Annual Computer Security Applications Conference (ACSAC) 2016

Full Program »

T7. Steganography with Malware Applications

Tuesday, 6 December 2016
08:30 - 12:00

Salon 8

In 2010 the FBI discovered that Russian spies had been using steganography to communicate clandestinely. In 2011, a suspected Al Qaeda member was found to possess a pornographic video with 141 hidden text files containing future plans. How many adversaries using steganography remain undiscovered?
Steganography has advanced tremendously in the last few years and simple concepts have even been presented on mainstream TV. However, many more sophisticated techniques are much less well-known.
This course introduces you to basic data hiding terminology, background, and concepts and then showcases some more advanced steganographic techniques, some with very high data hiding capacities. One technique successfully hides in a jpeg with a typical capacity of 15 to 20% and you can’t see it! Another technique boasts a 50% capacity in a bitmap. We’ll explore data compression, jpeg, cryptographic hiding,  and hidden data detection (steganalysis) techniques and concepts too.
Scattered throughout the course are working demonstrations using several steganographic programs - YOU can decide their effectiveness for yourself. Can you see it? Can you hear it? We shall see … or not!

Prerequisites: None


  1. Introduction to Steganography – Terms and Definitions
  2. Required Background 
    1. Math
    2. Information Theory
    3. Random Numbers
    4. Cryptographic Hashing
    5. Data Compression Techniques
    6. Graphics Basics
    7. Audio Basics
  3. Basic & Advanced Substitution Techniques
    1. Least Significant Bit (LSB)
    2. Bit-Plane Complexity Segmentation (BPCS)
  4. Advanced Hiding – Transform Domain
    1. Detailed JPEG Algorithm
    2. Hiding Techniques for Jpeg Images
    3. High Capacity Jpeg Hiding Technique
  5. Audio and Video Techniques
  6. Steganalysis
  7. Malware Using Steganography


About the Instructor:

John Ortiz is currently a senior computer engineering consultant for Harris Global Communications Systems, applying his reverse engineering skills to various malicious applications. Prior to that he developed defensive tools to protect the Air Force’s internal networks and researched novel techniques to solve practical cyber security problems. Included are autonomous network traffic analysis, malware analysis, security testing and forensics. Prior to working at Harris, he spent 5 years at SRA International and 5 years at General Dynamics developing various defense related software, researching data hiding techniques, and analyzing malware.

Mr. Ortiz also teaches at the University of Texas at San Antonio for the Computer Science and Electrical and Computer Engineering Departments. He teaches a broad spectrum of courses including microcomputers, microelectronic circuits, solid state device physics, C++ and Data Structures, steganography, and recently, reverse engineering. Additionally, Mr. Ortiz developed Steganography and Reverse Engineering courses specifically for UTSA. Steganography covers a broad spectrum of data hiding techniques in both the spatial and transform domains. Additionally, Mr. Ortiz developed several steganographic programs for testing and analysis. The Reverse Engineering course covers Intel x86 and the use of various tools to analyze application programs.

Prior to working in the private sector, Mr. Ortiz served in the U.S. Air Force for 12 years as a communications officer. In this role he developed and maintained database software, managed various Air Force missions, and taught a 7 week network course.

Mr. Ortiz holds two master’s degrees from the Air Force Institute of Technology, one in Electrical Engineering and one in Computer Engineering and a BSEE from Rose-Hulman Institute of Technology.


Powered by OpenConf®
Copyright©2002-2016 Zakon Group LLC