Steganography: Difference between revisions
Jump to navigation
Jump to search
(New page: == OutGuess == * [http://www.outguess.org/ OutGuess] is a steganography tool developed by Niels Provos. * Quite secure, although some [http://www.ws.binghamton.edu/fridrich/Research/acm_ou...) |
No edit summary |
||
| (2 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
== Reference == |
|||
* http://resources.infosecinstitute.com/steganography-and-tools-to-perform-steganography/ |
|||
== OutGuess == |
== OutGuess == |
||
* [http://www.outguess.org/ OutGuess] is a steganography tool developed by Niels Provos. |
* [http://www.outguess.org/ OutGuess] is a steganography tool developed by Niels Provos. |
||
| Line 4: | Line 7: | ||
* Package available for Windows, Linux, Cygwin... |
* Package available for Windows, Linux, Cygwin... |
||
* OutGuess works by storing information in the LSB of non-zero DCT coefficient, while preserving first-order statistics. |
* OutGuess works by storing information in the LSB of non-zero DCT coefficient, while preserving first-order statistics. |
||
=== Basic usage === |
|||
<source lang="bash"> |
|||
$ outguess -k "password" -d secret.txt original.jpg embedded.jpg |
|||
$ outguess -k "password" -d secret.txt -p 100 original.jpg embedded.jpg #Max jpeg compression for max capacity |
|||
</source> |
|||
Example of output: |
|||
<pre> |
|||
Reading original.jpg.... |
|||
JPEG compression quality set to 75 |
|||
Extracting usable bits: 105949 bits |
|||
Correctable message size: 49783 bits, 46.99% |
|||
Encoded 'secret.txt': 144 bits, 18 bytes |
|||
Finding best embedding... |
|||
0: 76(43.7%)[52.8%], bias 68(0.89), saved: 0, total: 0.07% |
|||
21: 84(47.7%)[58.3%], bias 55(0.65), saved: -1, total: 0.08% |
|||
115: 77(44.3%)[53.5%], bias 59(0.77), saved: 0, total: 0.07% |
|||
115, 136: Embedding data: 144 in 105949 |
|||
Bits embedded: 174, changed: 77(44.3%)[53.5%], bias: 59, tot: 106258, skip: 106084 |
|||
Foiling statistics: corrections: 55, failed: 0, offset: 40.125000 +- 65.879625 |
|||
Total bits changed: 136 (change 77 + bias 59) |
|||
Storing bitmap into data... |
|||
Writing embedded.jpg.... |
|||
</pre> |
|||
* ''usable bits'' are the number of LSB of the DCT coeffecient that are available |
|||
* ''Correctable message size'' are the subset of these LSB that can effectively be used without detection |
|||
* One may specify the ''quality'' settings of output image (option <tt>-p</tt>) to increase the capacity. However this quality settings should match the quality of the input file. |
|||
=== Patch on OutGuess 0.2 === |
=== Patch on OutGuess 0.2 === |
||
| Line 30: | Line 62: | ||
$ cp -rv outguess-0.2/.inst/* / #Install |
$ cp -rv outguess-0.2/.inst/* / #Install |
||
</source> |
</source> |
||
=== Analysing OutGuess 0.2 === |
|||
* The ''Correctable message size'' generally increases with the JPEG quality of the input image |
|||
* When using option <tt>-p</tt> to specify the JPEG quality of the output image, the best ''Correctable message size'' is generally achieved while using same output JPEG quality as input image. |
|||
* Without specifying output JPEG quality, |
|||
** Output file size is almost equal and minimum when input JPEG quality is 75% or 100%, and has its maximum around 85%. |
|||
** Max. ''Correctable message size'' is obtained when input JPEG quality is 78%...81%. |
|||
* Using <tt>pamscale</tt> (with default param), all the generated images have lost in capacity efficiency (i.e. ratio ''Correctable message size'' / ''Image size'') (→ '''To Do''': look effect of other rescaling algorithms). |
|||
== StegHide == |
|||
* [http://steghide.sourceforge.net/ StegHide] |
|||
== Stegdetect == |
|||
* [https://github.com/abeluck/stegdetect stegdetect], a generic tool to break steganography scheme. |
|||
* http://theevilbit.blogspot.fr/2013/01/backtrack-forensics-steganoghraphy.html |
|||
Latest revision as of 14:19, 10 May 2017
Reference
OutGuess
- OutGuess is a steganography tool developed by Niels Provos.
- Quite secure, although some attacks exist.
- Package available for Windows, Linux, Cygwin...
- OutGuess works by storing information in the LSB of non-zero DCT coefficient, while preserving first-order statistics.
Basic usage
$ outguess -k "password" -d secret.txt original.jpg embedded.jpg
$ outguess -k "password" -d secret.txt -p 100 original.jpg embedded.jpg #Max jpeg compression for max capacity
Example of output:
Reading original.jpg....
JPEG compression quality set to 75
Extracting usable bits: 105949 bits
Correctable message size: 49783 bits, 46.99%
Encoded 'secret.txt': 144 bits, 18 bytes
Finding best embedding...
0: 76(43.7%)[52.8%], bias 68(0.89), saved: 0, total: 0.07%
21: 84(47.7%)[58.3%], bias 55(0.65), saved: -1, total: 0.08%
115: 77(44.3%)[53.5%], bias 59(0.77), saved: 0, total: 0.07%
115, 136: Embedding data: 144 in 105949
Bits embedded: 174, changed: 77(44.3%)[53.5%], bias: 59, tot: 106258, skip: 106084
Foiling statistics: corrections: 55, failed: 0, offset: 40.125000 +- 65.879625
Total bits changed: 136 (change 77 + bias 59)
Storing bitmap into data...
Writing embedded.jpg....
- usable bits are the number of LSB of the DCT coeffecient that are available
- Correctable message size are the subset of these LSB that can effectively be used without detection
- One may specify the quality settings of output image (option -p) to increase the capacity. However this quality settings should match the quality of the input file.
Patch on OutGuess 0.2
- There is a small bug in OutGuess 0.2 that makes estimate of the correctable message size to be negative for big images. Here's a patch that correct this.
--- outguess-0.2/jpg.c 2001-02-13 01:29:07.000000000 +0100
+++ outguess-0.2/jpg.c 2009-08-25 16:06:05.242378300 +0200
@@ -176,7 +176,7 @@
fprintf(stderr, "Can not calculate estimate\n");
res = -1;
} else
- res = 2*bitmap->bits*b/(a + b);
+ res = 2*(long long)bitmap->bits*b/(a + b); /* Fixed: multiply was overflowing for big images */
/* Pending threshold based on frequencies */
for (i = 0; i < DCTENTRIES; i++) {
- To apply the patch on Cygwin, first fetch Outguess-0.2
$ /setup.exe& #Select Outguess-0.2 sources
$ cd /usr/src
$ cat > outguess-0.2.patch #Copy patch above in patch file
$ ./outguess-0.2-1.sh -v -c prep conf
$ patch -lNp0<outguess-0.2.patch #Apply the patch
$ ./outguess-0.2-1.sh -v -c make install
$ cp -rv outguess-0.2/.inst/* / #Install
Analysing OutGuess 0.2
- The Correctable message size generally increases with the JPEG quality of the input image
- When using option -p to specify the JPEG quality of the output image, the best Correctable message size is generally achieved while using same output JPEG quality as input image.
- Without specifying output JPEG quality,
- Output file size is almost equal and minimum when input JPEG quality is 75% or 100%, and has its maximum around 85%.
- Max. Correctable message size is obtained when input JPEG quality is 78%...81%.
- Using pamscale (with default param), all the generated images have lost in capacity efficiency (i.e. ratio Correctable message size / Image size) (→ To Do: look effect of other rescaling algorithms).
StegHide
Stegdetect
- stegdetect, a generic tool to break steganography scheme.
- http://theevilbit.blogspot.fr/2013/01/backtrack-forensics-steganoghraphy.html