Annual Computer Security Applications Conference (ACSAC) 2012

Full Program »

T6: Sophisticated Steganography

Tuesday, 4 December 2012
08:30 - 12:00

Windsor

In 2010 the FBI discovered that Russian spies had been using steganography to communicate clandestinely. In 2011, a suspected Al Qaeda member was found to possess a pornographic video with 141 hidden text files containing various future plans. How many adversaries using steganography remain undiscovered?

Steganography has advanced tremendously in the last few years and simple concepts have even been presented on mainstream TV. However, there exist numerous more sophisticated techniques that are much less well-known. This course introduces you to basic data hiding terminology, background, and concepts and then showcases some more advanced steganographic techniques, some with very high data hiding capacities.

One technique successfully hides in a jpeg with a typical capacity of 15 to 20%! That means your 8 MB jpeg image may contain up to 1.6 MB of covert data! Another technique boasts a 50% capacity in a bitmap with minimal perception. We’ll also experiment with some steganalysis (detection) techniques and concepts.

Scattered throughout the course are working demonstrations using several steganographic programs you can take with you (source code included!) - YOU can decide their effectiveness for yourself. Can you see it? Can you hear it? We shall see … or not!

Prerequisites. None.

Outline:

  1. Introduction to Steganography – Terms and Definitions (1 hour)
  2. Brief Background (1 hour)

Information Theory. Entropy. Random Numbers. Cryptographic Hashing. Data Compression Techniques. Graphics & Audio Basics.

  1. Basic Substitution (1 hour)

Picture-in-Picture, Least Significant Bit (LSB) in Images and Audio.  DEMO

  1. Advanced Substitution (1 hour)

Bit-Plane Complexity Segmentation (BPCS). DEMO

  1. Advanced Hiding in JPEG Images (1½  hours)

Detailed JPEG Algorithm. Jpeg Hiding Techniques. DEMO

  1. Advanced Audio & Video Hiding (45 minutes)

Echo Hiding. Statistical Hiding.  DEMO

  1. Steganalysis (45 minutes)

DEMO

About the Instructor:

Mr. John Ortiz is currently a senior computer engineering consultant for Crucial Security Inc., Harris Corporation. In this position, he develops defensive tools to protect the Air Force’s internal networks and researches novel techniques to solve practical cyber security problems. Included are autonomous network traffic analysis, malware analysis, security testing and forensics. Prior to working at Crucial, he spent 5 years at SRA International and 5 years at General Dynamics developing various defense related software, researching data hiding techniques, and analyzing malware.

Mr. Ortiz also teaches at the University of Texas at San Antonio (UTSA) for the Computer Science and Electrical and Computer Engineering Departments. He teaches a broad spectrum of courses including microcomputers, microelectronic circuits, solid state device physics, C++ and Data Structures, and steganography. Mr. Ortiz developed his Steganography course specifically for UTSA. It covers a broad spectrum of data hiding techniques in both the spatial and transform domains including least significant bit, discrete cosine transform modification, echo hiding, hiding in executables, and hiding in network protocols. Additionally, Mr. Ortiz developed several steganographic programs for testing and demonstration.

Prior to working in the private sector, Mr. Ortiz served in the U.S. Air Force for 12 years as a communications officer. In this role he developed and maintained database software, managed various Air Force missions, and taught a 7 week network course.

Mr. Ortiz holds two master’s degrees from the Air Force Institute of Technology, one in Electrical Engineering and one in Computer Engineering and a BSEE from Rose-Hulman Institute of Technology.

 

Powered by OpenConf®
Copyright ©2002-2012 Zakon Group LLC