Honeypot and Steganography
-
Upload
preeti-yadav -
Category
Technology
-
view
520 -
download
1
Transcript of Honeypot and Steganography
NIS ASSIGNMENTTopic: Honeypot and Steganography
Date:08/08/2015
Made By:Preeti KumariSushma Bhat
MOUNT CARMEL COLLEGEDEPARTMENT OF MCA
HoneypotsBe afraid
Be very afraid
page 312/10/07 Presentation
CONTENTS Introduction History
What is Honeypot?
Classification
Applications
Advantages and Disadvantages
Conclusion References
page 412/10/07 Presentation
Introduction
The primary goal of computer security is to defend computers against attacks launched by malicious users. A relatively recent innovation in intrusion detection
technology is the honeypot. The systems can only react to or prevent attacks but they
cannot give us information about the attacker, the tools used or even the methods employed. Hence, Honeypots are a novel approach to network security and security research
Honeypots are closely monitored decoys that are employed in a network to study the trail of hackers and to alert network administrators of a possible intrusion.
page 512/10/07 Presentation
The concept of Honeypots was first described by Clifford Stoll in 1990.
It began with two publications, “The Cuckoos Egg” and “An Evening with Breford”.
The first honeypot was released in 1997 called the Deceptive Toolkit.
In 1998 the first commercial honeypot called Cybercop Sting was released.
In 2002 the honeypot was used all over the world. In the year 2005 The Philippine Honeypot Project was started to
promote computer safety over in the Philippines.
History
page 612/10/07 Presentation
A HONEYPOT is an information system resource whose value lies in unauthorized or illicit use of that resource
Honeypots and firewalls work in reverse direction to each other as the honeypots allow all traffic to come in but blocks all outgoing traffic. Most honeypots are installed inside network firewalls and is a means of monitoring and tracking hackers. Honeypots are a unique tool to learn about the tactics of hackers.
Honeypots are decoy systems that are designed to lure a potential attacker away from critical systems.
What is a Honeypot?
page 712/10/07 Presentation
Goals of the Honey pot system The virtual system should look as real as possible, it
should attract unwanted intruders to connect to the virtual machine for study. It must include files, directories and information that will catch the eye of the hacker.
The virtual system should be watched to see that it isn’t used for a massive attack on other systems.
page 812/10/07 Presentation
Purpose
The two main reasons why honeypots are deployed are
1.To learn how intruders probe and attempt to gain access to your systems and gain insight into attack methodologies to better protect real production systems. 2. To gather forensic information required to aid in the apprehension.
page 912/10/07 Presentation
Block diagram of single honeypot
page 1012/10/07 Presentation
How do honeypots work?
page 1112/10/07 Presentation
Classification of HoneyPots Honeypots can be classified according to two criteria:
According to their Implementation Environment According to their Level of Interaction.
page 1212/10/07 Presentation
Implementation Environment
Under this two category
Production Honeypots
Research Honeypots
page 1312/10/07 Presentation
Production Honeypots: ….. Used to protect organizations in real production
operating environments.
Specifically the three layers of prevention, detection, and response.
page 1412/10/07 Presentation
Research Honeypots: …..
These Honeypots are not implemented with the objective of protecting networks.
Studying all sorts of attack patterns and threats.
Used to gather information about the intruders’ actions.
page 1512/10/07 Presentation
Level of Interaction …...
The term “Level of Interaction” defines the range of attack possibilities that a Honeypot allows an attacker to have.
classified on the bases of their levels:-
1. HoneyD (Low-Interaction)
2. Honey net (High-Interaction)
page 1612/10/07 Presentation
Low-Interaction Honeypots
Low-interaction honeypots are typically the easiest honeypots to install, configure, deploy, maintain.
Nepenthes Honeyd Honeytrap Web Applications
page 1712/10/07 Presentation
High-interaction Honeypots
Honeynets is a collection of honeypots are combined to create a single honeynet.
High-interaction honeypots provide an attacker with a real operating system where nothing is emulated or restricted.
It controls an attacker at the network level.
page 1812/10/07 Presentation
Advantages of Honeypots…..
New Tools and Tactics Minimal Resources Information Simplicity
page 1912/10/07 Presentation
Disadvantages of Honeypots……
Limited Vision Risk
page 2012/10/07 Presentation
Applications Defence
Business
Education organizations
Banking security
Web applications
page 2212/10/07 Presentation
Contents
What is Steganography? History Of Steganography Physical And Digital techniques Steganography v/s Cryptography Basic Steganography Model Types Of Steganography Applications Advantages v/s Disadvantages Conclusion References
page 2312/10/07 Presentation
History
Steganography was traced from 440 BC Demaratus sent a warning about a forthcoming attack to
Greece by writing it directly on the wooden backing of a wax tablet
Ancient Chinese wrote messages on fine silk
During Second World War a technique was developed to shrink photographically a page of text into a dot less than one millimeter in diameter.
page 2412/10/07 Presentation
What is Steganography?What is Steganography?
Steganography is the art and science of writing hiddenmessages in such a way that no one, apart from the sender and intended recipient, suspects the existence of the message.
“Steganography means hiding one piece of data within another”.
page 2512/10/07 Presentation
Example
Since everyone can read, encoding textin neutral sentences is doubtfully effective
Since Everyone Can Read, Encoding TextIn Neutral Sentences Is Doubtfully Effective
‘Secret inside’
page 2612/10/07 Presentation
Physical Techniques
Hidden messages within wax tablets Hidden messages on messenger's body Hidden messages on paper written in secret inks Messages written on envelopes in the area covered
by postage stamps. Invisible ink Character marking Pin punctures Typewriter correction ribbon
page 2712/10/07 Presentation
Digital Techniques
Concealing messages within the lowest bits of noisy images or sound files.
Modifying the echo of a sound file (Echo Steganography)
Including data in ignored sections of a file, such as after the logical end of the carrier file.
page 2812/10/07 Presentation
Steganography V/s Cryptography
Steganography CryptographyUnknown message passing Known message passing
Steganography prevents discovery of the very existence of communication
Encryption prevents an unauthorized party from discovering the contents of a
communication
Little known technology Common technologyTechnology still being develop for certain
formatsMost of algorithm known by all
Once detected message is knownStrong current algorithm are resistant to
attacks ,larger expensive computing power is required for cracking
Steganography does not alter the structure of the secret message
Cryptography alter the structure of the secret message
page 2912/10/07 Presentation
Basic Steganography Model
page 3012/10/07 Presentation
Text Steganography
Text steganography can be applied in the digital makeup format such as PDF, digital watermark or information hiding
Example: TextHide hides the information in the manner of text overwriting and words’ selection.
page 3112/10/07 Presentation
Text Steganography Methods
Text Steganography in Markup Languages[HTML] Text Steganography in Specific characters in words Line shifting Method Word shifting Feature coding
page 3212/10/07 Presentation
Examples of Text Steganography
An example of a message containing cipher text by German Spy in World War II:
“Apparently neutral's protest is thoroughly discounted And ignored. Isman hard hit. Blockade issue affects Pretext for embargo on by products, ejecting suets and Vegetable oils. ”
Pershing sails from NY June 1.
page 3312/10/07 Presentation
Image Steganography
page 3412/10/07 Presentation
Transform Domain Technique
Transform domain techniques embed messages in the intensity of the pixels directly.
In this technique images are first transformed and then the message is embedded in the image
This techniques encompass bit-wise methods that apply bit insertion and noise manipulation.
Steganography in the transform domain involves the manipulation of algorithms and image transforms.
page 3512/10/07 Presentation
LSB [Least Significant bit] Method Least significant bit (LSB) insertion is a common, simple
approach to embedding information in a cover image The least significant bit (8th bit) is changed to a bit of the
secret message When using a 24-bit image, a bit of each of the red, green
and blue colour components can be used, since they are each represented by a byte.
In its simplest form, LSB makes use of BMP images, since they use lossless compression
page 3612/10/07 Presentation
Example Of LSB Method
A grid for 3 pixels of a 24-bit image can be as follows:(00101101 00011100 11011100)(10100110 11000100 00001100)(11010010 10101101 01100011)
When the number 200, which binary representation is 11001000, is embedded into the least significant bits of this part of the image, the resulting grid is as follows:
(00101101 00011101 11011100)(10100110 11000101 00001100)(11010010 10101100 01100011)
page 3712/10/07 Presentation
Example Of Image Steganography
Image of a tree with a steganographically hidden image.
page 3812/10/07 Presentation
Audio Steganography
Embedding secret messages into digital sound is known as audio Steganography.
Audio Steganography methods can embed messages in WAV, AU, and even MP3 sound files.
page 3912/10/07 Presentation
LSB Technique Method
The message 'HEY' is encoded in a 16-bit sample using the LSB method.
Here the secret information is ‘HEY’ and the cover file is audio file. HEY is to be embedded inside the audio file.
First the secret information ‘HEY’ and the audio file are converted into bit stream.
The least significant column of the audio file is replaced by the bit stream of secret information ‘HEY’.
The resulting file after embedding secret information ‘HEY’ is called Stego-file.
page 4012/10/07 Presentation
It is used in the way of hiding not the information but the password to reach that information.
Difficult to detect. Only receiver can detect.
Can be applied differently in digital image, audio and video file.
It can be done faster with the large number of softwares.
Advantages
page 4112/10/07 Presentation
Disadvantages
Huge number of data, huge file size, so someone can suspect about it.
If this technique is gone in the wrong hands like hackers, terrorist, criminals then this can be very much dangerous for all.
page 4212/10/07 Presentation
Applications
Media Database systems Usage in modern printers Alleged use by terrorists Alleged use by intelligence services
page 4312/10/07 Presentation
Conclusion
• Honey pots are an extremely effective tool for observing hackers movements as well as preparing the system for future attacks.
• Steganography in our current digital age can be attributed to both the desire of individuals to hide information
page 4412/10/07 Presentation
References
http://www.honeynet.org.mx/es/data/files/Papers/UAT_Honeypots_EN
http://www.honeypots.net/honeypots/links
S. William, Cryptography and Network Security: Principles and Practice, 2nd edition, Prentice-Hall, Inc., 1999 pp 23-50
Bandyopadhyay, S.K., 2010. An Alternative Approach of Steganography Using Reference Image.
page 4512/10/07 Presentation
Research paper on Online hiding of information
page 4612/10/07 Presentation
In today’s world the art of sending & displaying the hidden information especially in public places, has received more attention.
In this paper we propose a new form of steganography, on-line hiding of information on the output screens of the instrument. This method can be used for announcing a secret message in public place.
Private marking system using symmetric key
steganography technique and LSB technique is used here for hiding the secret information.
Abstract
page 4712/10/07 Presentation
Introduction
The main goal of steganography is to hide information in the other cover media so that other person will not notice the presence of the information.
Steganography is the art of inconspicuously hiding data within data.
page 4812/10/07 Presentation
Requirements of hiding information digitally
a)The integrity of the hidden information after it has been embedded inside the stego object must be correct.
b)The stego object must remain unchanged or almost unchanged to the naked eye.
c) Finally, we always assume that the attacker knows that there is hidden information inside the stego object.
page 4912/10/07 Presentation
Embedding and detecting secret information
page 5012/10/07 Presentation
Types of steganography
Steganography can be split into two types :
a)Fragile: This steganography involves embedding information into a file which is destroyed if the file is modified.
b)Robust: Robust marking aims to embed information into a file which cannot easily be destroyed.
page 5112/10/07 Presentation
PROPOSED WORK
page 5212/10/07 Presentation
Algorithm for embedding the secret message
a) Read the image from the source. b) Divide the image into [R x C] smaller blocks .Where R
& C are the first & second bytes of the key respectively c) Each smaller block is a combination of many pixels of
different values. d) The LSBs of the pixel are changed depending on the
pattern bits and the secret message bits. e) The pattern bits are considered in sequence form its
MSB. f) If the pattern bit is 0, then the first LSB of the pixel is
changed
page 5312/10/07 Presentation
g) If the pattern bit is 1, then the second LSB of the pixel is changed accordingly. h) A single bit of the secret message is distributed through out the block. This is done to have enough information so that correct information can be retrived after decoding i) Similarly the other bits are inserted in the remaining blocks. j) If the length of the secret message is large , then it can be divided and stored in two or three frames. k) The information is extracted.
page 5412/10/07 Presentation
Performance Measures
a) The integrity of the hidden information should not change after embedding.
b) The stego object must remain almost unchanged to the naked eye.
c) There should be accuracy in the extracted data
page 5512/10/07 Presentation
RESULTS
In Online transmission of the hidden data, there are 3 systems are used System 1 : To create and send the normal billboard dataSystem 2 : To hide the secret message . System 3 : To display any data coming from system 2.
page 5812/10/07 Presentation
CONCLUSION
Steganography is more widely used in computing. For a system to be considered robust it should have the
following properties: a) The quality of the media should not noticeably degrade
upon addition of a secret data. b) Secret data should be undetectable without secret
knowledge, typically the key. c) If multiple data are present they should not interfere with
each other. d) The secret data should survive attacks that don’t degrade
the perceived quality of the work.
page 5912/10/07 Presentation
References
[1] Mohammad Shirali-Shahreza , “A new method for real time steganography”, ICSP 2006 Proceedings of IEEE . [2] Yuk Ying Chung, fang Fei Xu , “Development of video watermarking for MPEG2 video” City university of Hong Kong ,IEEE 2006. [3] C. Lu, J. Chen and K. Fan, "Real-time Frame-Dependent Video Watermarking in VLC Domain", Signal Processing : Image Communication 20, 2005.