)
Step 6: Divide S into two parts, S1 and S2 , according to the if C(i) > 0 and odd(C(i)) = 1 /* C(i) is odd */
if B(i) = 0 and C(i) − 1 = 0
separation ratio . C  (i) = C(i) − 2
Step 7: Let L1 denote the length of S1 , concatenate L1 and elseif B(i) = 0 and C(i) − 1  = 0
S1 to form the secret message M1 . That is, C  (i) = C(i) − 1
elseif B(i) = 1
M1 = L1 S1 , (3) C  (i) = C(i)
endif
elseif C(i) > 0 and odd(C(i)) = 0 /* C(i) is even */
where “” denotes the concatenation operation. if B(i) = 1
Step 8: Let L2 denote the length of S2 , concatenate L2 and C  (i) = C(i) − 1
S2 to form the secret message M2 . That is, elseif B(i) = 0
C  (i) = C(i)
endif
M2 = L2 S2 . (4)
elseif C(i) < 0 and odd(C(i)) = 1
if B(i) = 1
Step 9: Embed M1 into the non-zero coefficients of Q1 ac- C  (i) = C(i) − 1
cording to the proposed E1 embedding algorithm elseif B(i) = 0
given in Table 1. Note that, a secret parameter  C  (i) = C(i)
endif
is also used in the embedding algorithm to make it
elseif C(i) < 0 and odd(C(i)) = 0
more difficult for a statistical attack to obtain the if B(i) = 0
original statistical property of the cover-image from C  (i) = C(i) − 1
a stego-image. elseif C(i) = 1
Step 10: Embed M2 into the non-zero coefficients ofQ2 ac- C  (i) = C(i)
endif
cording to the proposed embedding E2 algorithm
endif
given in Table 2. endfor
Step 11: Combine the modified Q1 and Q2 to form a single for i = 1 to ∗ length(B)
coefficient sequence Q . if C  (i) = −2
Step 12: Use the stego-key K1 to de-permute the coefficient C  (i) = 1
sequence Q . That is, endif
endfor
end /* E1 embedding */
D  = DEPERMK1 (Q ), (5)
 C.-L. Liu, S.-R. Liao / Pattern Recognition 41 (2008) 2945 – 2955 2949

where DEPERM(·) is a key-dependent de-permutation It should be noted that, in most cases, we do not use all
function, and D  denotes the de-permuted DCT co- the coefficients of Q1 and Q2 to embed S1 and S2 . There-
efficients. fore, in Steps 7 and 8, L1 and L2 are embedded prior to the
Step 13: Compress the D  using entropy encoding to obtain embedding of S1 and S2 so that they can be extracted first to
the JPEG stego-image. inform the extraction algorithm to extract the exact size of S1
and S2 .
Table 2
The proposed E2 embedding algorithm
3.2. Extraction process
Algorithm: E2 embedding

Input: The stego-key, crypto-key, and separation ratio used in the

B: the bit sequence to be embedded embedding process should be shared by both the sender and re-
C: a coefficient sequence
ceiver so that the embedded message can be exactly extracted
Output:
C  : the modified version of C and decrypted by a legal receiver. Fig. 4 shows the block dia-
gram of the proposed extraction process.
Begin /* E2 embedding */
The extraction process is also integrated with the JPEG
for i = 1 to length(B)
if C(i) > 0 and odd(C(i)) = 1 /* C(i) is odd */ decoding process, and is much simpler than the embedding
if B(i) = 1 process. The JPEG stego-image is first entropy decoded to
C  (i) = C(i) + 1 recover the quantized DCT coefficients. The shared stego-key
elseif B(i) = 0 is used to permute these coefficients which are then separated
C  (i) = C(i)
into two parts according to the shared separation ratio. Two
endif
elseif C(i) > 0 and odd(C(i)) = 0 /* C(i) is even */ parts of secret bits are extracted from their corresponding
if B(i) = 0 parts of coefficients respectively, and then combined into a
C  (i) = C(i) + 1 secret-bit sequence. Finally, the shared crypto-key are used to
elseif B(i) = 1 decrypt the secret-bit sequence to recover the original mes-
C  (i) = C(i)
sage. The details of the proposed extraction process are as
endif
elseif C(i) < 0 and odd(C(i)) = 1 follows.
if B(i) = 0 and C(i) + 1 = 0
C  (i) = C(i) + 2 Step 1: Entropy-decode the stego-image to recover the quan-
elseif B(i) = 0 and C(i) + 1  = 0
C  (i) = C(i) + 1
tized DCT coefficients D.
elseif B(i) = 1 Step 2: Use the shared stego-key K1 to permute D. That is,
C  (i) = C(i)
endif Q = PERMK1 (D), (6)
elseif C(i) < 0 and odd(C(i)) = 0
ifB(i) = 1 where PERM(·) is a key-dependent permutation
C  (i) = C(i) + 1 function, and Q denotes the permuted coefficient
elseif B(i) = 0 sequence.
C  (i) = C(i) Step 3: Divide Q into two parts, Q1 and Q2 , according to a
endif
endif
shared separation ratio .
endfor Step 4: Let l denote the bit length of L1 and L2 . For i = 1 to
end /* E2 embedding */ l, extract the ith bit of L1 from ith coefficient of Q1

JPEG Entropy Coefficient Coefficient

stego-image decoding permutation separation

Crypto-key Stego-key

Original Cryptographic Secret-bits Secret-bits

message decryption combination extraction

Fig. 4. The block diagram of the proposed extraction process.

2950 C.-L. Liu, S.-R. Liao / Pattern Recognition 41 (2008) 2945 – 2955

according to the following equation: 4. Experimental results

⎧ 
⎪ Q1 (i) > 0 and odd (Q1 (i)) = 0, Several experiments have been done to examine the per-
⎨ 0 if
L1 (i) =  Q1 (i) < 0 and odd (Q1 (i)) = 1, (7) formance of the proposed embedding method. Many standard
⎪
⎩ 1 if Q1 (i) > 0 and odd (Q1 (i)) = 1, 512 × 512 gray images with different textural properties were
Q1 (i) < 0 and odd (Q1 (i)) = 0, taken as the cover-images shown in Fig. 5. Our experiments
are described in two major parts: capacity test and security test.
where odd(x) determines the property of x. If x is
The security test is further divided into three parts. They are im-
odd, odd(x) returns the value 1, otherwise 0.
perceptibility test, the chi-square-family-attack resistance test,
Step 5: For i = 1 to L1 , extract the ith bit of the secret-bit
and the S-family-attack resistance test.
sequence S1 from (l+i)th coefficient of Q1 according
to the following equation:
4.1. Capacity test
⎧ 
⎪ 0 if Q1 (k) > 0 and odd (Q1 (k)) = 0,
⎨ Several standard 512 × 512 gray images with different textu-
S1 (i) =  Q1 (k) < 0 and odd (Q1 (k)) = 1, (8)
⎪
⎩ 1 if Q1 (k) > 0 and odd (Q1 (k)) = 1,
ral properties were taken as the cover-images shown in Fig. 5.
Q1 (k) < 0 and odd (Q1 (k)) = 0, The capacities of the cover-images were evaluated by the pro-
posed embedding algorithm. The experimental results are given
where k = l + i. in Table 3. The separation ratio  and the adjustment parame-
Step 6: For i = 1 to l, extract the ith bit of L2 from ith coef- ter  used in each embedding process were chosen carefully to
ficient of Q2 according to the following equation: resist the S family attack. It should be noted that both param-
⎧  eters  and  are independent of the embedding capacity. The
⎪ Q2 (i) > 0 and odd (Q2 (i)) = 1,
⎨ 0 if details of choosing a proper separation ratio and an adjustment
L2 (i) =  Q2 (i) < 0 and odd (Q2 (i)) = 0, (9) parameter will be further described in Section 4.4.
⎪
⎩ 1 if Q2 (i) > 0 and odd (Q2 (i)) = 0, To show the superiority of the proposed method over the
Q2 (i) < 0 and odd (Q2 (i)) = 1. other steganographic methods, we also used the math tool MAT-
LAB [34] to simulate J-Steg, F5, and OutGuess algorithms,
Step 7: For i = 1 to L2 , extract the ith bit of the secret-bit
sequence S2 from (l +i)th coefficient of Q2 according
to the following equation:
⎧  Table 3
⎪ 0 if Q2 (k) > 0 and odd (Q2 (k)) = 1,
⎨ Comparison of capacity (in bits) for various embedding algorithms
S2 (i) =  Q2 (k) < 0 and odd (Q2 (k)) = 0, (10)
⎪
⎩ 1 if Q2 (k) > 0 and odd (Q2 (k)) = 0,
Test image Embedding algorithm
Q2 (k) < 0 and odd (Q2 (k)) = 1, The proposed J-Steg F5 OutGuess

where k = l + i. Barb 59 229 45 363 45 513 22 699

Step 8: Combine S1 and S2 to form a single secret-bit se- Boat 50 042 38 374 38 506 19 105
F16 46 079 35 373 35 295 17 721
quence S. Goldhill 60 890 45 196 45 505 22 639
Step 9: Use a shared crypto-key K2 to decrypt S, and obtain Lena 44 131 32 998 33 026 16 375
the original message O. That is, Mandrill 98 989 75 751 75 837 37 867
Peppers 46 346 34 295 34 074 17 016
O = DECK2 (S), (11) Tank 61 220 44 417 44 329 22 195
Tiffany 43 300 31 674 31 516 15 729
Zelda 37 086 27 557 27 630 13 724
where DEC(·) is a cryptographic decryption function.

Fig. 5. The test images used in our experiments: (a) Barb, (b) Boat, (c) F16, (d) Goldhill, (e) Lena, (f) Mandrill, (g) Peppers, (h) Tank, (i) Tiffany, and (j) Zelda.
 C.-L. Liu, S.-R. Liao / Pattern Recognition 41 (2008) 2945 – 2955 2951

and evaluate the capacity performance for these steganographic Table 4

methods. Table 3 compares the capacity performance of The PSNR values (in dB) of the stego-images created by the proposed method
using various embedding rates
various steganographic methods. It is clear that the capacity
performance of the proposed method is superior to the other Test image Embedding rate
steganographic methods.
20% 40% 60% 80% 100%
To understand the superiority of the proposed method in
Table 3, we can take the J-Steg as the basis of comparison. The Boat 35.42 35.02 34.48 33.58 31.66
J-Steg embeds the secret bits in DCT coefficients (except 0s F16 36.70 36.34 35.81 34.90 33.02
Lena 36.46 36.11 35.69 34.91 33.13
and 1s). Therefore, the capacity of the J-Steg can be considered Peppers 35.33 35.09 34.73 34.06 32.57
as the number of DCT coefficients (except 0s and 1s). The Out- Tiffany 35.83 35.53 35.02 34.17 32.47
Guess also embeds the secret bits in DCT coefficients (except Zelda 38.26 38.03 37.67 36.94 35.32
0s and 1s). But to avoid the detection of the chi-square attack,
the OutGuess only uses a half of the workable coefficients to
embed secret bits. This is why the capacity of the OutGuess Table 5
is about a half of that of the J-Steg. Unlike the J-Steg and the Comparison of PSNR values (in dB) of the stego-images created by various
OutGuess, the F5 uses the non-zero DCT coefficients to embed embedding algorithms
the secret bits. Therefore, the capacity of the F5 is potentially Test image Embedding algorithm
larger than that of the J-Steg. But to effectively extract the em-
bedded secret, if the embedding result of the current coefficient The proposed J-Steg F5 OutGuess
is 0, the same secret bit should be embedded into the next co- Boat 34.53 35.67 36.23 35.47
efficient until non-zero result obtained. This is also known as F16 35.89 36.79 37.33 36.57
shrinkage effect. This is why the capacity of the F5 is only Lena 35.67 36.36 36.94 36.37
slightly larger than that of the J-Steg. The proposed method also Peppers 34.75 35.45 35.86 35.32
Tiffany 35.07 35.93 36.36 35.81
uses non-zero DCT coefficients to embed secret bits. Because
Zelda 37.64 38.31 38.82 38.22
the proposed method does not have the shrinkage problem, the
capacity of the proposed method is higher than that of the F5.

4.2. Imperceptibility test higher than 30 dB. It means that the proposed steganographic
method can provide good imperceptibility performance.
To test the imperceptibility performance, without loss of gen- To compare with the other steganographic methods, we em-
erality, we generated enough random bits with uniform distri- bedded the same amount of secret bits (the capacity of the Out-
bution to simulate the secret-bit sequence instead of using a Guess) in various cover-images using the J-Steg, the F5, the
specific encrypted plaintext. The secret bits were embedded in OutGuess, and the proposed method. Table 5 presents the com-
the cover-images with medium capacity (under 55 000 bits) us- parison of PSNR values of the stego-images created by various
ing different embedding rates. The separation ratio  used in steganographic methods. It is clear that although more compli-
each embedding process was chosen as 4:1. Let x and y denote cated embedding strategy is adopted in the proposed method,
the cover-image and the stego-image, respectively. The imper- the PSNR values of the stego-images created by the proposed
ceptibility is evaluated by the objective quality measurement method are only slightly lower than those created by the other
PSNR (peak signal to noise ratio) [35]: steganographic methods.
 
2552 4.3. Chi-square-family-attack resistance test
PSNR = 10 × log (dB), (12)
MSE
The chi-square family attack explores the problem of PoV to
where MSE represents the mean square error between the cover- detect the secret bits embedded in the LSB of the stego-image.
image x and the stego-image y: The detection of the chi-square attack is achieved by sequen-


512 
512 tially accumulating the similarity of PoVs. That is, if the secret
1 bits are embedded in the LSB of the stego-image, they could be
MSE = (xij − yij )2 . (13)
512 × 512 detected by the chi-square attack. Different from the chi-square
i=1 j =1
attack, the extended chi-square attack divides the stego-image
Table 4 presents the PSNR values of the stego-images cre- into blocks, and detects the secret bits by calculating the simi-
ated by the proposed method using various embedding rates. larity of PoVs in each block. If the chi-square attack is a global
In Table 4, the embedding rate is defined as method, the extended chi-square attack can be considered as a
actual embedding bits local method because it detects the secret bits in each block of
embedding rate = . (14) the stego-image independently.
embedding capacity
To avoid the detection of the chi-square and the extended chi-
It is clear that even the full capacities of the cover-images are square attacks, the proposed method does not adopt the LSB
used to embed the secret bits, the values of PSNRs are still replacement strategy. To show that the proposed steganographic
2952 C.-L. Liu, S.-R. Liao / Pattern Recognition 41 (2008) 2945 – 2955

chi-square attack S1 attack for the proposed method

100
100 original perfect
J-Steg's 80 Goldhill

detection of embedding rate

ours
probability of embedding

Lena
80
60 Mandrill
Zelda
60 40

40 20

20 0

-20
0
-40
0 20 40 60 80 100 10 20 30 40 50 60 70 80 90 100
size of sample (%) embedding rate

Fig. 6. The detection results of the chi-square attack to the stego-images Fig. 8. The detection results of S1 attack for the stego-images created by the
created by the J-Steg algorithm and the proposed steganographic method. proposed steganographic method.

extended chi-square attack

100 created by the proposed method have no responses to both the

original
J-Steg's chi-square and the extended chi-square attacks. It means that
ours the proposed method has excellent performance against the chi-
probability of embedding

80
60
40
20
0 steganographic methods. The proposed method adopts the
0 20 40 60
size of sample (%)
Fig. 7. The detection results of the extended chi-square attack to the
stego-images created by the J-Steg algorithm and the proposed steganographic
method.
method can resist both the chi-square and the extended chi-
square attacks, we used the math tool MATLAB to simulate
both attacks. We used the proposed method to create the stego-
image of “Lena” with half embedding capacity, and used the
chi-square and the extended chi-square attacks to detect the
stego-image. The same experiments were also performed on
the stego-image created by the J-Steg method.
Figs. 6 and 7 show the responses of the different stego-
images to the chi-square and the extended chi-square attacks,
respectively. In Fig. 6, it can be found that the chi-square attack
has successfully detected the existence of the embedded secret
bits in the first half of the DCT coefficients of the stego-image
created by the J-Steg method. In Fig. 7, the extended chi-square
attack has also successfully detected the existence of the secret
bits in the first half of blocks of the stego-image created by the
J-Steg method. It is clear that in both figures, the stego-images
square family attack.
4.4. S-family-attack resistance test
The S family attack detects the length of the embedded se-
cret bits by estimating the approximate cover-image. In such a
method, it has successfully broken the F5 and the OutGuess
complementary embedding strategy to reduce the loss of sta-
80 100 tistical property of the cover-image in spatial domain. The
proposed complementary embedding divides the secret bits
and the DCT coefficients into two parts, respectively, by a pre-
defined separation ratio , and embeds each part of secret bits
into the corresponding part of DCT coefficients by comple-
mentary embedding algorithms. In our experiments, we found
that the proposed method can confuse the S family attack by
using 31   51 together with an adjustment parameter . We
set  = 41 and  = 13 throughout the follow-up experiments if
no other values are explicitly assigned.
To show that the proposed steganographic method can resist
the S1 and the S2 attacks, we used the math tool MATLAB
to simulate both attacks. We also used the proposed method
to create the stego-images for several standard images with
different texture properties using various embedding capacities,
and then used the S1 and the S2 attacks to detect these stego-
images. Figs. 8 and 9 show the detection results, respectively.
For S1 attack, the same experiments were performed on the
stego-images created by the F5 algorithm. The detection results
are shown in Fig. 10. For S2 attack, the same experiments
were performed on the stego-images created by the OutGuess
algorithm. The detection results are shown in Fig. 11. Table
6 also provides the detection results of S1 and S2 attacks for
 C.-L. Liu, S.-R. Liao / Pattern Recognition 41 (2008) 2945 – 2955 2953

S2 attack for the proposed method Table 6

100 The detection results of S1 and S2 attacks for the stego-images created by
the proposed embedding algorithm using embedding rate 50% and various 
perfect
80 Goldhill
 (embedding rate: 50%) Detection algorithm
detection of embedding rate

Lena
60 Mandrill S1 attack (%) S2 attack (%)
Zelda
40 1
3.86 4.87
2
1
20 4 7.93 24.70
1
6 10.26 14.39
0
1
8 10.71 20.16
-20 1
11.67 27.67
10

-40

-60 the stego-images created by the proposed embedding algorithm

10 20 30 40 50 60 70 80 90 100 using embedding rate 50% and various values of .
embedding rate In Figs. 8–11, the dash lines represent the perfect detection
result. The closer the detection result to the dash line, the weaker
Fig. 9. The detection results of S2 attack for the stego-images created by the the resistance of the steganographic method to the S family
proposed steganographic method.
attack. In Fig. 10, the detection results of the stego-images
created by the F5 algorithm are very close to the dash line.
S1 attack for F5 algorithm
It means that the S1 attack has successfully broken the F5
120
algorithm. It is clear that in Fig. 8, for the proposed method,
perfect
100 Goldhill all the detection results are far beyond the dash line. It means
detection of embedding rate

Lena that the proposed method can survive the S1 attack.

80 Mandrill
Zelda
On the other hand, in Fig. 11, for the OutGuess algorithm,
the detection results of S2 attack are very close to the dash
60
line. It means that the S2 attack has successfully broken the
40 OutGuess algorithm. For the proposed method, in Fig. 9, all
the detection results are unstable and have clear distances from
20 the dash line. It implies that the proposed method can also
survive the S2 attack. Further explanation of why the proposed
0 steganographic method can resist both S1 and S2 attacks will
-20
be provided in Section 5.
10 20 30 40 50 60 70 80 90 100 The readers may notice that some of the detection of embed-
embedding rate ding rate is negative in Figs. 8–10. This phenomenon results
from the assumption of the S family attack. In brief, the S fam-
Fig. 10. The detection results of S1 attack for the stego-images created by ily attack uses a method to estimate the original image from
the F5 embedding algorithm. the stego-image and then uses an equation derived from the as-
sumptions of the estimated original image and the property of
S2 attack for OutGuess algorithm the stego-image to calculate the embedding rate. Because the
120
equation used to calculate the embedding rate is very image-
perfect dependent, it may have different results when detecting differ-
100
detection of embedding rate

Goldhill
Lena
ent stego-images. Moreover, it may have negative results when
Mandrill the assumptions of the estimated original image and the prop-
80 Zelda erty of the stego-image have bias. This is why there are some
negative results appeared in Fig. 10 when embedding small
60
amount secret bits in image “Goldhill.” Similarly, because the
proposed method adopts quite different approach to embed se-
40
cret bits, it also destroys the assumptions of the S family attack
and results in quite unstable detection results including nega-
20
tive values as shown in Figs. 8 and 9.
0
10 20 30 40 50 60 70 80 90 100 5. Discussions
embedding rate
The S1 and S2 attacks are good statistical attacks. Although
Fig. 11. The detection results of S2 attack for the stego-images created by they were originally designed for breaking F5 and OutGuess,
the OutGuess embedding algorithm. they can also be used to break the other JPEG steganographic
2954 C.-L. Liu, S.-R. Liao / Pattern Recognition 41 (2008) 2945 – 2955

Table 7 Table 8
The detection results of S1 attack for the stego-images created by the Out- The detection results of S2 attack for the stego-images created by the J-Steg
Guess algorithm using various embedding rates algorithm using various embedding rates

Embedding rate (%) Test image Embedding rate (%) Test image

Goldhill (%) Lena (%) Mandrill (%) Zelda (%) Goldhill (%) Lena (%) Mandrill (%) Zelda (%)

10 −19.91 −1.84 6.77 −9.48 10 4.42 10.49 11.13 17.58

20 −17.36 −4.78 1.29 −7.14 20 20.48 9.61 26.33 32.78
30 −16.71 −0.80 −1.75 −1.71 30 17.87 30.95 43.37 27.64
40 −22.08 −0.97 −6.39 −10.82 40 47.31 53.74 47.80 48.93
50 −20.87 −2.24 −7.08 −8.47 50 58.75 69.93 62.79 62.55
60 −17.11 −0.07 −4.62 −5.98 60 72.06 74.48 64.70 82.45
70 −21.66 −4.13 0.91 −6.22 70 84.67 84.27 74.35 88.92
80 −18.37 2.05 1.22 −5.87 80 83.90 90.53 79.91 86.78
90 −27.00 5.20 −8.87 −7.72 90 90.89 89.97 92.18 94.96
100 −21.15 1.01 −1.47 −8.73 100 97.15 107.17 101.91 111.96

Table 9
The detection results of S2 attack for the stego-images created by the F5
algorithm using various embedding rates
methods if the embedding strategy of any steganographic
method matches the detection strategy of S1 or S2. Embedding rate (%) Detection algorithm
In brief, the S1 attack uses a method to estimate the origi- Goldhill (%) Lena (%) Mandrill (%) Zelda (%)
nal image from the stego-image, and assumes that, after em-
bedding, the number of the 0 and the absolute-value-1 DCT 10 20.92 −30.68 −15.74 −54.53
20 8.05 −18.79 −23.07 −54.90
coefficients in the stego-images created by F5 will be changed 30 6.60 −43.01 1.24 −56.59
drastically. Based on this property, the S1 attack can measure 40 2.56 −7.51 −10.21 −58.32
the amount of the embedded secret bits using the relation be- 50 −0.11 −44.82 −15.23 −45.17
tween the stego-images and the estimated original image. Be- 60 20.36 −11.43 −1.27 −6.14
cause OutGuess preserves the property of the DCT coefficients 70 18.50 −58.72 4.82 −36.13
80 20.22 8.96 1.04 −48.2
of the stego-images, if we use S1 attack to detect the stego- 90 −5.08 −1.86 −10.62 −8.31
images created by the OutGuess algorithm, we will obtain in- 100 20.48 −0.17 19.05 −20.25
correct detection results as given in Table 7. Similarly, because
the proposed method uses the strategy of complementary em-
bedding to maintain the property of DCT coefficients, the S1 tection results are also unstable as shown in Fig. 9. This is why
attack cannot correctly detect the number of the embedded se- the proposed steganographic method can resist the S2 attack.
cret bits as shown in Fig. 8. This is why the proposed stegano-
graphic method can resist the S1 attack. 6. Conclusions
On the other hand, in brief, the S2 attack also uses a method
to estimate the original image from the stego-image. To detect In this paper, we have proposed a high-performance JPEG
an image, the S2 attack first embeds random bits in the stego- steganographic method. The proposed method adopts the com-
image using the same embedding algorithm. If the stego-image plementary embedding strategy to reduce the loss of statistical
is created by an LSB-based method, the embedding effect of the property of the stego-image in spatial domain. In such a man-
stego-image will be canceled out. Therefore, the re-embedded ner, the proposed steganographic method can resist the S fam-
image will be closer to the original image than the stego-image. ily attack. Moreover, the proposed method does not adopt the
The S2 attack then uses the relation among the estimated orig- LSB replacement strategy so that it can also avoid the detection
inal image, stego-image, and the re-embedded image to mea- of the chi-square family attack.
sure the amount of the embedded secret bits. For example, as To show the effectiveness of the proposed method, the chi-
introduced previously, the J-Steg is an LSB-based method. If square, extended chi-square, S1 and S2 attacks were simulated,
we use S2 attack to detect the stego-images created by J-Steg, and used to detect the stego-images created by the proposed
we will obtain stable detection results as given in Table 8. On method. The J-Steg, F5, and OutGuess steganographic algo-
the contrary, if a stego-image is not created by an LSB-based rithms were also simulated and used to create the stego-images
method, the re-embedding strategy adopted by the S2 attack in the same experimental conditions. Experimental results show
will fail and result in unstable detection results. For example, that the proposed steganographic method has the following ad-
if we use S2 attack to detect the stego-images created by the vantages:
F5 algorithm, we will obtain unstable detection results as given
in Table 9. Because the proposed steganographic method is not (1) The capacity provided by the proposed method is larger
an LSB-based method, if we use S2 attack to detect the stego- than those provided by J-Steg, F5, and OutGuess stegano-
images created by the proposed embedding algorithm, the de- graphic methods.
 C.-L. Liu, S.-R. Liao / Pattern Recognition 41 (2008) 2945 – 2955 2955

(2) The proposed method has excellent performance against
the chi-square family attack.
(3) The proposed method can successfully confuse the detec-
tion of the S family attack.
With the above-mentioned advantages, the proposed stegano-
graphic method is practical for the application of covert com-
munication.
References
[1] W. Stallings, Cryptography and Network Security: Principles and
Practice, third ed., Pearson Education, New Jersey, 2003.
[2] C.-C. Chang, C.-S. Chan, Y.-H. Fan, Image hiding scheme with modulus
function and dynamic programming strategy on partitioned pixels, Pattern
Recognition 39 (6) (2006) 1155–1167.
[3] S.-L. Li, K.-C. Leung, L.M. Cheng, C. -K, Chan, A novel image-hiding
scheme based on block difference, Pattern Recognition 39 (6) (2006)
1168–1176.
[4] H. Noda, M. Niimi, E. Kawaguchi, High-performance JPEG
steganography using quantization index modulation in DCT domain,
Pattern Recognition Lett. 27 (5) (2006) 455–461.
[5] Y.-H. Yu, C.-C. Chang, Y.-C. Hu, Hiding secret data in images via
predictive coding, Pattern Recognition 38 (5) (2005) 691–705.
[6] C.-C. Chang, H.-W. Tseng, A steganographic method for digital images
using side match, Pattern Recognition 25 (12) (2004) 1431–1437.
[7] M.-Y. Wu, Y.-K. Ho, J.-H. Lee, An iterative method of palette-
based image steganography, Pattern Recognition Lett. 25 (3) (2004)
301–309.
[8] C.-K. Chan, L.M. Cheng, Hiding data in images by simple LSB
substitution, Pattern Recognition 37 (3) (2004) 469–474.
[9] C.-C. Thien, J.-C. Lin, A simple and high-hiding capacity method for
hiding digit-by-digit data in images based on modulus function, Pattern
Recognition 36 (12) (2003) 2875–2881.
[10] D.-C. Wu, W.-H. Tsai, A steganographic method for images by pixel-
value differencing, Pattern Recognition Lett. 24 (9–10) (2003) 1613–
1626.
[11] D.-C. Lou, J.-L. Liu, Steganographic method for secure communications,
Comput. Secur. 21 (5) (2002) 449–460.
[12] J. Spaulding, H. Noda, M.N. Shirazi, E. Kawaguchi, BPCS steganography
using EZW lossy compressed images, Pattern Recognition Lett. 23 (13)
(2002) 1579–1587.
[13] J.J. Eggers, R. Bauml, B. Girod, A communications approach to image
steganography, in: Proceedings of SPIE: Security and Watermarking of
Multimedia Contents, vol. 4675, 2002, pp. 26–37.
[14] C.-C. Chang, T.-S. Chen, L.-Z. Chung, A steganographic method based
upon JPEG and quantization table modification, Inf. Sci. 141 (1–2)
(2002) 123–138.
[15] R.-Z. Wang, C.-F. Lin, J.-C. Lin, Image hiding by optimal LSB
substitution and genetic algorithm, Pattern Recognition 34 (3) (2001)
671–683.
[16] A. Westfeld, High capacity despite better steganalysis (F5—a
steganographic algorithm), in: Proceedings of the Fourth International
Workshop on Information Hiding, vol. 2137, 2001, pp. 289–302.
[17] N. Provos, Defending against statistical steganalysis, in: Proceedings of
the 10th USENIX Security Symposium, 2001, pp. 323–336.
[18] J-Steg http://www.ussrback.com/crypto/steanography/DOS/jsteg.txt.
[19] EzStego http://www.securityfocus.com/tools/586.
[20] F5 http://wwwrn.inf.tu-dresden.de/%7Ewestfeld/f5.html.
[21] Hide4PGP http://www.heinz-repp.onlinehome.de/Hide4PGP.htm.
[22] JP Hide&Seek ftp://ftp.gwdg.de/pub/linux/misc/ppdd/jphs_05.zip.
[23] S-Tools ftp://ftp.ntua.gr/pub/crypt/mirrors/idea.sec.dsi.unimi.it/code/s-
tools4.zip.
[24] Snow http://www.darkside.com.au/snow/index.html.
[25] I.J. Cox, M. Miller, J. Bloom, Digital Watermarking, Morgan Kaufmann,
San Francisco, 2002.
[26] J.-L. Liu, D.-C. Lou, M.-C. Chang, H.-K. Tso, A robust watermarking
scheme using self-reference image, Comput. Stand. Interfaces 28 (3)
(2006) 356–367.
[27] D.-C. Lou, J.-L. Liu, M.-C. Chang, Digital watermarking using
multiresolution wavelet transform, in: Proceedings of the IEEE 37th
Annual International Carnahan Conference on Security Technology,
2003, pp. 370–377.
[28] D.-C. Lou, J.-L. Liu, A robust watermarking scheme based on the just-
noticeable-distortion, J. Chung Cheng Inst. Technol. 31 (2) (2003) 11–
22.
[29] F.A.P. Petitcolas, R.J. Anderson, M.G. Kuhn, Information hiding—a
survey, Proc. IEEE 87 (7) (1999) 35–43.
[30] J. Seberry, J. Pieprzyk, CRYPTOGRAPHY: An Introduction to Computer
Security, Prentice-Hall, New York, 1989.
[31] A. Westfeld, A. Pfitzmann, Attacks on steganographic systems, in:
Proceedings of the Third International Workshop on Information Hiding,
2000, pp. 61–76.
[32] J. Fridrich, M. Goljan, D. Hogea, New methodology for breaking
steganographic techniques for JPEGs, in: Proceedings of SPIE: Security
and Watermarking of Multimedia Contents, vol. 5020, 2003, pp.
143–155.
[33] ISO/IEC, IS 10918, ITU-T, Rec. T.81, Information technology—digital
compression and coding of continuous-tone still images, part 1:
requirements and guidelines, 1992.
[34] The MathWorks http://www.mathworks.com/index.shtml.
[35] A.K. Jain, Fundamentals of Digital Image Processing, Prentice-Hall,
New Jersey, 1989.

About the Author—CHIANG-LUNG LIU received his Ph.D. degree in Electronic Engineering from Chung Cheng Institute of Technology (CCIT), National
Defense University, Taiwan, ROC, in 2002. Since 2003, he has been with the Department of Electrical Engineering at CCIT, where he is currently an Associate
Professor in the Department of Electrical and Electronic Engineering. His research interests include information security, information hiding, multimedia
security, and image processing.

About the Author—SHIANG-RONG LIAO received his M.S. degree in Electronic Engineering from Chung Cheng Institute of Technology, National Defense
University, Taiwan, ROC, in 2006. His research interests include information hiding and image processing.