A new hybrid steganographic method for histogram preservation
A New Steganographic Method Based on the Run Length of the Stego-Message
-
Upload
ahmed-souliman -
Category
Documents
-
view
215 -
download
0
Transcript of A New Steganographic Method Based on the Run Length of the Stego-Message
-
7/29/2019 A New Steganographic Method Based on the Run Length of the Stego-Message
1/10
1
A New Steganographic Method Based on the Run Length of the Stego-Message
Eyas El-Qawasmeh and Alaa Alomari
Jordan University of Science and Technology
Abstract.
This work will propose a new method called threshold based method to conserve and
hide a message in a cover image using least significant bits of colored image. This
method is based on the Run-Length of the secret message. However, the runs-down
will be stored in the red components of the image, while the runs-up will be stored inthe green components of the image. The blue component has a special use, i.e. it is
used as a parity bit to ensure that the hidden message did not face any distortion or
modification and to indicate the end of the hidden message. The proposed method is
not robust against modification, and it can hide large amount of data inside the cover
image. Experimental results of this method showed that the suggested method has a
very good image quality when comparing it with other tools.
Keywords: threshold, Run-Length, run-down, run-up.
1- Introduction
Steganography is a combination of two Greek words which are stegano which means
secret or covered, and graphy which means writing [3, 16]. Steganography prevents
intruders from recognizing a secret message or secret communication, i.e. it is a way
to hide the existence of communication [16]. A famous example is the prisoner
problem [1]; in this problem Alice and Bob are arrested in a jail. They plan how to
escape from the jail by exchanging images between them. Thus, they communicate
via images by hiding the secret message inside the transmitted image. But any sent
image will be checked by Wendy, the warden. Wendy may be an active or passivewarden. In the case of a passive warden, she examines the image carefully, if she has
any evidence that the image is a stego image, she will take the appropriate action. Butif the image sounds free from a hidden message, she will pass it as it is (without any
modification). On the other hand, if Wendy plays the role of an active warden, she
will alter and modify the image even if she does not note anything in the sent image.
There are four key terms in steganography and they should be known for whomever
reads about steganography. The first term is the cover medium which is the medium
that is used to hide the secret message inside it. The second one is the secret or
embedded message which is the data that need to be hidden in the cover medium and
sometimes it is calledstego-message. The third term is thestego-medium which is the
output of embedding the secret message inside the cover medium. The last term is the
stegokey which is the key point in security, and it is used to extract the stego messagefrom the stego medium [15].
-
7/29/2019 A New Steganographic Method Based on the Run Length of the Stego-Message
2/10
2
Steganography may use any cover medium to hide the stego message. The cover
medium can be an image, sound, video, text or network packet, or any file format that
resists the small changes in its bit sequences. However, the image is the most suitable
cover medium since it can hide a large amount of data in the cover image [8].
We should note that the cover-medium and the stego-medium must be of the sametype, but the embedded-message (stego-message) may be of a different type. The
stego-key is not of the backbone of the steganography system because the assumption
that the eavesdropper does not have any information or background about the usedalgorithm in the steganography [11].
Any steganography technique should focus on two main constraints:
1- Difficulty in detecting the stego message and extracting it in cases that
the attacker has complete knowledge about the algorithm of embedding
which refers to Kerckhoffs principle [5, 9, 13, 15].
2- Maximizing the amount of data that can be hidden in the cover medium[9, 15].
Steganography can be classified into two main categories which are technicalsteganography and linguistic steganography. Technical steganography depends on a
scientific methods such as invisible ink, while linguistic steganography uses a cover
message to transfer the stego message [8].
This paper is organized as follows: section two shows some steganographic tools.
Section three shows the proposed method. Section four is the performance analysis.
And section five is the conclusion.
2 Current Related Work and Steganographic Tools
There are a lot of software products and tools used to hide a secret message inside
a cover medium, audio or image. Some of these image Steganographic products
are shown in table 1 [2, 7, 10, 14], and some of them will be represented briefly.
Software Technique Autour Image format
Hide and Seek Image Domain (LSB) Colin Maroney GIF
Mandelsteg Image Domain (LSB) Henry Hastur GIF
Steganos Image Domain (LSB) Steganos GmbH BMPStegoDos Image Domain (LSB) Back Wolf GIF, PCX
S-Tools Image Domain (LSB) Andrew Brown BMP, GIF
Stego Image Domain (LSB) Romana Machado GIF
Ezstego Image Domain (LSB) Romana Machado GIF, PICT
White Noise Storm Image Domain (LSB) Ray Arachelian PCX
Jpeg/Jsteg Transform Domain Derek Upham JPEG
JPHide Transform Domain Allan Latham JPEG
Outguess Transform Domain Niels Provos JPEG, PNG
PictureMarc Transform Domain Digimarc
Corporation
JPEG
SysCop Transform Domain MediaSec MPEG-1,
-
7/29/2019 A New Steganographic Method Based on the Run Length of the Stego-Message
3/10
3
TechnologiesLLC
MPEG-2
Table 1: List of some steganographic tools
2-4-1 Jpeg/Jsteg
JSTEG is a tool introduced by Derek Upham to work with a different platform.
JSTEG does not support any encryption level to the hidden message, and it uses
the LSB of the DCT coefficients which are scaled using the quantization table.
JSTEG scans the block in a zigzag order that is shown in figure 2-2, where the
used coefficients in the hiding process are neither -1, 0, nor 1. After inserting the
sub-stream bits in the block, the jpeg compression is accomplished normally, and
the stego-image is obtained [4, 10, 14].
Korejwa has developed a new tool derived from JSTEG to work as windows userinterface. This tool is called JSTEG-Shell. Here, an encryption is applied to the
secret message to work as a second level of security. Stream Cipher RC4 with akey space restricted to 40 bits is the encryption algorithm that is used in the
JSTEG-Shell [14].
2-4-2 JPHide
JPHIDE Tool is more modern than JSTEG, and it has two versions; 3 and 5.Version 5 provides an additional compression to the stego message. As in JSTEG,it uses the quantized DCT coefficients. But the coefficients used here are selected
pseudo randomly according to a fixed table that contains the coefficients. These
coefficients are sorted downwardly by the probability of having a high value, (the
coefficients are sorted in a way that selects the most probably numerically high at
first). The advantage of JPHide over JSTEG is that the use of pseudo random
makes the message that hidden by JPHide more difficult to be detected [10, 14].
2-4-3Steganos
Maybe, this is the most powerful security tool [12]. It is a security suit that uses asecond level of security by applying encryption standard AES with 128 bits. This
1 2 6 7 15 16 28 29
3 5 8 14 17 27 30 43
4 9 13 18 26 31 42 44
10 12 19 25 32 41 45 54
11 20 24 33 40 46 53 55
21 23 34 39 47 52 56 61
22 35 38 48 51 57 60 62
36 37 49 50 58 59 63 64
Figure 2-2: Zigzag scanning
method
-
7/29/2019 A New Steganographic Method Based on the Run Length of the Stego-Message
4/10
4
security tool includes file encryption and hiding, e-mail encryption, and password
manager and generator [6].
Steganos hides the secret message in the LSB of the image spatial domain of BMP
file. In addition, it can hide the secret message inside DIB, VOC, WAVE, ASCII, and
HTML files.
2-4-4 S-Tools
This tool seems to be the easiest tool. It uses the RGB of the image to hide the secret
message [12]. The cover medium can be GIF, WAV, or BMP files.
S-Tools can hide more than one file in the same cover medium. To encrypt the secret
file, it uses IDEA, DES, Triple DES, or MDC encryption algorithm. However, this
tool compresses the secret files (if the compression process is required) and then hides
them in the bit-stream of the cover medium.
3- Proposed method
The proposed method is based on the idea of identifying a threshold for R, a threshold
for G, and a threshold for B. These thresholds may be considered as a key between the
sender and receiver. They are also used to identify the embeddable pixels. Pseudo-
random number generator can be used to identify the location of a pixel in the
embeddable area. However, this method depends on the computation of run up and
down of the message to indicate the number of bits that will be used in the hidden
process from any embeddable pixel. Run is the sequence of observations or data of
the same category occurred consecutively; run down is a sequence of zeros and therun up is the sequence of ones occurred successively. The following algorithm
expresses the fundamental operations employed in the hiding process of this method.
Algorithm Threshold_Method
Begin
1- Determine the thresholds for R, G, and B (user defined thresholds). By using
these thresholds, the embeddable area can be recognized. Any pixel that hasvalues for R, G and B less than the given threshold for R, G and B respectively
will be considered an embeddable pixel. Otherwise, this pixel is not anembeddable pixel.
//minimize the required space of the image that will be used to hide the stego
//message by adapting the number of bits that will be used in the embedding
//process.
2- Compute runs up and runs down to the binary representation of the stego
message to detect the number of bits (E) that will be used to embed the
message.
//choose the least one, two, or three significant bits will depend on the message//itself.
-
7/29/2019 A New Steganographic Method Based on the Run Length of the Stego-Message
5/10
5
3- Choose exactly the least significantEbits of each embeddable pixel to
store the data inside.
4- Start the hiding process as follows:
a. The first embeddable pixel will identify the number of bits used to
perform the hiding process.
If (L1SB ( R ) = 1) and (L1SB ( G ) = L1SB ( B ) = 0) then
Use L1SB.
If (L1SB ( R ) = L1SB ( G ) = 1) and the (L1SB ( B ) = 0) then
Use L2SB.
If L1SB ( R ) = L1SB ( G ) = L1SB ( B ) = 1
Use L3SB.
b. The number of bits that will be used in the hiding process will bespecified only for R and G. While in the B spectrum, only the L1SB
will be always used, and this bit will be used as a parity bit to ensure
that the data is hidden correctly in the extraction process, this parity bit
will be zero if the count of the hidden bits (from the secret message) in
R and G is odd, and one if the count of the hidden bits is even.
// in any embeddable pixel, the R part will be used to hide the current run
//down or part of it, and the G part will be used to hide the current run up//or part of it.
c. Store the number of consecutive 0s of the stego-message inside the
least Ebits of the red component of the selected pixels. It is expected
that at most 2E 1 consecutive 0s can be stored in the red component
of one pixel. In case that the number of consecutive 0s is greater than
2E 1, the remainder of 0s bits is stored at the next pixel in the red
component.
d. Store the number of consecutive 1s of the stego-message inside theleastEbits of the green component of the selected pixels. It is expected
that at most 2E
1 consecutive 1s can be stored in the greencomponent of one pixel, in case of the number of consecutive 1s is
greater than 2E 1, the remainder of 0s bits is stored at the next pixel
in the green part.
e. If (the stego message bit stream is completely hidden) then
stop the hiding process by making the number of the hidden
bits in the current embeddable pixel equal to zero (i.e. LSB(s)
of R and G are zeros) and the parity bit is also zero (i.e. L1SB
(B) is zero).
End
-
7/29/2019 A New Steganographic Method Based on the Run Length of the Stego-Message
6/10
6
Extracting the message is simply accomplished by using the same thresholds for R, G
and B, and by using the same pseudo-random number generator. Thus, the receiver
will extract the specified number of bits from each traversed pixel (the specified
number is determined by the first embedding pixel which identifies the number of bits
used in the hiding process).
Note that, if the thresholds which have been defined are (X, Y, Z) for RGB
respectively, then the algorithm avoids hiding part of the secret message inside any
pixel with one of the following cases:
1- Red component value X 2E.
2- Green component Y 2E.
3- Blue component Z 2.
This is because the argument of the pixel may exceed the given threshold after
hiding part of data inside it. For example assume that the defined threshold for the
red component is 129 and the E value is 2 (where 2 is the number of bits that willbe used from the red and green components). In the case of encountering a pixelwith R=128 = (10000000)b and hiding run down of length 3 inside it, the new
value for R will be (10000011)b = 131. Thus, this pixel will not be recognized as
an embeddable pixel during the extraction process because the red value exceeds
the given red threshold. So, if the algorithm encounters any pixel with this case, it
will store a run down of length zero inside the red component of this pixel, store a
run up of length zero inside green component of it and so the blue component
(parity bit) will be one.
4 Performance analysis
This section introduces a comparison between the proposed method (Threshold based
method) and some steganographic tools. This comparison compares the proposedmethod with JPHide steganographic tool. The type of images that were used in the
comparison are JPEG images with image quality factor equal to 95% and imagedimensions equal to 125 x 125. S-Tools will be used to compare the threshold method
for BMP images with image dimensions equal to 125 x 125.
The measurements which are used to prove the efficiency of the proposed method are
Mean Square Error (MSE), Peak Signal to Noise Ratio (PSNR), Pearson Correlation
Coefficient (Corr.), and Structural Content (SC). MSE is the expected value for thesquare error between the input and output images, the smaller value for MSE is, the
better image quality and the smallest distortion on the image will be.
PSNR is used to represent the ratio between the maximum value of the signal and the
quantity of distortion or noise. It is measured by decibel which is abbreviated by dB.
Here, the larger value for PSNR indicates the better image quality.
Pearson Correlation Coefficient is a statistical and numerical measurement for the
linear relationship between the input and the output images. Correlation value may be
ranged from -1 to 1 where the perfect negative correlation is at -1, no correlation is at
zero, and the perfect positive correlation is at 1.
-
7/29/2019 A New Steganographic Method Based on the Run Length of the Stego-Message
7/10
7
the Structural Content (SC) is a correlation based measurement. Here, this measure
measures the similarity between the input and the output image. Thus, it works as
complementary for measurements which based on pixel difference like MSE and
PSNR
the first experiment was to do comparison with the JPHide tool.
The image shown in figure 4-1-a is the Lena image and it is stored as JPEG image
with a 95% image quality factor.
After embedding 512 bytes in the image, the stego images were as is shown in figure
4-1-b and 4-1-c, and the image quality measures are shown in table 4-1.
Table 4-1 points out that the Threshold based method is the better than JPHide..
However, to ensure the obtained indication, other comparisons are performed with
128, 256, and 384 bytes. Note that the comparison cannot be applied for 1024 bytes,
this is because JPHide cannot hold this amount of hidden data inside Lena test image.
The results of the full comparison are shown in the same table.
MSE
Method 128 256 384 512
JPHide 0.082 0.086 0.087 0.082
Threshold 0.018 0.036 0.054 0.072
PSNR
Method 128 256 384 512
JPHide 58.983 58.744 58.695 58.963
Threshold 65.490 62.505 60.791 59.553
CorrMethod 128 256 384 512
JPHide 0.99998 0.99998 0.99998 0.99998
Threshold 0.99999 0.99999 0.99998 0.99998
SC
Method 128 256 384 512
JPHide 0.99985 0.99988 0.99989 0.99991
Threshold 0.99992 0.99983 0.99974 1.00024
Table 4-1: comparison between JPHide and Threshold
a: Original JPEG
image
b: JPEG Stego image
using JPHide
c: JPEG Stego image
using Threshold
Figure 4-1: JPEG cover and stego image
-
7/29/2019 A New Steganographic Method Based on the Run Length of the Stego-Message
8/10
8
The second part of experiment is to compare our suggested approach with S-Tools.
Figure 4-2 part a shows a 125 x 125 BMP image that is used in the comparison with
S-Tools.
After embedding 512 bytes in the image that appears in figure 4-3, the obtained result
is shown in table 4-2 and figure 4-2:As for JPHide a full comparison is shown in table 4-3. The results obtained from the
table show that the threshold method is comparable with S-ToolsMSE
Method 128 256 384 512
S-Tools 0.009792 0.0091306 0.011456 0.012053333
Threshold 0.01819733 0.0357547 0.053696 0.072085
PSNR
Method 128 256 384 512
S-Tools 68.2220895 68.525778 67.540474 67.31973194
Threshold 65.5307261 62.597476 60.831384 59.55233
Corr
Method 128 256 384 512
S-Tools 0.9999974 0.9999976 0.999997 0.999996988
Threshold 0.99999565 0.9999916 0.9999879 0.99998
SC
Method 128 256 384 512
S-Tools 1.00000001 0.9999991 1.0000098 0.999997405
Threshold 0.99991828 0.999825 0.9997343 0.999645574
Table 4-3: comparison between S-Tools and Threshold
5 Conclusions
The proposed steganographic method, which is called threshold method aims to hide a
secret message in the spatial domain of the cover image. Threshold method is based
on the run length of the secret message. In this method the key will be the thresholdvalues that are used to identify the embedding pixels. Threshold method may use
PRNG to improve security, i.e. by using PRNG the hiding process chooses theembeddable pixels from the embeddable area in a random manner. However, in this
method, one of the encryption algorithms can be used to encrypt the secret message inorder to improve the security.
a: Original BMP
imageb: BMP Stego image
usin S-Tools
c: BMP Stego image
usin Threshold
Figure 4-2: BMP cover and stego images
-
7/29/2019 A New Steganographic Method Based on the Run Length of the Stego-Message
9/10
9
A comparison was performed between the threshold method with JPHide and S-
Tools. The result of the comparison with JPHide (hiding in a JPEG image) shows that
the threshold method gives the better image quality. While the result of comparison
with S-Tools (hiding in a BMP image) points out that the threshold method is
comparable with S-Tools.
However, when hiding a secret message in the spatial domain of a JPEG image, it
should be stored with a high image quality in order to maximize the robustness
against detection.
References
Avcibas I., Memon N., and Sankur B.: Steganalysis Using Image Quality Metrics.
IEEE Transactions On Image Processing, Vol. 12 No. 2 (2003) P.P. 221
229.
Bayer P., and Widenfors H.: Information Hiding Steganographic Content inStreaming Media. Master thesis, Blekinge Institute of Technology, Sweden
(2002).
Besdok, E.: Hiding Information In Multispectral Spatial Images. InternationalJournal AEU of Electronics and Communications, Vol. 59 (2005) P.P.15
24.
Chang C.C., Chen T.S., and Chung L.Z.: A Steganographic Method Based Upon
JPEG And Quantization Table Modification. An International Journal ofInformation Sciences Vol. 141 (2002) P.P. 123 138.
Fridrich J.: A New Steganographic Method for Palette-Based Images. IS&T PICS,
Savannah, Georgia (1999) P.P. 285289.
Information about Steganos tool (online) [accessed 2005 august]. Available from
URL http://www.snapfiles.com/get/steganos.html.
Johnson N.F., and Jajodia S.: Exploring Steganography: Seeing the Unseen. IEEEComputer Magazine Vol. 31 No. 2 (1998) P.P. 26 34.
Kessler G.C.: An Overview of Steganography for the Computer Forensics
Examiner. FBI Forensic Science Communications, Vol. 6 No. 3 (2004) P.P.
1 29.
Lenti J.: Steganographic Methods. Periodica Polytechnica Ser. El. Eng. Vol. 44
No. 3-4 (2000) P.P. 249 258.
McBride B.T., Peterson G.L., and Gustafson SC.: A New Blind Method for
Detecting Novel Steganography. Digital Invstigation Vol. 2 (2005) P.P. 50 70.
-
7/29/2019 A New Steganographic Method Based on the Run Length of the Stego-Message
10/10
10
Moskowitz I.S., Longdon G.E., and Chang L.W.: A New Paradigm Hidden in
Steganography. Proceedings of the 2000 Workshop on New Security
Paradigms, New York (2000) P.P. 4150.
Phrack Magazine. Steganography Thumbprinting. Volume 8, Issue 52 January
26, 1998, article 08 of 20.
Popa R.: An Analysis Of Steganographic Techniques. Master Thesis, The
"Politehnica" University of Timisoara, Romania (1998).
Provos N, and Honeyman P.: Detecting Steganographic Content on the Internet.
CITI Technical Report 01-11; Center for Information Technology
Integration. University of Michigan (2001).
Steganography and Digital watermarking: a global view. (online) [accessed august
2005]; available from URL
http://lia.deis.unibo.it/Courses/RetiDiCalcolatori/Progetti00/fortini/project.pdf
Toz F.G., Palancioglu H.M., and Besdok E.: Hidden Communication in
Frequency Domain For Information Exchange, Proceedings of ISPRS 2004,
Istanbul, Turkey (2004) P.P. 326 330..