Professional Documents
Culture Documents
BY
NWOBA MECY IJEMDIMMA
EBSU/2018/92330
IN
CERTIFICATION
This is to certify that this seminar titled “Information Hiding Using Steganography” was
carried out by Nwoba Mercy Ijemdimma with registration number EBSU/2018/92330
under my supervision in the Department of Computer Science, Faculty of Science,
Ebonyi State University, Abakaliki.
_______________ ________________
Mr. Nweso Nwogbaga Dr. Ugah John
Seminar Supervisor HOD, Computer Science
iii
APPROVAL
This seminar titled “Information Hiding Technique Using Steganography” has been
assessed and approved by the Department of Computer Science, Faculty of Science.
________________ ________________
Mr. Nweso Nwogbaga Dr. Ugah John
Seminar Supervisor HOD, Computer Science
iv
DEDICATION
This seminar titled “information hiding techniques using steganography” is dedicated to
Almighty God who is the author and finisher of our faith, for his love, guidance and
strength to be able to write and complete this seminar successfully. This is a testimony to
his faithfulness.
v
ACKNOWLEDGEMENT
My sincere gratitude goes to Almighty God for his indefinite mercy from my first year in
school to this level. I also thank him for his love, wisdom, knowledge and understanding,
and also for the strength to be able to write this seminar report.
My gratitude also goes to my seminar supervisor Mr. Nweso N. for his academic
guidance and supervision. I appreciate him for giving me corrections and making me
understand the steps to writing a good seminar report.
I will also like to appreciate my course advisor Dr. Agwu Emeka for academic advice
and guidance during the time I was writing this seminar report.
My gratitude also goes to Dr. Agwu Emeka, Dr. Emenwu M. O., Dr. Igwe Joseph, Dr.
Ogbu H., Mr. Iteshi A., Dr. Ikporo S., Dr. Ugwu G., Dr. Igboji K., Dr. Ituma C., Engr.
Eke, Mr. Jeremiah C., Dr. Ajah I., Mr. Nweso N., Dr. Onu F. U. and all the lecturers in
computer science department for their effort in one way or the other to ensure the success
of this seminar.
Finally, I will like to thank my parents, siblings, friends, course mates, mentors and well
wishers for their assistance towards my efforts in my academics. May the Almighty God
in his infinite mercy bless you all.
vi
ABSTRACT
Steganography implements an encryption technique in which communication takes place
by hiding information. A hidden message is the combination of a secret message with the
carrier message. This technique can be used to hide the message in an image, a video file,
an audio file or in a file system. There are large variety of steganography techniques that
will be used for hiding secret information in images. The final output image is called a
stego-image which consists of a secret message or information. Imperceptibility, payload,
and robustness are three most important parameters for audio steganography. For a more
secure approach, encryption can be used, which will encrypt the secret message using a
secret key and then sent to the receiver. The receiver after receiving the message then
decrypts the secret message to obtain the original one. In this paper, compared
steganography with cryptography, which is an encrypting technique and explained how
steganography provides better security in terms of hiding the secret message, various
techniques used in steganography and various types were also discussed.
vii
TABLE OF CONTENT
Cover Page
Title Page i
Certification ii
Dedication iv
Acknowledgement v
Abstract vi
List of Figures ix
1.1 Overview 1
1.3 Objectives 2
4.1 Conclusion 14
References 15
ix
LIST OF FIGURES
1. Encryption 5
2. Steganography model 7
3. Types of Steganography 9
1
SECTION ONE
INTRODUCTION
1.1 Overview
As the advancement of the internet increased, it has become an important factor in
information technology and plays a vital role in communication. The security of
information is becoming a bigger concern. Cryptography is the technique which secures
the communication. There are various methods developed for encrypting and decrypting
the information, which secures the message. Due to the increase of the technology,
sometimes cryptography is not enough for keeping the information as secret. It also
important to retain the existence of the information secret. Steganography is the
technique which is used to implement it. It is achieved by hiding the information inside
other information, thus the existence of communicated message is hidden. This chapter
provides the information about how steganography is different from cryptography and
also how the steganography process is performed.
During the Second World War, Germans developed the Microdot technique. Using that
technique, they have decreased the size of the information such as photographs to the
typed period size. It is very difficult to detect, as the cover message is sent over a channel
which contains the hidden message on one period of the paper. In today’s world
steganography is most commonly used on computers with networks as the delivery
channels and digital data as the carriers.
Steganography is different from the cryptography because cryptography focuses on
keeping information secret whereas steganography focuses on making the existence of
the information secret. Though both ways are used to protect the data/information from
outsiders, the technology is not perfect and can compromised. Once it is suspected or
revealed that the hidden information exists, the steganography purpose is defeated partly.
Steganography can be 10 strengthened by combining it with the cryptography. It is
known that watermarking is a method used for hiding the trademark information in
software, images and music. It is not considered as original form of steganography.
In steganography the message is hidden in the image, but watermarking will add
something on top of the image for example a word “Confidential”, which will become
part of the picture. There is a misconception that steganography is related or similar to
encryption, but in real they are different. Encryption is a technology which converts the
message from a readable to an unreadable format for protecting the sensitive data.
Whereas, in steganography the information is hidden from the plain view and it is not
mandatory to be encrypted.
The main drawback or disadvantage of the encryption is that the information is encrypted
and sent over a channel and if someone captures an email or the data stream, then it raises
suspicion that the data is encrypted when they see it. The person who monitors the
network traffic will investigate why this is encrypted and will be using various tools for
2
figuring out the encrypted message. In short, it can be said that encryption will provide
confidentiality not secrecy.
1.2 Problem Statement
The internet is considered the most powerful tool of information and communication
technology. However, one of the biggest challenge faced by information users is how to
hide information from the unauthorized users. The purpose of this study is to know how
steganography, an information hiding techniques can help IT user to solve the problems
of security in data/information communication.
1.3 Objective
The objectives are to:
1. Know how the exchange of information can be secured by hiding the existence of
secret information using Steganography.
2. Discuss various techniques that are used in steganography.
3.Compare the Pros and Cons of using Steganography over the other data security
mechanisms.
3
SECTION TWO
LITERATURE REVIEW
2.1 Concept of Information Security
Information security, sometimes shortened to info Sec, is the practice of protecting
information by mitigating information risks. It is part of information risk management. It
typically involves preventing or reducing the probability of unauthorized or inappropriate
access to data, or the unlawful use, disclosure, disruption, deletion, corruption,
modification, inspection, recording, or devaluation of information. It also involves actions
intended to reduce the adverse impacts of such incidents. Protected information may take
any form e.g. electronic or physical, tangible (e.g. paperwork) or intangible
(e.g. knowledge). Information security's primary focus is the balanced protection of
the confidentiality, integrity, and availability of data (also known as the CIA triad) while
maintaining a focus on efficient policy implementation, all without hampering
organization productivity.[6]
This is largely achieved through a structured risk management process that involves:
identifying information and related assets, plus potential threats, vulnerabilities, and
impacts;
evaluating the risks
deciding how to address or treat the risks i.e. to avoid, mitigate, share or accept them
where risk mitigation is required, selecting or designing appropriate security controls
and implementing them
monitoring the activities, making adjustments as necessary to address any issues,
changes and improvement opportunities[7]
To standardize this discipline, academics and professionals collaborate to offer guidance,
policies, and industry standards on password, antivirus software, firewall, encryption
software, legal liability, security awareness and training, and so forth.
[8]
This standardization may be further driven by a wide variety of laws and regulations
that affect how data is accessed, processed, stored, transferred and destroyed. [9] However,
the implementation of any standards and guidance within an entity may have limited
effect if a culture of continual improvement isn't adopted.[10]
Early steganograp
1. History of Information Hiding
Early steganograp
2.2 History of Information Hiding
The idea of communicating secretly is as old as communication itself. In this section, we
briefly discuss the historical development of information hiding techniques such as
steganography/ watermarking.
Early steganography was messy. Before phones,
before mail, before horses, messages were sent on
foot. If you wanted to hide a message, you had two
choices: have the messenger memorize it, or hide it
on the messenger.
Early steganography was messy. Before phones,
before mail, before horses, messages were sent on
foot. If you wanted to hide a message, you had two
choices: have the messenger memorize it, or hide it
on the messenger.
Early steganography was messy. Before phones, before mail, before horses, messages
were sent on foot. If you wanted to hide a message, you had two choices: have the
messenger memorize it or hide it on the messenger.
While information hiding techniques have received a tremendous attention recently, its
application goes back to Greek times. According to Greek historian Herodotus, the
famous Greek tyrant Histiaeus, while in prison, used unusual method to send message to
his son-in-law. He shaved the head of a slave to tattoo a message on his scalp. Histiaeus
then waited until the hair grew back on slave’s head prior to sending him off to his son-
in-law.
The second story also came from Herodotus, which
5
Encryption:
In cryptography, encryption is the process of encoding information. This process
converts the original representation of the information, known as plaintext, into an
alternative form known as ciphertext. Ideally, only authorized parties can decipher a
ciphertext back to plaintext and access the original information. Encryption does not itself
prevent interference but denies the intelligible content to a would-be interceptor.
For technical reasons, an encryption scheme usually uses a pseudo-
random encryption key generated by an algorithm. It is possible to decrypt the message
without possessing the key but, for a well-designed encryption scheme, considerable
computational resources and skills are required. An authorized recipient can easily
decrypt the message with the key provided by the originator to recipients but not to
unauthorized users.
Historically, various forms of encryption have been used to aid in cryptography. Early
encryption techniques were often used in military messaging. Since then, new techniques
have emerged and become commonplace in all areas of modern computing. Modern
encryption schemes use the concepts of public-key and symmetric-key. Modern
encryption techniques ensure security because modern computers are inefficient at
cracking the encryption.
Fig.1: Encryption
7
CRYPTOGRAPHY
2. Integrity. The information cannot be altered in storage or transit between sender and
intended receiver without the alteration being detected.
4. Authentication. The sender and receiver can confirm each other's identity and the
origin/destination of the information.
8
SECTION THREE
DISCUSSION
3.1 INTRODUCTION TO STEGANOGRAPHY
The word “steganography” can be defined as “covered writing” or the technique
of hiding messages inside other messages. It is derived from a Greek word
“στεγαυω”. This idea of data hiding is not a novelty, it has been used for
centuries all across the world under different regimes - but to date it is still
unknown to most people - is a tool for hiding information so that it does not even
appear to exist. The practice dates back to ancient Greece, where messages were
etched into wooden tablets and then covered with wax or created by shaving a
messenger’s head and then tattooing a secrete message on it, letting his hair grow
back and then shaving it again after he arrived at the receiving party to reveal the
message.
Steganography is the art and science of embedding secret messages in a cover message in
such a way that no one, apart from the sender and intended recipient, suspects the
existence of the message
The diagram below depicts a basic steganographic model.
9
As the image depicts, both cover file(X) and secret message(M) are fed into
steganographic encoder as input. Steganographic Encoder function, f(X,M,K) embeds the
secret message into a cover file. Resulting Stego Object looks very similar to your cover
file, with no visible changes. This completes encoding. To retrieve the secret message,
Stego Object is fed into Steganographic Decoder.
3.1.1 Historical Background
The first use of steganography can be traced back to 440 BC when ancient Greece,
people wrote messages on wood and covered it with wax, that acted as a covering
medium
Romans used various forms of Invisible Inks, to decipher those hidden messages
light or heat were used
During World War II the Germans introduced microdots, which were complete
documents, pictures, and plans reduced in size to the size of a dot and were
attached to normal paperwork
Null Ciphers were also used to hide unencrypted secret messages in an innocent
looking normal message
Now, we have a lot of modern steganographic techniques and tools to make sure that
knows our data remains secret. Now you might be wondering if steganography is same as
cryptography. No, they are two different concepts and below are some of the main
differences between them.
10
Steganography Cryptography
So, in other words, steganography is more discreet than cryptography when we want to
send confidential information. The downside being, the hidden message is easier to
extract if the presence of secret is discovered. For the remainder of this steganography
tutorial, we will learn about different steganography techniques and tools.
1. Text Steganography
2. Image Steganography
3. Audio Steganography
4. Video Steganography
5. Protocol (Network) Steganography
11
Text Steganography is hiding information inside the text files. It involves things like
changing the format of existing text, changing words within a text, generating random
character sequences or using context-free grammars to generate readable texts. Various
techniques used to hide the data in the text are:
Hiding the data by taking the cover object as the image is known as image
steganography. In digital steganography, images are widely used cover source because
there are a huge number of bits present in the digital representation of an image. There are
a lot of ways to hide information inside an image. Common approaches include:
In audio steganography, the secret message is embedded into an audio signal which alters
the binary sequence of the corresponding audio file. Hiding secret messages in digital
12
sound is a much more difficult process when compared to others, such as Image
Steganography. Different methods of audio steganography include:
This method hides the data in WAV, AU, and even MP3 sound files.
In Video Steganography you can hide kind of data into digital video format. The
advantage of this type is a large amount of data can be hidden inside and the fact that it is
a moving stream of images and sounds. You can think of this as the combination of
Image Steganography and Audio Steganography. Two main classes of Video
Steganography include:
In today’s digitalized world, various software tools are available for Steganography, here
are some of the popular steganographic tools and their capabilities.
Well, these are few tools to perform steganography. There are many other different tools
with different capabilities. However, you will get the desired results from these tools.
tools such as email because sometimes a typical email account does not provide the
necessary security.
Encryption Equals Confidentiality: A lot of organizations are required to meet specific
confidentiality requirements and other associated regulations. Encrypting data means that
it can only be read by the recipient who has the key to opening the data.
3.6.2. Data Encryption Cons
Encryption Keys: Without a doubt, data encryption is a monumental task for an IT
specialist. The more data encryption keys there are the more difficult IT administrative
tasks for maintaining all of the keys can be. If you lose the key to the encryption, you
have lost the data associated with it.
Expense: Data encryption can prove to be quite costly because the systems that maintain
data encryption must have capacity and upgrades to perform such tasks. Without capable
systems, the reduction of systems operations can be significantly compromised.
Unrealistic Requirements: If an organization does not understand some of the restraints
imposed by data encryption technology, it is easy to set unrealistic standards and
requirement which could jeopardize data encryption security.
Compatibility: Data encryption technology can be tricky when you are layering it with
existing programs and applications. This can negatively impact routine operations within
the system.
SECTION FOUR
4.1 CONCLUSION
Most data-hiding systems take advantage of human perceptual weaknesses, but have
weaknesses of their own. For now, it seems that no system of data-hiding is totally
immune to attack.
However, steganography has its place in security. It in no way can replace cryptography
but, is intended to supplement it. Its application in watermarking and fingerprinting, for
use in detection of unauthorized, illegally copied material, is continually being realized
and developed.
REFERENCE
https://en.wikipedia.org/wiki/Encryption
https://www.techtarget.com/searchsecurity/definition/cryptography