STEGANOGRAPHY SYSTEM

1 | Steganograph y

INDEX

Contents
1.INTRODUCTION 1.1. PROJECT OVERVIEW 1.2 PROBLEM SPECIFICATION 1.3. ABOUT TECHNICAL ENVIRONMENT 1.2.1. SOFTWARE ENVIRONMENT 1.2.2. HARDWARE ENVIRONMENT 2. REQUIREMENT ELICITATION 2.1. PROBLEM ANALYSIS 2.2 USECASE REPRESENTATION OF REQUIREMENTS 2.3. SOFTWARE REQUIREMENT SPECEFICATION (SRS)

Page No

3.SYSTEM DESIGN 3.1. STRUCTURAL MODEL 3.2.BEHAVIORAL MODEL 4.FORM DESIGN 4.1. OUTPUT SCREENS

5. TESTING
2 | Steganograph y

5.1. INTRODUCTION 5.2. WHITE BOX TESTING 5.3 BLACK BOX TESTING 6. CONCLUSION 7. REFERENCES 8. APPENDIX 8.1. SAMPLE CODE

3 | Steganograph y

1. INTRODUCTION
A) ABOUT PROJECT
The system deals with security during transmission of data. Comm only Crypt ography. This system deals with implement ing security using Steg anography. In this the end user ident ifies an image, wh ich is going to act as the carrier of data. The data file is also selecte d and then the data file and image data is em bedded to ach ieve greater speed of transmiss ion file are com ress ed and sent. Prio r to this the p

used te chn ologies are

into the image and then sent.

The image if hacked or inte rprete d by a third p arty user will open up in any image previewe d but not displaying the data. This pro tects the data from being invisible and hence be secu re during transmission. The user in the receiving end uses another piece of code to retrieve the data from the image.

Module Description:
This project cont ains five modules. They are: U r Interface Module se Encryp tion and Decryp tion Module Uses Tiny Algorithm to Enc rypt the Passwords CRC Generation and Veri fica tion Module CRC Gene ration is done at the time of embedd ing. CRC Gene ration is done at the time of dee mbedd ing. Com ession and Decom ess ion Module pr pr Uses Gzip Algorithm Em eddi ng and Dee m eddi ng Module b b
4 | Steganograph y

Uses Steg anography Algorithm Com un ication Manager(Send Fil e) Module m Socket Commun ication is establishe d to send the data

B) PROBLEM SPECIFICATION

EXISTING SYSTEM:
In todays dynamic and information rich env ironm ent, information syste ms have bec ome vital for any or ganization to survive. With the inc rease in the depen dence of the or ganization on the information system the re exists an , opp or tunity for the com pet itive or ganizations and disruptive for ces to gain acc ess to other or ganizations information system . This hostile env ironm ent makes information system security iss ues critical to an organization. Cu rrent s information security lite rature eithe r focu ses on comprises of the technical lite rature un reliable the information types by it describing the information security attacks taking place in the worl d or describing threats and the poss ible security syste ms. In order to secure the transmission of data, Cryptography has to be implemented. Cryptography is the science of devising methods that allow information to be sent in a secure form in such a way that the only person able to retrieve this information is intended recipient.

of security

The basic princ iple is this: A message being sent is known as plainte xt. The m ssa ge is then e coded using a Crypt ograph ic Algorithm . This process is called Enc rypt ion, an Enc rypted messa ge is known as Cipher Text, and is turned back into plainte xt by the proce ss of dec rypt ion. Enc rypt ion can be done using In
5 | Steganograph y

Symm etric key

or

Asymm etric both to

Algorithm s. enc rypt

In and

Symm etric dec rypt the

algorithm s, only one message.

is used

Asymm etric Algorithm s, a key used to enc rypt a message is different from the key that is used to dec rypt the message. The re are several algorithm s present in the market for Crypt ography. inv olves private and publi c keys. Some of the com only used onc e m are IDEA and RSA that inv olves Asymm etric or Symm etric meth ods and also

6 | Steganograph y

PROPOSED SYSTEM:
The algorithm s present in the existing system was som ewh at complicate d. In Crypt ography, the meaning of data has been ch anged. So, it makes inte nt ion to the hacker to hack or not only ch ange the destro y the data. In data but our proposed hides the syste m, we implement a new te chn ology called Steg anography for Netw ork security. It meaning of also presence of data from the hackers.

STEGANOG RAPHY
Ste ga nograp hy is not actually a m eth od of enc rypt ing message s, but hiding them within someth ing else to enable them to pass un dete cte d. by hiding the Tr aditional ly this was achieved with invisible ink, microfilm or taking the first lette r f rom each wor d of a m ssa ge. This is now achieved e m ssa ge within an Image, Graph ics or Sound file. For instanc e in a 256 e GreyScale image, if the Least Significant Bit(LSB) of each byte is replaced with a bit from the message then the result will be indistinguishable to the hum an eye. An Eavesdropp er will not even realize a message is being sent. This is not Crypt ography hum an, a computer would be rep ro duce the ori ginal message. howeve r, able and although it would fool this ve ry a to detect quickly and

In the case of using this techn ique of hiding the data with an image file, the visibility of the image, resolut ion or clarity is not being affecte d. The hidd en data can be of length in size. To the Hacker, only the image is make going to be visible when previewe d and not a trace of the hidden data.

7 | Steganograph y

If the Image File is opened

across a text editor, then also the data is not

going to be visible as the information is stor ed in an Enc rypt ion form, wh ich is also binary. Hence making it difficult for the enc losure to different iate the data to the Image file. The word Steg anography literally means cove red writing as derived from Greek and inc ludes a vast arr ay of m eth ods of sec ret com un ications that m conc eal the ve ry existe nc e of the message. singing paeans of te chn ology THE `PERCEPTION MANAGERS' about its poss ible and the ir `p atriotic' paparazzi of the West seem to have shifted ge ars from to sowing suspicions misuse by the security of the Al Que ada, Tailbone and the ir ilk! The word `Steg anography' civili zed worl d. In June this year, USA

should he nc eforth be bandied about mor e for its siniste r implications on the To day rep or ted that the enc rypted blue prints of the next te rrorist attack on the U. S. and its allies may lie hidden beh ind the X-rate d pictures on several pornographic web site s and the posted com ents m on spor ts chat roo ms.

A snake makes itself invisible in a bed of grass by natural subterfuge. For all visible signs one sees just a stretch of grass but not the snake hiding beneath. The word Steganography literally means covered writing as derived from Greek. It includes a vast array of methods of secret communications that conceal the very existence of the message. Invisible inks, microdots, character arrangement, digital signatures, covert channels and spread-spectrum communications and other artifacts of day-to-day use in communications have thus been converted into potent tools of Steganography.

As with other simple and casual things, Inte rne t and the w eb have added to the provided messages file to hol d
8 | Steganograph y

might

of

such

simple for

procedu res. the

Bi ts

and such

bytes

have

a powe rful

medium

exc hange

masque raded

in an un limite d and anonym ous env ironm ent. Softw are like White

Noise Storm and S-Tool s, can use the `leas t significant' bits of any digitized

Covert information, without changing it in any m anner

perceptible to the

hum an sensor y or gans of sight or he aring as the case may be.

So far paranoid privacy adv ocates have touted Steg anography, albeit openly for com un ication without the m powe rs that be breathing down your shoulde rs. It has been qu ite com on to hide copyright m ssa ges behind m e

digitized files so that it may be used in civil dispute s. Softw are profess ionals found another tool in Steg anography apart from `Easter Eg gs' to rec or d the ir cont ributions to a softw are product, w hen they we re afraid that the ir employers might not give them title credits.

Pro tection
With Ste ganography `Stego provides means to detect w hether an em bedded Analysis' is the natural offshoo t. Stego Analysis and destroy steg anograph ic message s. Any image message exists or not. Howeve r, they sugge st that

can be manipu lated with the inte nt of destroying som hidden information e detect ion should precede destruct ion to target such hidden message s, wh ich are not just inn ocuous copyright or owne rship relate d info (known as `d igital watermarks '). Detect ion may also save was ted eff or t Steg anography and cryptography .

Steg anography algorithm into

is

different

from

crypt ography. The same To

Crypt ography algorithm

uses can be

enc rypt ion to ch ange the contents

of digitized files using som known e

someth ing totally different. way. It simp ly hides it.

used to restor e it to its ori ginal for m. Ste ganography does not alte r the message in any make detect ion almost imposs ible, enc rypted messages can be hidden using Ste ganography . Example: Dead drops

9 | Steganograph y

`Dead drop' is a Col d War-era slang left information. Cops and security

conn oting a place expe rts fee l that

whe re spies the Inte rne t

provides virtually limitless supply of `de ad dro ps'. Officials and expe rts say the m ssa ges scrambled using free enc rypt ion p rogram set up by e s groups that adv ocate privacy on the images dec rypted using a Inte rne t are hidden in an existing on selecte d web site s. The e-mails and images can only be

`p rivate key' or code, selecte d by the recipient. Thus you ve ry well could have a ph otograph and image with the tim and information of an att ack, e say on an Inte rnational airport, sitting on your compute r, and y ou would never know it! Unlike the good old `de ad dro p' the Inte rne t, is proving to be a m uch mor e secu re way to conduct clandestine warfare.

10 | Steganograph y

C) ABOUT TECHNICAL ENVIRONMENT

A) SOFTWARE REQUIREMENTS

Oper ating System

Windows NT/200 0 (Client /Server).

Soft w re re quire ments a

Front-end : Java JDK 1.6, Swings.

B) HARDWARE REQUIREMENTS

Hardwa re Require ments: Processor RAM Hard Disk Capacity

:

Pentium IV with 800 MHz Clock 256MB 20GB

Speed

: :

11 | Steganograph y

Net work Interface Card:

32-Bi t PCI Ethe rne t Card

2. REQUIREMENT ELICITATION A) PROBL EM ANALYSIS FEASIBILITY STUDY

Fact Finding Techniques

In this system we are going to develop a facility to a user that he will not face any difficulty at the time of usage like data missing, one way contacts, and one view contacts. As we are developing this system with an encoding technique of images the user will not be bothered on which camera support is using, as well in sound. As we are maintaining one technique of speed controlling the frame relay will not be a problem for the user like over speed display, hanged display.

Feasibility Study
A Feasibility Study is a high-level capsule version of the entire System analysis and Design Process. The study begins by classifying the problem definition. Feasibility is to determine if its worth doing. Once an acceptance problem definition has been generated, the analyst develops a logical model of the system. A search for alternatives is analyzed carefully. There are 3 parts in Feasibility Study.

Operational Feasibili ty:

Que stion that going to be asked are Will the system be u sed if it developed and implemente d. If the re managem ent was sufficient suppor t for the project from the and from the users.

12 | Steganograph y

H ave

the u sers been invol ved in plann ing and development of project. Will the system produce poor er result in any respect or area?

This system can be implemented in the organization because there is adequate support from management and users. Being developed in Java so that the necessary operations are carried out automatically.

Technical feasibility
Do es the nec essary techn ology exist to do wh at is bee n suggested? Do es the proposed equ ipm ent have the te chn ical capacity for using the new syste m? Are the re te chn ical gu arante es of accu racy, reliabili ty and data security? The project is developed on Pent ium IV with 25 6 MB RAM. The env ironm ent requ ired in the development of system is any windows platform The observer patte rn along with fact or y patte rn will update the results eventu ally The language used in the development is JAVA 1.6 & Windows Env ironm ent

Financial and Economical Feasibility:

The system developed and installed will be good benefit to the Organization. The system will be developed and operated in the existing hardware and software infrastructure. So there is no need of additional hardware and software for the system.

13 | Steganograph y

B) USECASE REPRESENTAT ION OF REQUIREMENTS

Use cas e Diagrams Sender:

Receiver:

Use cas e Description:

U e ca se s name

Enc rypt

Particip ati ng acto rs Fl ow of events Entry Condition Exit condition Quality Requireme nts

Sender The user-selecte d file will be enc rypted with a given key. User must select the file and mu st give the key for enc ryption. Succe ssful or Un succe ssful Enc rypt ion of file. Di splay proper erro r messa ges wh ile Enc ryption.

U e ca se s name Particip ati ng acto rs Fl ow of events Entry Condition Exit condition Quality Requireme nts

Decrypt Receiver The user-selecte d file will be dec rypted with a proper key. User must select the file and mu st give the key for decryption. Succe ssful or Un Succe ssful Decrypt ion of file. Di splay proper erro r messa ges wh ile Decryption.

U e ca se s name Particip ati ng acto rs Fl ow of events Entry Condition Exit condition Quality Requireme nts U e ca se s name Particip ati ng acto rs Fl ow of events Entry Condition Exit condition Quality Requireme nts

Embed Sender The user-selecte d enc rypted file will be embedd ing with selecte d Image file. User must select the one enc rypted file and one Image file for embedd ing. Succe ssful or Un Succe ssful Embedd ing process . Di splay proper erro r messa ges wh ile Embedd ing two files. De-Embed Receiver The user-selecte d Image file will be de-embedd ing to enc rypted file. User must select the Image file for de-embedd ing. Succe ssful or Un Succe ssful De-embedd ing of file. Di splay proper erro r messa ges wh ile De-embedd ing.

U e ca se s name Particip ati ng acto rs Fl ow of events Entry Condition Exit condition Quality Requireme nts

Send File Sender The user-selecte d file will be send to the given host. User must select the file to send and must know the IP add ress of the de stination host. Succe ssful or Un Succe ssful sending of file to the de stination host. Di splay proper erro r messa ges wh ile Sending the file.

C) SYST EM REQUIREMENT SPECIFICATION OPERAT ING ENVIRONMENT

FEATURES OF THE LANGUAGE USED About Java:
Initially the language was called as oak but it was renamed as Java in 1995. The primary motivation of this language was the need for a platform-independent (i.e., architecture neutral) language that could be used to create software to be embedded in various consumer electronic devices. Java is a programmers language. Java is cohesive and consistent. Except for those constraints imposed by the Internet environment, Java gives the programmer, full control. Finally, Java is to Internet Programming where C was to System Programming.

FEATURES OF JAVA Security

Every time you that you download a normal program, you are risking a viral infection. Prior to Java, most users did not download executable programs frequently, and those who did scanned them for viruses prior to execution. Most users still worried about the possibility of infecting their systems with a virus. In addition, another type of malicious program exists that must be guarded against. This type of program can gather private information, such as credit card numbers, bank account balances, and passwords. Java answers both of these concerns by providing a firewall between a Networked application and your computer. When you use a Java-compatible Web browser, you can safely download Java Applets without fear of Virus infection or malicious intent.

Portability
For pro gram to be s platforms connected dynamically down loaded to the Inte rne t, to all the m ans e various typ es of of gene rating

som e

portable e xecut able code is needed. that helps en sure security

As you will see, the sam m e ech anism

also he lps create portability. Indee d, Javas

solut ion to the se two problems is both elegant and efficient.

The Byte code

The key that allo ws the Java to solve the security and portability problem is that the out put of Java compiler is Byte code. Byte code is a highly optimized set of instruc tions designe d to execute for m the JVM is an inte rprete r for byte code. , by the Java Run-Ti me system, wh ich is called the Java Virtual Machine (JVM). That is, in its standard

Translating a Java program into byte code he lps makes it much easier to run a program in a wide variety of env ironm ent s. The reason is, once the run -time packa ge exists for a given system any Java program can run on it. ,

Although Java was designed for interpretation, there is technically nothing about Java that prevents on-the-fly compilation of byte code into native code. Sun has just completed its Just In Time (JIT) compiler for Byte code. When the JIT compiler is a part of JVM, it compiles Byte code into executable code in real time, on a piece-by-piece, demand basis. It is not possible to compile an entire Java program into executable code all at once, because Java performs various run-time checks that can be done only at run time. The JIT compiles code, as it is needed, during execution.

Java Virtual Machine (JVM)

Beyond the language, there is the Java Virtual Machine. The Java Virtual Machine is an important element of the Java technology. The Virtual Machine can be embedded within a web browser or an Operating System. Once a piece of Java code is loaded onto a machine, it is verified. As part of the loading process, a class loader is invoked and does byte code verification makes sure that the code thats has been generated by the compiler will not corrupt the machine that its loaded on. Byte code verification takes place at the end of the compilation process to make sure that is all accurate and correct. So byte code verification is integral to the compiling and executing of Java code.

Javac

JaJvaavabJyaVtvieratcuoadl e MSaocuh ricne

.Java

.Class

The above picture shows the development process a typical Java programming uses to produce byte codes and executes them. The first box indicates that the Java source code is located in a. Java file that is processed with a Java compiler called JAVA. The Java compiler produces a file called a .class file, which contains the byte code. The class file is then loaded across the network or loaded locally on your machine into the execution environment is the Java Virtual Machine, which interprets and executes the byte code.

Java Architecture
Java architecture provides a portable, robust, high performing environment for development. Java provides portability by compiling the byte codes for the Java Virtual Machine, which is then interpreted on each platform by the run-time environment. Java is a dynamic system, able to load code when needed from a machine in the same room or across the planet.

Compilation of Code
When you compile the code, the Java compiler creates machine code (called byte code) for a hypothetical machine called Java Virtual Machine (JVM). The JVM is supposed to execute the byte code. The JVM is created for overcoming the issue of portability. The code is written and compiled for one machine and interpreted on all machines. This machine is called Java Virtual Machine.

Compiling and interpreting Java Source Code:

PC Compiler

Java Inte rpreter (PC)

Source Co de .. .. Macinto sh Compiler Byte code Java Java Inte rpreter

SPARC Compiler

24 | Steganograph y

Java Inte rpreter

During run-time the Java interpreter tricks the byte code file into thinking that it is running on a Java Virtual Machine. In reality this could be an Intel Pentium Windows 95 or Suns ARC station running Solaris or Apple Macintosh running system and all could receive code from any computer through Internet and run the Applets.

Simple
Java was designe d to be eas y for the Profess ional program er m to learn

and to use effectively. If you ar e an experienc ed C++ program e r, learning m Java will be even easier. Because Java inhe rits the C/C++ synt ax and many of the Object Oriente d features of C+ . Most of the confusing concepts + from C++ are eithe r left out of Java or implemente d in a cleane r, mor e app roachable manne r. In Java, the re are a small num ber of clearly define d ways to acc omplish a given task.

Object-Oriented
Java was not designe d to be source -code compatible This allowe d the Java team with any othe r with a wh ile language. the freed om to design

blank slate . One outc ome of this was a clean usable, realistic app roach to objects. The object model in Java is simple and easy to exten d, simple typ es, such as inte gers, are kept as high -pe rfor mance non-objects.

Robust
The multi-platform env ironm ent of the Web places extraordinary reliably in a demands on a program bec ause the program m st execute , u priori ty in the design of Java. Java is strictly typed your code at
25 |Digital Steganograph y

variety of system s. The abili ty to create robu st program was given a high s language; it che cks

compile tim e

and run tim e.

Java virtually eliminate s the

problems of

memory managem ent

a nd de-allocation,

wh ich is complete ly aut omatic.

In a we ll- writte n Java program, all run tim error s can be, and should be e managed by your program.

JAVA INCL UDES A LIBRARY OF CLASSES AND INTERFACES:

The Java platform inc ludes an extensive class library so that programm ers can use already existing class es as it is, create subclasses to modify existing classes, or class es. Both classes (fields) m eth ods are fully implement inte rfaces to a ugment the and and inte rfaces cont ain or capabilities of data m be rs em constant, and must be

func tions (m eth ods), but the re are major In an inte rface, fields with

differenc es. In a class , fields may be eithe r variable implemente d. just constant s, and m eth ods ar e nam e, and the num ber prototypes

no implement ations. funct ion

The prototypes give the m eth od signature (the retu rn typ e, the of paramete rs w ith the but the program er must supply implement ations. m

type for each param ter), e

To use an interface, a programmer defines a class, declares that it implements the Interface, and then implements all the methods in that interface as part of the class. These methods are implemented in a way that is appropriate for the class in which the methods are being used. Interfaces let one add functionality to A class and give a great deal of flexibility in doing it. In other words interfaces provide Most of the advantages of multiple inheritance without its disadvantages. A packa ge is a collection of relate d Java classes and inte rfaces. The following list, though not complete , gives example of som Java packages and wh at e they cover.

26 |Digital Steganograph y

27 |Digital Steganograph y

java.lang-The basic classes. This p acka ge is so basic that it aut omatically is inc luded in any Java program It inc ludes classes dealing with num eric . , strings, objects , runt im , security ,and threads. e java.io-class es that manage reading data from input streams and

writing data to the out put streams. java.ut il-miscellane ous utility classes , inc ludi ng gene ric data structu res, bit sets , tim , date, the string manipu lation , rando m num e ber gene ration , system prope rties , notification and enum ration of data struc tures. e java.ne t-class es for netw or k support. java.awt -- classes that manage user inte rface com onents p such as

windows, dialog boxes , butt ons, chec kboxe s, lists , m us, scrollbars, and en text fields , the AWT stands for Abstract Window Too lkit. java.awt. image-classes for managing image data , inc ludi ng colo r models ,dropping colo r flitte ring ,sett ing pixel value s , and grabb ing snapshots. java.app let-the App let class , wh ich its docum ents and to its provides the abili ty to write app lets , an app let to docum ent and docum ent and to its

this package also inc ludes several inte rfaces that connect to rec ourses for playing audio.

java.sql-the JDBC API, class es and inte rfaces that access databases and send SQL Statement s. The f irst three packa ges liste d, java.lang the Foun dation, they purpose programm ing. Java development kit version1.1 added some new package s; with JDBC being one of The m .Other new packa ges inc lude such thing as Remote Method Inv ocation, Security And Java Beans, are basic classes , java.io and java.ut il for m and inte rfaces for gene ral

Swings
28 |Digital Steganograph y

Swing, which is an extension library to the AWT, includes new and improved components that enhance the look and functionality of GUIs. Swing can be used to build Standalone swing GUI Applications as well as Servlets and Applets. It employs model/view design architecture. Swing is more portable and more flexible than AWT. Sw ing is built on top of AWT and is ent irely writte n in Java, using AWTs lightwe ight com onent suppor t. In particular, unlike AWT, the arch itectu re of p Sw ing comp onents add makes it easy to customize both the ir app earance and to existing AWT-based programs. For example, used behavior. Comp onents from AWT and Sw ing can be mixed, allo wing you to Sw ing suppor t swing com onents p You could subclass such as JSlider, JButt on and JChe ckbox could be the existing Swing UI, model, or

in the sam program with standard AWT labels, te xtfields and scrollbars. e ch ange liste ne r classes without h aving to reinv ent the ent ire implement ation. Swing also has the abili ty to replace the se objects on-the -fly. 100% Java implementation of components Pluggable Look & Feel Lightweight components Uses MVC Architecture Model represents the data View as a visual representation of the data Controller takes input and translates it to changes in data Three parts Component set (subclasses of JComponent) Support classes Interfaces In Swing, classes that represent GUI components have names beginning with the letter J. Some examples are JButton, JLabel, and JSlider. Altogether there are more than 250 new classes and 75 interfaces in Swing twice as many as in AWT. Java Swing class hierarchy
29 |Digital Steganograph y

The class JComponent, descended directly from Container, is the root class for most of Swings user interface components.

Swing contains co m onents that youll use to build a GUI. I am listing you some of p the comm only used Sw ing co m onent s. To learn and un derstand these swing p pr ogr ams, AWT Programm ing knowledge is n t required. o

Applications and Applets

An application is a program that runs on our Computer under the operating system of that computer. It is more or less like one creating using C or C++. Javas ability to create Applets makes it important. An Applet is an application designed, to be transmitted over the Internet and executed by a Java compatible web browser. An Applet is actually a tiny Java program, dynamically downloaded across the network, just like an image. But the difference is, it is an intelligent program, not just a media file. It can react to the user input and dynamically change. BMP IMAGE FILE

Intro duction
BMP files are an historic (but still comm only used) file for mat for the historic (but still comm only used) ope rating system called "Windows". BMP images can range from black and wh ite (1 byte per pixe l) up to 24 bit colo r (16 .7 milli on colors). While the images can be com ressed, this is rarely used in p practice.

Structure
A BMP file consists of eithe r 3 or 4 parts as shown in the diagram on the right. The first part is a heade r, an information sect ion follo ws this, if the image is indexed colo r then the palette follo ws, and last of all is the pixel
30 |Digital Steganograph y

data. The position of the image data with respect to the start of the file is cont aine d in the heade r. Information such as the image width and he ight, the type of compress ion, the num ber of colors is cont aine d in the information he ader.

Information
The image info data that follo ws is 40 byt es in length, it is described in the struct given below. The fields of most inte rest be low are the image width and he ight, num ber the num ber of bits per pixel (should be 1, 4, 8 or 24 ), the to be 1 he re), and the compress ion type of plane s (assum ed

(assum ed to be 0 he re).

JPEG - Joint Photo grap hic Expert s Gro up:

This is the right format for those photo images which must be very small files, for example, for web sites or for email. The JPG file is wonderfully small, often compressed by 90%, or to only 1/10 of the size of the original data, which is very good when modems are involved. However, this fantastic compression efficiency comes with a high price. JPG uses lossy compression (lossy meaning "with losses"). Lossy means that some image quality is lost when the JPG data is compressed and saved, and this quality can never be recovered.

Most other file compression methods are lossless, which means "fully recoverable". Lossless compression always returns the original data, bit-for-bit identical without any question about differences (losses). We are used to saving data to a file, and getting it all back when we next open that file. Our Word and Excel documents, our Quicken data, any data at all, we cannot imagine NOT getting back exactly the original data. TIF, PNG, GIF, BMP and most other image file formats are lossless too. This integrity requirement does limit efficiency, limiting compression of photo image data to maybe only 10% to 40% reduction in practice (graphics can

31 |Digital Steganograph y

be smaller). But most compression methods have full lossless recoverability as the first requirement.

JPG files don't work that way. JPG is an exception. JPG compression is not lossless. JPG compression is lossy. Lossy means "with losses" to image quality. JPG compression has very high efficiency (relatively tiny files) because it is intentionally designed to be lossy, designed to give very small files without the requirement for full recoverability. JPG modifies the image pixel data (color values) to be more convenient for its compression method. Detail that doesn't compress well can be ignored (removed instead of retained). This allows amazing size reductions on the remainder, but when we open the file and expand the data to access it again, it is no longer the same data as before. This lost data is like lost purity or integrity. It can vary in degree, it can be fairly good, but it is always unrecoverable corruption of the data. This makes JPG be quite different from all the other usual file format choices. There are times and places this compromise is an advantage. Web pages and email files need to be very small, to be fast through the modem, and some uses may not need maximum quality. In some cases, we are willing to compromise quality for size, sacrificing for the better good. And this is the purpose of JPG.

There is no magic answer providing both high compression and high quality. We don't get something for nothing, and the small size has a cost in quality. Still, mild quality losses may sometimes be acceptable for less critical purposes. The sample JPG images on next page show the kind of problem to expect from excessive compression.

Even worse, more quality is lost every time the JPG file is compressed and saved again, so ever editing a JPG image is a questionable decision. You should instead just discard the old JPG file and start over from your archived lossless TIF master, and save that change as the new JPG copy you need.

DATA COMPRESS ION:

32 |Digital Steganograph y

Even with a ve ry fast transmiss ion media, the re is always a need to send data in a shor t amount of tim data compress ion reduce the num e ber that are not pu re text com ress data p loss less , loss y. ar e such as audio and video. the m eth od gene rally divided into two broad of bits used to cate gories sen d. Data compress ion bec om particularly important when we send data es

Los y Compre s ion: s s

If the dec om ress ed information p compression m eth od. transmission, if an image need not be an exact replica For does not have sharp Sending frame example, in of the

original information but someth ing ve ry close,

we can u se a loss y data video afte r term s discont inu ities, only the se

transfor mation to a mathematical express ion, most of the information is cont aine d in the first few terms. may allo w us to reproduce the process. with enough acc uracy. The se

m eth ods are called loss y compress ion m eth ods bec ause we will lose som e of the ori ginal data in the Several meth ods have bee n developed using lossy compress ion techn ique s. Joint Photographic Experts Group ( JPEG ) is used to c omp ress pictures and graph ics Motion Picture Expe rts Group ( MPEG ) is used to comp ress video.

Los less Compre s ion: s s

In loss less data compress ion the compress ing and decompressing algorithm s are usually the inv erse of each othe r. In other wor ds afte r decompressing, we will get exact data as the re whe re bef or e compress ing, without nothing is lost the follo wing of som of the techn iques used in loss less compress ion. e

Run length enco ding

When data cont ains replaced by a follo wed by the num ber

strings

of

repe ated symbols follo wed by the

the strings repe ated

can be symbol,

special

marker

of occu rrence.

GZIPInputStre am:
33 |Digital Steganograph y

Creates a new input stream with the specified bu ffer size.

Parameters:
In - the input stream Size - the input bu ffer size

Methods:
Read (): Reads unc om ressed data into an array of byte s. Blo cks p unt il en ough input is available for decompress ion. Param ete rs: Buf - the bu ffer into wh ich the data is read Off - the start offset of the data Len - the maximum num ber Returns:The actual num ber com ress ed input stream is p of bytes read

of byt es read, or -1 if the end of the

reache d

Close (): Closes the input stream.

CYCLE REDUNDANCY CHECK:

is modified by inv erting or swapp ing groups of byte s. Also, it will fail whe n you add or rem ove null bytes.Calculating a Cyc lic Redun dancy Check is a m uch mor e robu st error-checking algorithm . In this article I will sketch the mathe matical foun dations of the CRC calculation and describe two C++ implement ations--first the slow but simple one, then the mor e optimized one .

SDLC METHDOLOG IES

Erro r de tect ion is important whenever data gett ing the re is a non-zero chance of your corr upted. Whether it' s an Ethe rne t packet or a file un der the

34 |Digital Steganograph y

cont rol of your app lication, you can add a piece of redun dant information to validate it.

The simplest example is a parity bit. Many com pute rs use one parity bit per byte of mem or y. Eve ry time the othe rwise it clears byte it. gets writte n, the com puter the byte, the will counts the num ber ninth parity b it, com puter of non-zero bits in it. If the number is even, it sets the

When reading

counts the num ber

of non-zero bits in the byte, plus the parity bit. course, if two it.) bits are flipped --a much

If any of the nine bits is flipped, the sum will be odd and the com puter halt with a memory error . (Of rarer occ urrenc e--this system will not detect

For messages longer than one byte, you'd like to store mor e than one bit of redun dant information. You might, for instanc e, calculate a che cks um Just . add together detect all the bytes in the message and append (or stor e somewhe re else) the sum. Usually the sum is trunc ated to, say, 32 bits. This system will many typ es of corr uption with a reasonable probability. It will, howeve r, fail badly w hen the message This document play a vital role in the development of life cycle (SDLC) Any ch anges

as it describes the complete requ irem ent of the system It means for use . by developers and will be the basic during testing phas e. made to the requ irem ents change app roval process . in the futu re will have to go through formal

SPIRAL MODEL was define d by Barry Bo ehm in h is 198 8 article, A spiral Model of Softw are Development and Enhanc ement. to explain why the ite ration models.
35 |Digital Steganograph y

This model was not

the first model to discuss ite rative development, but it was the first model

As originally env isione d, the ite rations we re typ ically 6 months long. Each ph ase starts w ith a reviewing project. The steps for Spiral Model can be gene ralized as follows: The new system requ irem ents poss ible. design goal and en ds the p rogress thus far.Analysis and engine ering

to 2 years client eff or ts are

with a

app lied at each ph ase of the project, with an eye toward the end goal of the

are define d in as much details as of users

This usually inv olves inte rviewing a num ber

rep resent ing all the exte rnal or inte rnal users and other aspec ts of the existing syste m. A preliminary design is created for the new system. A first prototype preliminary design. rep resents an final produc t. A second prototype is evolved by a fourfold procedure: 1. Evaluating the first prototype we akne ss, and risks. 2. Defining the requ irem ents of the sec ond prototyp e. in terms of its strengths, of the new system of the is constructed characte ristics from the and the of

This is usually a scaled-down system ,

app roximation

3. Pl anning an designing the second prototyp e. 4. Construct ing and testing the sec ond prototyp e. At the custom er opt ion, the ent ire project can be abor ted if the risk is deem ed too great. Ris k factors might invol ved development cost ove rrun s, or any other factor that could, in the result in a less-than- satisfactor y final produc t.
36 |Digital Steganograph y

ope rating-cost miscalculation, custome rs judgment,

The existing prototype is evaluate d in the same manner as was the previous prototype, above. The preceding steps are ite rate d unt il the customer is satisfied and if nece ssa ry, another prototype is developed from it acc ording to the fourfold procedu re out line d

that the refine d pro totype rep resents the final product desired. The final system is constructed, based on the refine d prototype. The final system is thoro ughly evaluate d and tested. Rout ine mainte nanc e is carried on a cont inu ing basis to prevent large scale failures and to minimize down time.

ADVANTAGES:
Estimate s(i.e. bu dget, realistic as discoved earlier. It is mor e able to cope with the changes that are schedu le etc bec ause .) bec om e more iss ues

wor k progress es,

important

software development gene rally entails. Softw are engine ers can get the ir hands in and start woring on the cor e of a project earlier.

37 |Digital Steganograph y

The follo wing diag ram shows how a sp iral m del acts like: o

38 |Digital Steganograph y

39 |Digital Steganograph y

APPLICATION DEVELOPMENT

N-TIER APPLICATIONS

N-Tier App lications App lication Design

can easily implement and Archite cture. The

the

concepts

of

Distribute d provide Rapid

N-Tier App lications and may be used for

strate gic bene fits to Ente rprise Solut ions. While 2-tier, client -server can he lp us create qu ick and eas y solut ions Prototyping, they c an easily bec om a mainte nanc e and security night mare e The N-tier App lications provide specific advant ages that ar e vital to

the busine ss cont inu ity of the ente rprise. Typical features of a real life n-tier may inc lude the following: Security Availability and Scalability Manageability Easy Mainte nanc e Data Abstraction The above Solut ion. m ent ioned points are some of the key design goals of

a succ essful n-tier app lication that i nte nds to provide a goo d Busine ss

40 |Digital Steganograph y

DEF INITION
Simp ly stated, an n-tier app lication he lps us distribute the overall func tionality into various tiers or layers: Pr esent ation Layer Busine ss Rules Layer Data Acc ess Layer Database/Data Store Each layer can be developed independent ly of the other provided that it adhe res to the standards and com un icates with the other layers as per m the specifications. This is the one of the bigg est advant ages of the n-tier app lication. layer can pote nt ially treat the other layer as a B ack-Box. l In other wor ds, each layer does not care how other layer pro ce ss es the data as long as it sends the right data in a corr ect format. Each

41 |Digital Steganograph y

Fig -N-Tier Arc hitecture

1.

THE PRESENTATION LAYER

as the to client layer comprises of com onents p the user. that

Also called are dedicate d

present ing the data to

For example: Windows/Web For ms and butt ons, edit boxe s, Text boxe s, labels, grids, etc.

2.

THE BUSINESS RULES LAYER

This layer en capsulates the Business rules or the busine ss logic of the enc apsulations. To have a separate layer for business logic is of a great adv antage. This is be cause any changes in Business Rules can be e asily handled in th is layer. As long as the inte rface betw een the layers remains the sam e, any ch anges made to the func tionality/process ing logic in this layer can be without

impacting the othe rs. A lot of client- server apps failed to implement suc cessfully as changing the busine ss logic was a painful process .

3.

THE DATA ACCESS LAYER

that he lp in acc ess ing the

This layer comprises of com onents p Database. If used to the databas e, in the tables, data right etc

way, th is layer provides a level do not affect the and rest of the the

of abstract ion for the databas e structu res. Simp ly put ch anges made app lication bec ause of the Data Acc ess layer. The different app lication layers send the reque sts to this layer receive response from this layer.

42 |Digital Steganograph y

4.

THE DATABASE LAYER

comprises Views, of etc. the Database Comp onents such as DB

This layer

Files, Tables,

The Actual databas e

could be created

using SQL Se rve r, Oracle, Flat files, etc.

In an n-tier app lication, the ent ire app lication can be implemente d in such a way that it is independent of the actual Database. For instanc e, you could ch ange the Database Location with minimal ch anges to Data Acc ess Layer. The rest of the App lication should remain un affecte d.

What is networking?
Compute rs runn ing on the Inte rne t com un icate to each other using eithe r m the Transmission Control Pro tocol (TCP) or the (UDP ), as this diagram illustrate s: User Datagram Protocol

When you write Java program that com un icate over the netw or k, you are s m programm ing at the app lication layer. Typically, you don't need to conc ern yourself with the TCP and UDP layers. Inste ad, you can use the classes in the java.net packa ge. The se classes provide syste m-independent ne twork

43 |Digital Steganograph y

commun ication. Howeve r, to decide wh ich Java classes your programs should use, you do need to un derstand how TCP and UDP differ.

TCP
When two applications want to communicate to each other reliably, they establish a connection and send data back and forth over that connection. This is analogous to making a telephone call. If you want to speak to Aunt Beatrice in Kentucky, a connection is established when you dial her phone number and she answers. You send data back and forth over the connection by speaking to one another over the phone lines. Like the phone company, TCP guarantees that data sent from one end of the connection actually gets to the other end and in the same order it was sent. Otherwise, an error is reported. TCP provides a point-to-point channel for applications that require reliable communications. The Hypertext Transfer Protocol (HTTP), File Transfer Protocol (FTP), and Telnet are all examples of applications that require a reliable communication channel. The order in which the data is sent and received over the network is critical to the success of these applications. When HTTP is used to read from a URL, the data must be received in the order in which it was sent. Otherwise, you end up with a jumbled HTML file, a corrupt zip file, or some other invalid information.

D nition : TCP (Transmiss ion Control Pro tocol) is a conne ction-based efi
protocol that provides a reliable flow of data betw een tw compute rs. o

UDP
The UDP protocol provides between for commun ication that is not guarante ed two app lications on the netw or k. UDP is not connect ion-bas ed like

TCP. Rathe r, it sends independent packets of data, called datagra ms, from one app lication to anothe r. Sending datagrams is much like sending a lette r through the postal service: The or der of delivery is not important and is not gu aranteed, and each messa ge is independent of any othe r. UDP (User Datagram Pro tocol) is a protocol that sends to

D nition efi

independent packets of data, called datagrams, from one c om puter TCP.

another w ith no gu arante es about arrival. UDP is not connect ion-bas ed like

44 |Digital Steganograph y

For many applications, the guarantee of reliability is critical to the success of the transfer of information from one end of the connection to the other. However, other forms of communication don't require such strict standards. In fact, they may be slowed down by the extra overhead or the reliable connection may invalidate the service altogether. Consider, for example, a clock server that sends the current time to its client when requested to do so. If the client misses a packet, it doesn't really make sense to resend it because the time will be incorrect when the client receives it on the second try. If the client makes two requests and receives packets from the server out of order, it doesn't really matter because the client can figure out that the packets are out of order and make another request. The reliability of TCP is unnecessary in this instance because it causes performance degradation and may hinder the usefulness of the service. Another example of a service that doesn't need the guarantee of a reliable channel is the ping command. The purpose of the ping command is to test the communication between two programs over the network. In fact, ping needs to know about dropped or out-of-order packets to determine how good or bad the connection is. A reliable channel would invalidate this service altogether. The UDP protocol provides for communication that is not guaranteed between two applications on the network. UDP is not connection-based like TCP. Rather, it sends independent packets of data from one application to another. Sending datagrams is much like sending a letter through the mail service: The order of delivery is not important and is not guaranteed, and each message is independent of any others. N ote : Many firewalls and route rs have been configured not to allo w UDP packet s. If you' re having trouble connect ing to a service out side your firewall, or if clients are having trouble connect ing to your service, ask your system administrator if UDP is permitte d.

Understanding Ports
Gene rally speaking, a com puter has a single phy sical connect ion to the arrives through that netw or k. All data de stined for a particu lar com puter

connect ion. Howeve r, the data may be inte nded for different app lications

45 |Digital Steganograph y

runn ing on the com pute r. So how does the com puter

know to

wh ich app lication to for ward the data? Through the use of ports. Data transmitted over the Internet is accompanied by addressing information that identifies the computer and the port for which it is destined. The computer is identified by its 32-bit IP address, which IP uses to deliver data to the right computer on the network. Ports are identified by a 16-bit number, which TCP and UDP use to deliver the data to the right application. In connection-based communication such as TCP, a Server application binds a Socket to a specific port number. This has the effect of registering the server with the system to receive all data destined for that port. A client can then make contact with the server at the server's port, as illustrated here:

D nitio n: The TCP and UDP protocols use por ts to map inc oming data to efi
a particu lar proce ss runn ing on a compute r. In datagram-based communication such as UDP, the datagram packet contains the port number of its destination and UDP routes the packet to the appropriate application, as illustrated in this figure:

Por t num rs range from 0 to 65 ,53 5 bec ause por ts are rep resented be

by 16 -

bit numbe rs. The por t numbe rs ranging from 0 - 102 3 are restricte d; they are reserved for use by we ll-known services such as HTTP and FTP and othe r

46 |Digital Steganograph y

system services. The se por ts are called we ll-known por ts. Your app lications should not attem pt to bind to the m.

Networking Classes in the JDK

Through the class es in java.ne t, Java program can use TCP or UDP to s com un icate over the Inte rne t. The URL, URL Connection, Socket, and m Server Socket class es all use TCP to c om un icate over the netw or k. The m Datagram Packet, Datagram Socket, and Multicast Socket class es are for use with UDP.

What Is a URL?
If you've been surfing the Web, you have undoubtedly heard the term URL and have used URLs to access HTML pages from the Web. It's often easiest, although not entirely accurate, to think of a URL as the name of a file on the World Wide Web because most URLs refer to a file on some machine on the network. However, remember that URLs also can point to other resources on the network, such as database queries and command output.

D nition efi

: URL is an acronym for Un iform Resource Locator and is a

referenc e (an add ress) to a resource on the Inte rne t. The following is an example of a URL which addresses the Java Web site hosted by Sun Microsystems:

As in the previous diagram, a URL has two main component s: Pro tocol ident ifier Resource name Note that the protocol identifier and the resource name are separated by a colon and two forward slashes. The protocol identifier indicates the name of the protocol to be used to fetch the resource. The example uses the Hypertext Transfer Protocol (HTTP), which is typically used to
47 |Digital Steganograph y

serve up hypertext documents. HTTP is just one of many different protocols used to access different types of resources on the net. Other protocols include File Transfer Protocol (FTP), File, and News. The resource name is the complete address to the resource. The format of the resource name depends entirely on the protocol used, but for many protocols, including HTTP, the resource name contains one or more of the components listed in the following table:

Host Name Fil ename Port Number

The name of the mach ine on wh ich the resource lives. The pathn am to the file on the machine . e The por t number optional). A reference to a named anchor within a resource that to wh ich to connect (typ ically

Reference

usually identifies a specific location within a file (typically optional).

For many protocols, the host name and the filename are required, while the port number and reference are optional. For example, the resource name for an HTTP URL must specify a server on the network (Host Name) and the path to the document on that machine (Filename); it also can specify a port number and a reference. In the URL for the Java Web site java.sun.com is the host name and the trailing slash is shorthand for the file named /index.html.

Se quence of socket

calls for co nnectio n-orie nted pro tocol:

48 |Digital Steganograph y

System Calls
Socket - create a descriptor for use in netw or k commun ication. On suc cess , socket system call retu rns a small inte ger value similar to a file descriptor Name. Bind - Bind a local IP address and protocol port to a socket When a socket is created it does not have any notion of endpoint add ress . An app lication calls bind to specify the local; endpoint add ress in a socket. For TCP/IP protocols, the endpoint add ress uses the socket add ress in struc ture. Se rve rs use bind to specify the we ll-known por t at wh ich they conne ctions. Connect - connect to remote client Afte r creating a socket, a client calls connect to establish an actual connect ion to a rem ote serve r. An argum ent to connect allo ws the will await

client to specify the rem ote endpoint, wh ich inc lude the rem ote mach ines IP add ress and protocols por t num be r. Once a connect ion has been made, a client can transfer data acro ss it. Accept () - accept the next incoming connection Acc ept creates a new socket for each new connect ion reque st and returns the descriptor of the new socket to its caller. The server uses the new socket only for the new connect ions it uses the ori ginal socket to accept data on the new socket. add itional connect ion reque sts once it has accepted connect ion, the server can transfer

Return Value:
This syste m-call retu rns up to th ree values An inte ger retu rn code that is eithe r an erro r indication or a ne w

socket description

49 |Digital Steganograph y

The add ress of the client process The size of this add ress of inc oming Backlog - specifies how many afte r both the

Liste n - place the socket in pass ive mode and set the num ber TCP connect ions the system will en -queue. connect ions reque sts can be queued server to execute call. Send , send to, recv and recvf rom system calls

by the system wh ile it wants for the

the accept system call it us usually executed

socket and bind system calls, and imm ediately bef or e the accept syste m

The se system calls are similar to the standard read and write system calls, but add itional argum en ts ar e reque ste d. Close - te rminate com un ication and de-allocate a descriptor. The normal m UNIX close system call is also used to close a socket. The system deals with security during transmission of data. Comm only

used te chn ologies are crypt ography. This system deals with implement ing security using Steg anography. In this the end user ident ifies an image, wh ich is going to act as the carrier of data. The data file is also selecte d and then to achieve greater speed then sent. of transmiss ion the data file and image file are compressed and sent. Prio r to this the data is em bedded into the image and

50 |Digital Steganograph y

3) SYST EM DESIGN
ELEMENTS OF DESIGN
The Sy stem the ir login Design inc ludes the mainte nanc e of details, auth orization with a prescribed the user information, enc rypt ion for mat at the provision of

services, message

sending service end with dec rypt ion process.

the inte reste d level of enc rypt ion and the receiving service at the other The design also inc ludes facility to the user to manipu late the conc erne d information acc ording to his personal use and com un ication proce ss at the administrator level only. m

The design also nee ds to provide the com un ication channe l to the user m to commun icate with other registe red users through the m aili ng services in a reliable and secu red f or mat. Auth orization and authent ication services are preferred the ir login most details, for this purpose. The of the user Sy stem information, directory services Design inc ludes the mainte nanc e

auth orization services, File and

with a prescribed enc rypt ion for mat at the inte reste d level of enc rypt ion and the receiving service at the other end with dec rypt ion process. The design also inc ludes the provision of facility to the user to manipu late the conce rned information acc ording to his personal use and com un ication m proce ss at the administrator level only.

The design

of

Di gital

Steg anography,

basically invol ve

the

inte rface

arch itectu re, auth orization and authent ication system Security services, and , com un ication system In the inte rface design we invol ve with the design of m . the user inte rface with GUI standards and a pro per navigation system whe re the user need to enter into the flow of transa ct ions starting with the ent ry y 51 |Digital Steganograph in

to the system with the user name p ass wor d whe re the authent ication & auth orization services are the system . the through the GUI whe re file, check and further acce ss is provided into sending of exit ar e provided. dec rypt ion Enc rypt ion The n the user nee ds to select into the ope rations provided

enc ryption, Decrypt ion, Gene ral Information and

He re the Enc rypt ion and dec rypt ion and services are provided connect ing to the security services modu le whe re the enc ryption and are carriedout by implement ing the Tiny Algorithm (TEA).

Afte r the enc rypt ion of the file is complete d the user is to select the file for sending through the netw or k to the desired user by specifying IP add ress in the to the targeted user pane l designe d. The n the the targete d users system system gets connected for mat afte r wh ich the

user and delivers the file in ciphe r Di gital Steg anography

wor king with the

softw are should go for the opt ion dec rypt the file by selecting the file path by wh ich the file gets dec rypted and is viewe d on the syste m.

SCOPE:
The softw are is designe d using Java Sw ngs for front en d. Java Swings i provides a set of "lightwe ight" (all-Java language) com onents that, to the p maximum deg ree poss ible, wor k the same to on all platforms. Mostly of this packa ge selecting is used for the designing of GUI com onent s. This package p security com ared p HTML. The adv antages

provides higher

this packa ge for the project screen designing are: It provides the implement ation hiding m ech anism to designe rs and to hide the source code in turn provides secu red struc ture.

52 |Digital Steganograph y

 The AWT com onents p

are replaced by swi ng com onents p

as

sw ngs com onents are platform independent and the look and i p fee l of the com onents created are the sam on any platform------p e inc reases the user inte ractivity. We implemente d the so ck et pr ogram i m in establishing client -client ng for commun ication archite cture com un ication m pu rpose. The

(pee r-peer)

programm ing is bas ed on connect ionless service. This provides the user to transmit the data in terms of packets (data gram packets) over the ne twork in all poss ible paths. At regu lar inte rvals the packet is created and sent over the netw or k with respect to d ata. This makes faste r transmission of data. This provides a client to directly find the de stination client on the netw or k by simp ly providing the IP add ress . Ease of commun ication programm ing. This is a secu red for m of sending data sinc e only the is the main adv antage of this

auth orized users can view the data (file) on the destination side.

53 |Digital Steganograph y

54 |Digital Steganograph y

A) STRU CTURAL MODEL

Class diagram

Sequence Diagrams Sender:

55 |Digital Steganograph y

Receiver:
56 |Digital Steganograph y

B) BEHAVIOURAL DIAGRAMS
Acti vity Di ag ram Sender: :

57 |Digital Steganograph y

Sende r

Select File

Encrypt File

Give keyI nfo

Compres s

Embe d

Send File

Receiver:

Receiver

ReceiveFile

DeEmbedFile

DeCompress

GiveKeyFordecrypt

DecryptFile

SaveFi le

Use cas e Diagrams Sender:

Receiver:

5) FORM DESIGN SCREENS

LOGIN PAGE

DATABASE CONNE CTING

LOGIN MATCH FOUND

MAIN FORM ENCRYPTION

SELECT A FILE TO ENCRYPT

ENTER KEY.

ENCRYPED FILE SAVED SUCCESS FULLY

CRC GENERATION

CRC GENERATION FORM

CHOOSE ENCRYPTED FILE TO GENERATE CRC

CRC FILE GENERATED.

COMPRESS ION

COMPRESSION FORM

CHOOSE FILE TO COMPRESS

FILE COMPRESSED.

FILE COMPRESSED

EMBEDD ING

SELECT DATA FILE TO BE EMBEDED

SELECT IMAGE FILE TO EMBED

FILE EMBEDDED

SENDING THE EMBEDDED FILE

ENTER THE HOST ADDRESS

DE-EMBEDDING

SELECT THE RECEIVED IMAGE FILE TO DE-EMBED

DEEMBEDDING

FILE DE-EMBEDDED

DECOMPRESS ING

SELECT THE DE-EMBEDDED FILE TO BE DECOMPRESS ED

DECOMPRESS ING

CRC VERIFICATION

SELECT FILE FOR CRC VERIFICATION

CRC VERIFIED

DECRYPTING

SELECT FILE TO BE DECRYPTED

ENTER DECRYPTING KEY

SAVE THE DECRYPTED FILE.

FILE DECRYPTED SUCCESSFULLY

6) SYST EM TESTING

Testing Concepts

Testing Methodologie s
Bl ack box Testing: White box Testing.

TCD (Test Case Documentation) STLC

Test Plann ing. Test Development. Test Execut ion. Result Analysis. Bug-Tracing. Reporting.

M nu al Testing a Autom ation Testing (Too ls)

Win Runne r. Test Director.

Testing:

The process of execut ing a system with the inte nt of finding an error. Testing is define d as the process in wh ich defects are ident ified, isolate d, subjecte d for rectification and ensured that product is defect free in or der to produce the quality product and hence customer satisfaction. Quality is define d as justification of the requirements Defect is nothing but deviation from the requirements Defect is nothing but bu g. Testing --- The presence of bu gs Testing can demonstrate the presence of bu gs, but not the ir absenc e Debu gging and Testing are not the sam thing! e Testing is a system atic attem pt script /program did not execute properly. to break a pro gram or the AUT Debu gging is the art or m eth od of unc overing why the

Testing Methodologies:

Black box Te ting: is the testing process in wh ich tester can s pe rfor m testing on an app lication without having any inte rnal struc tural knowledge of app lication. Usually Test Engine ers are invol ved in the black box te sting.

W ite box Te ting: is the testing process in wh ich tester can h s pe rfor m testing on an app lication with having inte rnal struc tural knowledg e. Usually The Developers are invol ved in wh ite box te sting.

Case Generation Report :

Test Type Operational / Un it / Func tional Test -doEnc ryptio n -doDecryptio n -doSending file -doExit Receive the file to be enc rypted and Case Login Expected Result Succe ssful/un succe ssful login

enc rypt acc ording to the key and save Receive the file to be dec rypted and

dec rypt with sam key and save e Receives the 32 -bit IP add ress of the de stination and transmit. En ds the current login session

Test Report :

Test Type Func tional te st -do-do-do-

Case Login Enc ryption Decryption Sending file

Observed Result Succe ssful login Suc cessfully enc rypted and saved Path failure Destination add ress not found

Test Case Analysis:

Test Type Func tional te st

Expected Result Receive decrypte d data,dec rypt save &

Observed Result Path failure

Remarks Add ress of the file is correcte d

-do-

Receive add ress& transmit

correct Destination add ress found

Corr ect given

IP is

destination

not add ress

Test Plann ing:

1. Test

Plan is define d

as a strate gic

document

wh ich describes

the procedu re how to pe rfor m various testing on the total app lication in the most efficient way. 2. This document inv olves the scope of te sting,

3. Objective of te sting, 4. Areas that need to be teste d, 5. Areas that should not be te ste d, 6. Sche duling Resource Plann ing, 7. Areas to be aut omated, various testing tools

Result Analysis: 1. Expected Va lue: is nothing but expected 2.

behavior of app lication.

Act ual va lue: is nothing but actual behavior of App lication

Bu g Tracing:
Coll ect all the failed cases, prep are docum ent s.

Report ing:
Pr ep are docum ent (status of the app lication)

TCD (Test Case Document): Test Case D um nt Contains oc e

Te t Scope (or) Te t objective s s Te t Scenario s Te t Procedure s Te t ca se s This is the sample test case docum ent Client project: for the Case Inv estigate details of

Test scope:

Test cove rage is provided for the screen Login chec k for m of a Administration modu le of Forensic Manager app lication Areas of the app lication to be teste d

Test Scenario:
When the office personals use this screen for the data ent ry, add ing sect ions, courts, grades and Case Registration information on s basis and qu it the form.

Test Pro cedure :

The procedu re for testing this screen is planne d in such a way that the data ent ry, status calculation func tionality, saving and quitting T.C.No Description Exp Act Result

ope rations ar e tested in terms of GUI testing, Po sitive testing, Negative testing using the corresponding GUI test cases, Po sitive test cases, Neg ative test cases respectively

Test Cases:

Template for Test Case

Guideline for Test Cases: s 1. GUI Test Cases:

To tal no of features that need to be che ck Look & Fe el Look for Default value s if at all any (date & Ti me, if at all any require)

Look for spell che ck

Example for GUI Test cases:

T.C.No Description Check for all the 1

Expecte d value The screen must features

Actu al value Result

features in the scree n cont ain all the

Check for the 2 alignm ent of the objects as per the validations

The alignm ent should be in proper way

1. Positi ve Test Cases:

The positive flow of the func tionality must be considered Valid inputs m st be used for te sting u Must have the positive pe rcept ion to ve rify whether requ irem ents are justified. the

Example for Positi ve Test case : s

T.C.No

Description

Expecte d value

Actual value

Result

Input UserName and Redirect to Redirect to Redirect to Password HomePage Home Page Home Page

N ga ti ve Test Cases: e

Must have neg ative perception. Inv alid inputs must be used for test.

Example for N ga ti ve Test case : e s

T.C.No Description Expected value 1 Inpu t username and pass word Login Page Login Page Login Page Actual value Result

7. CONCLUSION
The challenge of cryptography is developing a system in which it is impossible to determine the key. This is accomplished the use of a one-way function. With a one-way function, it is relatively easy to compute a result given some input values. To encrypt data, enter the data plain text and an encryption to the encryption portion of the algorithm. To decrypt the cipher text a proper decryption key is used at the decryption portion of the algorithm. The project work done herewith has given a lot of insight into the working of the Networkingprogramming environment. The program written for encryption and decryption using Tiny

Encryption Algorithm is tested on several textual files and results are observed. The
program could achieve a better secure transferring of files between the server and various clients.

FUTURE ENHANCEMENTS

It is not possible to develop a system that makes all the requ irem ents user. User requ irem ents keep changing as the system is being used.

of the

Some of the futu re en hancem en ts that can be done to this system are: As the te chn ology em rge s, it is poss ible to upgrade the syste m e and c an be adaptable to desired env ironm ent. Because it is based on object-oriente d design, any furthe r ch anges can be easily adaptable. Based on the futu re security issue s, security can be improved using emerging te chn ologies. Case Registration modu le can be add ed

8. BIBLIOGRAPHY
REFERENCES
Java Complete Referenc e By Herbert Shield Database Programm ing with JDBC and Java By Ge or ge Ree se Java and XML By Brett McLaughlin

Wikiped ia, URL: htt p:/ /www .wikipedia.org. Answers.com, Online Di ctionary, Encyclopedia and m h uc htt p:// ww w.answers.com

more, URL:

Google, URL: htt p:/ /www .goo gle.co.in Project Management URL: htt p:/ /www .startwrigh t.com/project.htm

9 APPENDIX . A. SAMPLE CODE.

MENU.JAVA
import java.awt.*; import javax.swing.*; import java.awt.e vent.*; import java.ut il.*; import java.sql.*; /* <app let code ="m enu" width =79 0 he ight =51 2 > </app let> */

publi c class menu exten ds JFrame implements ActionListe ne r { JMenuIte m it1,it2,it3,it4,it5,it6,it7,it8,it9,it10 ,it11,it12; Calendar d=Calendar.getInstanc e(); JLabel dl=ne w JLabel(" ",JLabel.LEFT); int day,mon,y r; String dt; JTextField log; JPasswordField pass ; publi c void initTextPass (JTextField log,JPass wordField pass) { this.log=log;

this.pass=pass; } publi c void callLogin( ) { try { Syste m.out. println( "In callLogin"); Login l=ne w Login( ); } catch (Except ion e){ e.print StackTrace(); } } publi c void actionPerformed(ActionEvent ae) { Syste m.out. print ln( "In Action performed"); if(ae.getActionCom and()= "Conne ct" ) m = { if(login( )= true ) = { JFrame f=new JFrame(); f.setSize(800 ,800 ); f.setResizable(false); Cont aine r cp=f.getConte nt Pane ();

day=d.get(Calendar.DATE); mon=d.get(Calendar.MONTH)+1; yr=d.get(Calendar.YEAR); dt="DATE :- "+day+"/"+mon+"/"+yr; dl.setText(dt); dl.setSize(200 ,25 ); dl.setLocation( 600,480); dl.setFont( ne w Font( "Courier",Font .BOLD,15 )); dl.setForegroun d(Color.black); cp.setLayout( null); JLabel label=ne w JLabel("DIGITAL STEGANOGRAPHY",SwingConstant s.CENTER); label.setFont( ne w Font( "Courier",Font. BOLD+Font .ITALIC,35 )); label.setForeground(Color.darkGray); label.setSize(800 ,60); label.setLocation( 0,0); cp.add (label); cp.setBackgroun d(Color.cyan) ; JMenuBar bar = new JMenuBar( ); bar.setSize(250 ,20); bar.setLocation( 260 ,80 );

cp.add (bar); cp.add (dl); JMenu data = new JMenu( " DATA "); data.setMnemonic(KeyEvent. VK_D); it1 = new JMenuIte m(" CRC "); it1.setMne monic(KeyEvent. VK_C); it2 = new JMenuIte m("EMBED"); it2.setMne monic(KeyEvent. VK_E); it3 = new JMenuIte m("DE-EMBED"); it3.setMne monic(KeyEvent. VK_D); data.add (it1); data.add (it2); data.add (it3); it1.add ActionListe ne r(this); it2.add ActionListe ne r(this); it3.add ActionListe ne r(this); JMenu ut ilities = new JMenu( " UTILITIES "); ut ilities.setMne monic(KeyEvent. VK_U); it4 = new JMenuIte m("COMPRESS"); it4.setMne monic(KeyEvent. VK_O); it5 = new JMenuIte m("DECOMPRESS");

it5.setMne monic(KeyEvent. VK_P); it10 = new JMenuIte m("SEND"); it10.setMne monic(KeyEvent. VK_S); it11 = new JMenuIte m("ENCRYPT"); it11.setMne monic(KeyEvent. VK_E); it12 = new JMenuIte m("DECRYPT"); it12.setMne monic(KeyEvent. VK_D); ut ilities.add (it4); ut ilities.add (it5); ut ilities.add (it10); ut ilities.add (it11); ut ilities.add (it12); it4.add ActionListe ne r(this); it5.add ActionListe ne r(this); it10.add ActionListe ne r(this); it11.add ActionListe ne r(this); it12.add ActionListe ne r(this); JMenu he lp = new JMenu( " HELP ");

he lp.setMne monic(KeyEvent. VK_H); it6 = new JMenuIte m("ABOUT"); it6.setMne monic(KeyEvent. VK_A);

he lp.add (it6); it7 = new JMenuIte m("CONTENTS"); it7.setMne monic(KeyEvent. VK_N); he lp.add (it7); it8 = new JMenuIte m("INDEX"); it8.setMne monic(KeyEvent. VK_I); he lp.add (it8); it6.add ActionListe ne r(this); it7.add ActionListe ne r(this); it8.add ActionListe ne r(this); JMenu exit=ne w JMenu( "EXIT"); exit.setMne monic(KeyEvent. VK_X); it9 = new JMenuIte m( "EXIT "); it9.setMne monic(KeyEvent. VK_T); exit. add (it9); it9.add ActionListe ne r(ne w ActionListe ne r() { publi c voi d actionPerfor med (ActionEvent e) { Syste m.exit(0); bar.add (data); bar.add (ut ilities); bar.add (he lp); } });

bar.add (exit); f.setVisible(true ); Syste m.out. println( "in end of if1"); }//if1 }// action Perfor med Of Conne ct if(ae.getSource()= it1) = { crc x=new crc(); repaint( ); } else if(ae.getSource()= it2) = { em bed x=new embed(); repaint( ); } else if(ae.getSource()= it3) = { dem bed repaint( ); } else if(ae.getSource()= it4) = x=new dembed();

{ com ress x=new compress (); p repaint( ); }

else if(ae.getSource()= it5) = { dec om ress x=new decompress (); p repaint( ); } else if(ae.getSource()= it6) = { } else if(ae.getSource()= it7) = { tables x=new tables(); repaint( ); } else if(ae.getSource()= it8) = { index x=new index(); about( );

repaint( ); } else if(ae.getSource()= it11) = { enc e=new enc (); repaint( ); }

else if(ae.getSource()= it12) = { dec d=new dec(); repaint( ); } else if(ae.getSource()= it10) = { sen d=new sen( ); repaint( ); } }//actionperformed

void about( )

{ JFrame f1=new JFrame(); final JDialog dialog = new JDialog (f1, "About... ", true ); dialog.add WindowListe ne r(ne w WindowAd apte r() { publi c void windowC losing(WindowEvent e) {dialog.dispose();} });

Cont aine r cp=getConte nt Pane (); JLabel lab1 = new JLabel ("DIGITAL STEGANOGRAPHY", JLabel.CENTER); lab1.setFont( ne w Font( "TimesRoman", Font. BOLD+Font. ITALIC,16)); lab1.setForeground(Color.darkGray); JLabel lab2 = new JLabel ("Version 1.0", JLabel.CENTER); JLabel lab3 = new JLabel ("Copyright(c) 2008 -200 9 by", JLabel.CENTER); JLabel lab4 = new JLabel ("TEEM TECHNOLOGIES. Hyd.", JLabel.CENTER); dialog.getConte ntPane ().setLayout( ne w GridLayout( 5,1,0,0)); dialog.getConte nt Pane ().add (lab1); dialog.getConte nt Pane ().add (lab2); dialog.getConte nt Pane ().add (lab3); dialog.getConte nt Pane ().add (lab4); JButt on butt = new JButt on( "Close");

JPane l p=new JPane l(); p.add (butt) ; dialog.getConte nt Pane ().add (p); butt. add ActionListe ne r (new ActionListe ne r () { publi c void actionPerformed(ActionEvent e) { dialog.setVisible(false); dialog.dispose(); } });

dialog.setBoun ds(19 0,170,390,370 ); dialog.setVisible(true ); }//abt publi c boo lean login( ) { boo lean match=false; String x=log.getText(); String y=pass.getText(); try{ Class .forName("sun. jdb c.odb c.Jdb cOdbcDriver"); /*Conne ction con=DriverManager.getConne ction( "jdb c:odb c:ste g");*/

Connect ion con= DriverManager.getConne ction ("jdb c:odbc:ste g","dee pu","dee pu"); JOptionPane .showMessageDialog(nu ll,"Database conne cte d suc cess fully","Message", JOptionPane .INFORMATION_MESSAGE); St atem ent st=con.c reate State ment( );

ResultSet rs=st.e xecute Que ry("SELECT * FROM USERS"); wh ile(rs.ne xt()) { String p=rs.getString(1); String q=rs.getString(2); if(p.equalsIgnoreCase(x)&&q.equalsIgnoreCase(y)) { Syste m.out. println( "in if of wh ile : "+p+" "+q); JOptionPane .showMessageDialog(nu ll,"Login matchfoun d","Message", JOptionPane .INFORMATION_MESSAGE); hide(); match=true ; retu rn match; }//if else if(p= null|| q= nu l) = =

{ JOptionPane .showMessageDialog(nu ll, "Insufficient data","Message", JOptionPane .INFORMATION_MESSAGE); }//else }//while if(match==false) JOptionPane .showMessageDialog(nu ll,"Login mismatch","Message", JOptionPane .INFORMATION_MESSAGE); }//try catch( SQLException ecx){ JOptionPane .showMessageDialog(menu.th is,"Error","Unable to connect", } catch( ClassNotFoun dException cnfd){ cnfd.printStackTrace(); JOptionPane .showMessageDialog(menu.th is,"Error","Unable to install Driver",JOptionPane .INFORMATION_MESSAGE); } retu rn false; }//login JOptionPane .INFORMATION_MESSAGE);

publi c class Login exten ds JFrame { JLabel login, pass wrd,lab,lab1,l1,l2,elab,elab1; JPane l p,p2 ,p1; JButt on cont; Login( ) { Syste m.out. println( "In Login cons"); Cont aine r c=getConte nt Pane (); c. setLayout(new BorderLayout( )); Icon ic1=ne w ImageIcon( "db s.jpg "); Icon ic=ne w ImageIcon( "eula.jpg"); lab=ne w JLabel(ic); lab1=ne w JLabel("DIGITAL STEGANOGRAPHY",SwingConstant s.CENTER); lab1.setFont( ne w Font( "Courier", Font. BOLD+Font. ITALIC,35)); lab1.setForeground(Color.darkGray); lab1.setSize(800 ,60 ); Di men sion d=new Dimension( 100,30 ); elab1=ne w JLabel(" "); elab=ne w JLabel(" ");

l2=ne w JLabel(" "); l1=ne w JLabel(" "); p1=new JPane l(); p1.setBackgroun d(Color.cyan) ; p1.setL ayout(new BorderLayout( )); p1.add (l2,BorderLayout. NORTH); p1.add (l1,BorderLayout.C ENTER); p1.add (lab1,BorderLayout.N ORTH); cont =new JButt on( "Conne ct" ); cont. setMne monic('C'); login=ne w JLabel(" Login :");

pass wrd=new JLabel(" Passwor d :"); log=ne w JTextField(); pass= new JPasswordField(); log.setPreferredSize(d); pass .setPreferredSize(d); log.setFont( ne w Font( "Dialog",Font. PLAIN,15 )); m enu m=new menu( ); m.initTextPass (log,pass ); cont. add ActionListe ne r(m); GridBagLayout grid=ne w GridBagLayout( );

GridBagConstraints con=new GridBagConstraint s(); p=new JPane l(); p.setLayout( grid); p.setBackgroun d(Color.cyan) ; con.we ightx =1.0; con.we ighty =0.0; con. anc hor=GridBagConstraint s.CENTER; con.fill=GridBagConstraint s.NONE; con. gridwidth =GridBagConstraint s.REMAINDER; p.add (login) ; grid.setConstraint s(log,con); p.add (log); grid.setConstraint s(elab1,con) ; p.add (elab1); p.add (pass wrd); grid.setConstraint s(pass,con) ; p.add (pass ); c.setBackgroun d(Color.cyan) ; grid.setConstraint s(elab,con) ; p.add (elab); grid.setConstraint s(cont,c on) ;

p.add (cont) ; c.add (lab,BorderLayout.W EST); c.add (p,BorderLayout.C ENTER); c.add (p1,BorderLayout.N ORTH); setSize(800 ,800); setVisible(true ); }//Login }//IN CLASS LOGIN

publi c static voi d main( String s[]) { m enu m=new menu( ); m. callLogin( ); } }//menuC lass