Infosec-Technologies

INFOSEC Technologies, LLC
Covert Channels

INFOSEC Technologies, LLC has initiated a funded research project on Covert Channel detection mechanisms and steganographic system identification via unique signatures. There are many covert channels in networks, and we will investigate these as correlate with our ( and clients) interests in steganographic techniques.

We thank Russ Rogers and Matthew G. Devost,"Hacking a Terror Network", Syngress, 2005 for access to their resources and Dr. Neil F Johnson, a world class expert on steganography, www.jjtc.com for his seminal work on steganography and description of vendors /authors.

Jim Wingate, VP for West Virginial Operations for Backbone Security provides and insightful whitepaper on physical locations for clandestin exchange of intelligence information in The Perfect Dead Drop The Use of Cyberspace for Covert Communications.

CREATION

The following are brief descriptions of various freeware and shareware covert channels tools included in the Steganography and Watermarking Table.

WINDOWS

Blindside (Freeware) - Uses BMP carrier files and includes encryption.
BMP Secrets (Freeware) - Uses BMP carrier files and includes encryption.
Cameleon (Freeware) - French language tool that uses GIF carrier files and includes encryption.
Camera/Shy v0.2.23.1 (Freeware) - Scans for and delivers decrypted content from the Internet.
Camouflage (Freeware) - Can hide information in any digital file type by inserting it after the end of file marker. Information hidden this way will not affect how the carrier looks or behaves, although it will increase file size. Includes password protection.
Contraband Hell Edition (Freeware) - Uses BMP carrier files and includes encryption.
Courier v1.0a (Freeware) - Uses BMP carrier files.
CryptArkan (Shareware) - Uses WAV and BMP carrier files; hidden data can be directly read off an audio CD. Includes encryption.
Data Privacy Tools (Freeware) Uses BMP carrier files and includes encryption.
Data Stash (Shareware) - Uses BMP and database carrier files and includes password protection.
Digital Picture Envelope v1.0 (Freeware) - Uses BMP carrier files.
Encrypt Pic (Shareware) - Uses 24-bit BMP carrier files and includes encryption.
Gif-it-Up (Freeware) - Uses GIF carrier files and includes encryption.
Gifshuffle v2.0 (Freeware) - A command-line tool that uses GIF carrier files and includes encryption.
Hermetic Stego (Shareware) - Uses BMP carrier files. The developers claim their stego key makes the payload undetectable.
Hide and Seek for Win95 (Shareware) - Uses BMP carrier files and includes encryption and file wiping.
Hide4PGP v2.0 (Freeware) - A command-line tool that uses BMP, WAV, and VOC carrier files.
Hide In Picture 2.0 (Freeware) - USes BMP carrier files and includes encryption.
ImageHide (Freeware) - Uses a variety of image carrier files.
In Plain View (Freeware) - Uses BMP carrier files and includes password protection.
In The Picture (Shareware) - Uses BMP carrier files and includes encryption.
InfoStego (Freeware)- Uses BMP carrier files; includes encryption.
Invisible Secrets v4.0 (Shareware) - Uses JPEG, PNG, BMP, HTML and WAV carrier files. Includes encryption, shredder, password manager and self-decrypting archives.
JPegX (Freeware) - Uses JPEG carrier files and includes encryption and password protection.
JP Hide and Seek (Freeware) - Uses JPEG carrier files and includes encryption.
JSteg Shell v2.0 (Freeware) - Uses JPEG carrier files; includes encryption.
MP3Stego (Freeware) - Uses MP3 carrier files.
PGPn123 (Freeware) - A tool that facilitates using PGP for Eudora, Agent, or Pegasus Mail and also includes a steganography option.
PhotoCrypt 1.1 (Freeware) - Uses BMP carrier files.
Sam's Big Play Maker (Freeware) - A text generation tool that converts a message into an output that looks like a play.
Scramdisk (Freeware) - A disk encryption program that allows the creation and use of virtual encrypted drives.
Scytale 32bit (Freeware) - A PGP shell program that uses PCX carrier files.
SecurEngine 4.0 (Freeware) - Uses BMP, JPEG, WAV, and txt files as carrier files. Includes encryption, file wiping, a password manager, and self-decrypting archives.
Stash-It v1.1 (Freeware) - Uses BMP, GIF, TIFF, PNG or PCX carrier files.
Steghide 0.4.6b (Freeware) - Uses BMP, WAV and AU carrier files. Includes encryption.
Stego-Lame (Freeware) - Uses various audio formats as carrier files. Written in Windows C source code; must be compiled before use.
S-Tools 4 - (Freeware) - Uses BMP, GIF, and WAV carrier files; includes password and encryption options.
The Third Eye (Freeware) - Uses BMP, GIF, and PCX carrier files and includes encryption
wbStego4.3open (Freeware) - Uses BMP, TXT, HTML/XML, and PDF carrier files for both Windows and Unix. Includes a Wizard interface, encryption, and passphrase support.
WeavWav (Freeware) - Uses WAV carrier files.

UNIX/LINUX

Blindside (Freeware) - Uses BMP carrier files and includes encryption.
Covert TCP (Freeware) - Uses TCP packets as carrier files.
Gifshuffle (Freeware) - Uses GIF carrier files and includes encryption.
Hide4PGP v2.0 (Freeware) - A command-line tool that uses BMP, WAV, and VOC carrier files.
Hydan (Freeware) - Uses executables as carrier files.
JP Hide and Seek (Freeware) - Uses JPEG carrier files and includes encryption.
JSteg (Freeware) - Uses JPEG carrier files.
MandelSteg (Freeware) - Uses GIF carrier files.
MP3Stego (Freeware) - Output is an MP3 carrier file.
Nicetext (Freeware) - Text generation tool that converts a message into an innocuous message.
Outguess v0.2 (Freeware) - Uses JPEG carrier files.
PGMStealth (Freeware) - Uses PGM grayscale carrier files.
Piilo (Freeware) - Uses PGM grayscale carrier files.
Snow (Freeware) - Uses text files as carriers.
Stealth (Freeware) - A utility that removes the header information from PGP messages, leaving only the encrypted data which may then be hidden.
Steganosaurus (Freeware) - A text-based steganography tool.
StegFS (Freeware) - Uses Linux file system for hiding information.
Steghide 0.3, Release 1 (Freeware) - Uses BMP, WAV and AU carrier files. Includes encryption.
StegParty (Freeware) - Hides information by making changes in text.
Stegtunnel (Freeware) - Uses TCP packets as carrier files.
Texto (Freeware) - Text generation tool that converts a message into an innocuous message.
Visual Cryptography (Freeware) - Hides information in two image files that must be layered to reveal.
wbStego4open (Freeware) - Uses BMP/TXT/HTML/PDF carrier files

MACINTOSH

FatMacPGP 2.6.3 (Freeware) - A version of MacPGP which includes the ability to remove header information, leaving only the encrypted data which may then be hidden.
Mimic Functions (Freeware) - Text generation tool that converts a message into an innocuous message.
Paranoid (Freeware) - An encryption tool that also allows the hiding of information in audio files.
Stego (Shareware) - Uses Macintosh PICT carrier files.

DOS

Data Privacy Tools (Freeware) Uses BMP carrier files and includes encryption.
dc-Steganograph (Freeware) - Uses PCX carrier files.
Empty Pic (Freeware) - Uses GIF carrier files.
FFEncode (Freeware) - Uses TXT carrier files.
GZSteg (Freeware) - Uses GZip carrier files.
Hide4PGP v2.0 (Freeware) - A command-line tool that uses BMP, WAV, and VOC carrier files.
Hide and Seek v5.0 (Freeware) - Uses GIF carrier files.
Hide In Picture 2.0 (Freeware) - USes BMP carrier files and includes encryption.
HideIT (Freeware) - Uses BMP carrier files.
JP Hide and Seek (Freeware) - Uses JPEG carrier files and includes encryption.
JSteg (Freeware) - Uses TGA carrier files with a JPEG output.
MP3Stego (Freeware) - Output is an MP3 carrier file.
Pretty Good Envelope v2.0 (Freeware) - Can hide information in any digital file type by inserting it at the end of the file.
Snow (Freeware) - Uses text files as carriers.
Stealth (Freeware) - A utility that removes the header information from PGP messages, leaving only the encrypted data which may then be hidden.
Steganos v1.4 (Freeware) - Uses BMP, WAV, VOC and ASCII carrier files.
StegoWav (Freeware) - Uses WAV carrier files and includes encryption.
Texto (Freeware) - Text generation tool that converts a message into an innocuous message.
White Noise Storm (Freeware) - Uses PCX carrier files and includes encryption.

DETECTION

The following are brief descriptions of various freeware and shareware detection and analysis tools included in the Steganography and Watermarking Table.

WINDOWS

2Mosaic (Freeware) - A tool that corrupts embedded information in files (e.g., digital watermarks).
Gargoyle (Demo) - a tool designed to scan for malware on target systems.
GIMP (Freeware) - Software that allows image manipulation tasks such as photo retouching, image composition and authoring.
LADS (Freeware) - A tool that allows the listing of all alternate data streams associated with an electronic file.
Stegdetect (Freeware) - A steganography detection tool for JPEG images.
StirMark (Freeware) - A breaking tool that removes embedded information from files (e.g., digital watermarks).
UnZign (Freeware) - A breaking tool that removes embedded information from files (e.g., digital watermarks).

UNIX/LINUX

GIMP (Freeware) - Software that allows image manipulation tasks such as photo retouching, image composition and authoring.
Stegdetect (Freeware) - A steganography detection tool for JPEG images.
StirMark (Freeware) - A breaking tool that removes embedded information from files (e.g., digital watermarks).
UnZign (Freeware) - A breaking tool that removes embedded information from files (e.g., digital watermarks).

MACINTOSH

GIMP (Freeware) - Software that allows image manipulation tasks such as photo retouching, image composition and authoring.
StirMark (Freeware) - A breaking tool that removes embedded information from files (e.g., digital watermarks).

DOS

StirMark (Freeware) - A breaking tool that removes embedded information from files (e.g., digital watermarks).
UnZign (Freeware) - A breaking tool that removes embedded information from files (e.g., digital watermarks).

Steg and Watermarking Tools

Data Hiding

PDF

Adaptive Steganography, R. Chandramouli, G. Li and N. Memon, Security and Watermarking of Multimedia Contents, San Jose, CA, February 2002.
Image Steganography and Steganalysis: Concepts and Practice, R. Chandramouli, M. Kharrazi, N. Memon, International Workshop on Digital Watermarking, Seoul, October 2003.
Steganographic Capacity from an Active Steganalysis Perspective, R. Chandramouli, N. Memon. Security and Watermarking of Multimedia Contents, Santa Clara, CA, January 2003.
Steganography in JPEG2000 compressed images Po-Chyi Su; Kuo, C.-C.J. Consumer Electronics, IEEE Transactions on, Vol.49, Iss.4, Nov. 2003 Pages: 824- 832
URL:
Cover Selection for Steganographic Embedding, M. Kharrazi, H. T. Sencar, N. Memon, IEEE International Conference on Image Processing, 2006.
Improving Steganalysis by Fusion Techniques: A Case Study with Image Steganography, M. Kharrazi, T. H. Sencar, N. Memon, EI SPIE San Jose, CA, January 15-19, 2006.
PSteg: steganographic embedding through patching, K. Petrowski, M. Kharrazi, H. T. Sencar, N. Memon, IEEE International Conference on Acoustics, Speech, and Signal Processing, Philadelphia, PA, March, 2005.
Steganography using multiple-base notational system and human vision sensitivity
Xinpeng Zhang; Shuozhong Wang Signal Processing Letters, IEEE, Vol.12, Iss.1, Jan. 2005 Pages: 67- 70
Steganalysis of Halftone Images, M. Jiang, E. K. Wong, N. Memon, X. Wu, IEEE International Conference on Acoustics, Speech, and Signal Processing, Philadelphia, PA, March, 2005.
Steganalysis of Degraded Document Images, M. Jiang, E. K. Wong, N. Memon, X. Wu, IEEE International Workshop on Multimedia Signal Processing, Shanghai, October, 2005.
Benchmarking steganographic and steganalysis techniques, M. Kharrazi, T. H. Sencar, N. Memon, EI SPIE San Jose, CA, January 16-20, 2005.
A LSB steganography detection algorithm
Li Zhi; Sui Ai Fen; Yang Yi Xian Personal, Indoor and Mobile Radio Communications, 2003. PIMRC 2003. 14th IEEE Proceedings on, Vol.3, Iss., 7-10 Sept. 2003 Pages: 2780- 2783 vol.3
The use of watermarks in the protection of digital multimedia products Voyatzis, G.; Pitas, I. Proceedings of the IEEE, Vol.87, Iss.7, Jul 1999 Pages:1197-1207 Spread spectrum image steganography Marvel, L.M.; Boncelet, C.G., Jr.; Retter, C.T. Image Processing, IEEE Transactions on, Vol.8, Iss.8, Aug 1999 Pages:1075-1083
Digital steganography: hiding data within data Artz, D. IEEE Internet Computing, Vol.5, Iss.3, May/Jun 2001 Pages:75-80
Blind consistency-based steganography for information hiding in digital media Hairong Qi; Snyder, W.E.; Sander, W.A. Multimedia and Expo, 2002. ICME '02. Proceedings. 2002 IEEE International Conference on, Vol.1, Iss., 2002 Pages: 585- 588 vol.1
High capacity and secure digital steganography to palette-based images Niimi, M.; Noda, H.; Kawaguchi, E.; Eason, R.O. Image Processing. 2002. Proceedings. 2002 International Conference on, Vol.2, Iss., 2002 Pages: II-917- II-920 vol.2
Application of bit-plane decomposition steganography to JPEG2000 encoded images Noda, H.; Spaulding, J.; Shirazi, M.N.; Kawaguchi, E. Signal Processing Letters, IEEE, Vol.9, Iss.12, Dec 2002 Pages: 410- 413
JPEG compression immune steganography using wavelet transform Xu, J.; Sung, A.H.; Shi, P.; Liu, Q. Information Technology: Coding and Computing, 2004. Proceedings. ITCC 2004. International Conference on, Vol.2, Iss., 5-7 April 2004 Pages: 704- 708 Vol.2
Chaos based spread spectrum image steganography Satish, K.; Jayakar, T.; Tobin, C.; Madhavi, K.; Murali, K. Consumer Electronics, IEEE Transactions on, Vol.50, Iss.2, May 2004 Pages: 587- 590
Transform domain steganography detection using fuzzy inference systems Munirajan, V.K.; Cole, E.; Ring, S. Multimedia Software Engineering, 2004. Proceedings. IEEE Sixth International Symposium on, Vol., Iss., 13-15 Dec. 2004 Pages: 286- 291
Application of BPCS steganography to wavelet compressed video Noda, H.; Furuta, T.; Niimi, M.; Kawaguchi, E. Image Processing, 2004. ICIP '04. 2004 International Conference on, Vol.4, Iss., 24-27 Oct. 2004 Pages: 2147- 2150 Vol. 4
A testbed for evaluating security and robustness of steganography techniques Tariq Al Hawi; Mahmoud Al Qutayri; Hassan Barada Circuits and Systems, 2003. MWSCAS '03. Proceedings of the 46th IEEE International Midwest Symposium on, Vol.3, Iss., 27-30 Dec. 2003 Pages: 1583- 1586 Vol. 3
A Secure Image Steganography using LSB, DCT and Compression Techniques on Raw Images Raja, K.B.; Chowdary, C.R.; Venugopal, K.R.; Patnaik, L.M. Intelligent Sensing and Information Processing, 2005. ICISIP 2005. Third International Conference on, Vol., Iss., 14-17 Dec. 2005 Pages: 170- 176
A secure LSB steganography system defeating sample pair analysis based on chaos system and dynamic compensation Xiangyang Luo; Zongyun Hu; Can Yang; Shanqing Gao Advanced Communication Technology, 2006. ICACT 2006. The 8th International Conference, Vol.2, Iss., 20-22 Feb. 2006 Pages: 6
A New Approach to Persian/Arabic Text Steganography Shirali-Shahreza, M.H.; Shirali Shahreza, M. Computer and Information Science, 2006. ICIS-COMSAR 2006. 5th IEEE/ACIS International Conference on, Vol., Iss., 10-12 July 2006 Pages: 310- 315
Collage Steganography Shirali-Shahreza, M.; Shirali-Shahreza, S. Computer and Information Science, 2006. ICIS-COMSAR 2006. 5th IEEE/ACIS International Conference on, Vol., Iss., 10-12 July 2006 Pages: 316- 321
Stealth steganography in SMS Shahreza, S. Wireless and Optical Communications Networks, 2006 IFIP International Conference on, Vol., Iss., 11-13 April 2006 Pages: 5 pp.-
A Robust BPCS-Steganography against the Visual Attack Niimi, M.; Noda, H.; Segee, B. Information, Communications and Signal Processing, 2005 Fifth International Conference on, Vol., Iss., 06-09 Dec. 2005 Pages: 1116- 1120
A New Genetic Algorithm Approach for Secure JPEG Steganography Fard, A.M.; , Mohammad-R.; , Akbarzadeh-T.; Varasteh-A., F. Engineering of Intelligent Systems, 2006 IEEE International Conference on, Vol., Iss., 22-23 April 2006 Pages: 1- 6
Analysis of Current Steganography Tools: Classifications & Features Ming Chen; Ru Zhang; Xinxin Niu; Yixian Yang Intelligent Information Hiding and Multimedia Signal Processing, 2006. IIH-MSP '06. International Conference on, Vol., Iss., Dec. 2006 Pages:384-387
Determining Achievable Rates for Secure, Zero Divergence, Steganography Sullivan, K.; Solanki, K.; Manjunath, B.S.; Madhow, U.; Chandrasekaran, S. Image Processing, 2006 IEEE International Conference on, Vol., Iss., Oct. 2006 Pages:121-124
A testbed for evaluating security and robustness of steganography techniques Tariq Al Hawi; Mahmoud Al Qutayri; Hassan Barada Circuits and Systems, 2003. MWSCAS '03. Proceedings of the 46th IEEE International Midwest Symposium on, Vol.3, Iss., 27-30 Dec. 2003 Pages: 1583- 1586 Vol. 3
An attack to BPCS-steganography using complexity histogram and countermeasure Niimi, M.; Ei, T.; Noda, H.; Kawaguchi, E.; Segee, B. Image Processing, 2004. ICIP '04. 2004 International Conference on, Vol.2, Iss., 24-27 Oct. 2004 Pages: 733- 736 Vol.2
Development of VHDL-based core with embedded steganography function Vasiltsov, I.V.; Karpinskyy, M.P.; Sagan, A.M. CAD Systems in Microelectronics, 2003. CADSM 2003. Proceedings of the 7th International Conference. The Experience of Designing and Application of, Vol., Iss., 18-22 Feb. 2003 Pages: 260- 261
Detection of block DCT-based steganography in gray-scale images Manikopoulos, C.; Yun-Qing Shi; Sui Song; Zheng Zhang; Zhicheng Ni; Dekun Zou Multimedia Signal Processing, 2002 IEEE Workshop on, Vol., Iss., 9-11 Dec. 2002 Pages: 355- 358
Is image steganography natural? Martin, A.; Sapiro, G.; Seroussi, G. Image Processing, IEEE Transactions on, Vol.14, Iss.12, Dec. 2005 Pages: 2040- 2050
Toward a theory of Steganography
Semantics-Preserving Application-Layer Protocol Steganography
Forensic Steganalysis: Determining the Stego Key in Spatial Domain Steganography
Image Steganography: Concepts and Practice
Steganography Capacity: A Steganalysis Perspective
Developments in Steganography
A Communications Approach to Image Steganograpy
Behind The Music: Principles Of Audio Steganography Chris Matthews SE 4C03 Winter 2003 April 4, 2003
Practical Internet Steganography: Data Hiding in IP
Towards Linguistic Steganography: A Systematic Investigation of Approaches, Systems, and Issues
Steganography - Messages Hidden in Bits

Journals

Steganalytic Features for JPEG Compression-Based Perturbed Quantization, G. Gul, A. E. Dirik, I. Avcibas, IEEE Signal Processing Letters, Volume 14, Issue 3, 2007

Detection of Audio Covert Channels using Statistical Footprints of Hidden Messages H. Ozer, B. Sankur, N. Memon, I. Avcibas, Digital Signal Processing, Volume 16, 2006.

Image Steganalysis with Binary Similarity Measures, I. Avcibas, M. Kharrazi, N. Memon, B. Sankur, EURASIP Journal on Applied Signal Processing, Volume 2005, Number 17, 2005.

Data Masking: A New Approach for Steganography?, R. Radhakrishnan, M. Kharrazi, N. Memon, The Journal of VLSI Signal Processing, Volume 41, Number 3, November 2005.

Image Steganography: Concepts and Practice, M. Kharrazi, H. T. Sencar, N. Memon, Lecture Notes Series, Institute for Mathematical Sciences, National University of Singapore, 2004.

A Performance Study of Common Image Steganography and Steganalysis Techniques, M. Kharrazi, H. T. Sencar, N. Memon, Journal of Electronic Imaging, Volume 15, Issue 4, October-December 2006.

Improving Steganalysis by Fusion Techniques: A Case Study with Image Based Steganography, M. Kharrazi, H. T. Sencar, N. Memon, LNCS Transactions on Data Hiding and Multimedia Security I, Volume 4300, 2006.

Books

Image Steganalysis. R. Chandramouli, and N. Memon. Optical and Digital Techniques for Information Security, Springer Verlag, December 2003.
Franz, E. and Schneidewind, A. 2004. Adaptive steganography based on dithering. In Proceedings of the 2004 Workshop on Multimedia and Security (Magdeburg, Germany, September 20 - 21, 2004). MM&Sec '04. ACM Press, New York, NY, 56-62.
Franz, E. and Pfitzmann, A. 2000. Steganography Secure against Cover-Stego-Attacks. In Proceedings of the Third international Workshop on information Hiding (September 29 - October 01, 1999). A. Pfitzmann, Ed. Lecture Notes In Computer Science, vol. 1768. Springer-Verlag, London, 29-46.
Westfeld, A. Detecting low embedding rates. In Lecture Notes in Computer Science 2137. Springer-Verlag, Berlin, 2003, 324–339.
Westfeld, A. F5-Steganographic algorithm: High capacity despite better steganalysis. In Lecture Notes in Computer Science 2137. Springer-Verlag, Berlin, 2001, 289–302
Provos, N. and Honeyman, P. Detecting steganographic content on the Internet. In Proceedings of Network and Distributed System Security Symposium (San Diego, Feb. 6–8). Internet Society, Reston, VA, 2002
Andreas Westfeld, F5 —A Steganographic Algorithm High Capacity Despite Better Steganalysis, LNCS 2137, Springer-Verlag, 2001. Vol 2137, pp. 289-302
Westfeld A, Pfitzmann A, Attacks on steganographic systems, In Proceedings of 3rd International Workshop on Information Hiding, Lecture Notes on Computer Science 1768, Berlin: Springer-Verlag, pp. 61~75, 2000.
A. Westfeld and A. Pfitzmann,"Attacks on Steganographic Systems," Lecture Notes in Computer Science, vol. 1768, Springer-Verlag, Berlin, 2000, pp. 61-75.
Jessica Fridrich, Miroslav Goljan, Rui Du, "Detecting LSB Steganography in Color and Gray-Scale Images," IEEE MultiMedia, vol. 08, no. 4, pp. 22-28, Oct-Dec, 2001.

Websites

http://www.citi.umich.edu/projects/steganography/faq.html
http://www.google.com/patents?hl=en&lr=&vid=USPAT6557103&id=XUcPAAAAEBAJ&oi=fnd&dq=steganography
http://www.securityfocus.com/infocus/1684
http://www.jjtc.com/Steganography/
http://www.cs.cmu.edu/~dst/DeCSS/Gallery/Stego/index.html
Steganography: Past, Present, Future
Bin Laden: Steganography Master?
Bin Laden exploits technology to suit his needs
Cyber warfare: Steganography vs. Steganalysis
MP3Stego: Hiding Text in MP3 Files Mark Noto September 15, 2001Practical Version 1.2
Cryptography And Steganography Of Video Information In Modern Communications
Steganography and steganalysis in voice-over IP scenarios: operational aspects and first experiences with a new steganalysis tool set