Gandhi Viraj

7/31/2019 Gandhi Viraj

1/51

STEGANOGRAPHY USING CONE INSERTION ALGORITHM AND

MOBILE BASED STEALTH STEGANOGRAPHY

_______________

A Thesis

Presented to the

Faculty of

San Diego State University

_______________

In Partial Fulfillment

Of the Requirements for the Degree

Master of Science

in

Computer Science

_______________

by

Viraj Sharadbhai Gandhi

Fall 2010


2/51


3/51

iii

Copyright 2010

by


All Rights Reserved


4/51

iv

ABSTRACT OF THE THESIS

Steganography Using Cone Insertion Algorithm amd MobileBased Stealth Steganography

by


Master of Science in Computer Science

San Diego State University, 2010

To achieve secure communications, the cousins cryptography and steganography

are used. The former scrambles secret messages in such way that only the intended

recipient is capable of unscrambling them. The latter seeks to hide a secret message inside

an innocuous message, audio, image, or video file (called the cover medium), in such a way

that eavesdroppers will not suspect the very existence of the secret message. Combined,

cryptography and steganography provide a secure form of communication: The former will

encode the secret message in such a way that even if it intercepted, it is hard decrypt it; the

latter will hide the encoded secret message. Images are the most popular cover medium

used in steganography. Many different image file formats exist, most of them for specific

applications. There are different steganographic algorithms for different image formats.

In this work, using the idea of splitting the cover image into several bit planes, I

propose to hide secret messages in the intersection points of those planes with certain

geometric objects. The resulting image containing the message is called stego-image. The

latter should be such that a third party intercepting it will not have any indication that a

secret message is present in the image. The geometric objects I have used are the cone and

the hexagonal prism, and our technique has been implemented in both Matlab and Google

Android.


5/51

v

TABLE OF CONTENTS

PAGE

ABSTRACT ............................................................................................................................. iv

LIST OF FIGURES ............................................................................................................... viii

ACKNOWLEDGEMENTS .......................................................................................................x

CHAPTER

1 INTRODUCTION .........................................................................................................11.1 History of Steganography ........................................................................................1

1.2 Detailed Look on Steganography .............................................................................2

1.2.1 Encoding Secret Messages in Images ..........................................................3

1.2.2 Encoding Secret Messages in Text ..............................................................3

1.2.3 Encoding Secret Messages in Audio............................................................3

1.3 Contribution .............................................................................................................4

1.4 Book Overview ........................................................................................................4

2 REQUIREMENTS .........................................................................................................52.1 Platform Requirements ............................................................................................5

2.2 Functional Requirements .........................................................................................5

2.3 Development Tools ..................................................................................................6

3 TECHNOLOGY ............................................................................................................93.1 Matlab. .....................................................................................................................9

3.2 Google Android .......................................................................................................9

3.2.1 Android Architecture .................................................................................10


6/51

vi

3.2.2 Android Runtime .......................................................................................13

3.2.3 Application Behavior .................................................................................14

3.2.4 Android Limitation ....................................................................................14

4 STEGANOGRAPHY USING VARIOUS GEOMETRIC OBJECTS ........................154.1 Image Definition ....................................................................................................15

4.2 Bit-Plane Slicing ....................................................................................................16

4.3 Cone-Insertion Algorithm ......................................................................................17

4.4 Hexagon-Insertion Algorithm ................................................................................19

5

ENCODING OF STEGANOGRAPHY MESSAGES ................................................21

5.1 Flow of Encoding Mechanism for Matlab .............................................................21

5.1.1 CONE Insertion Algorithm ........................................................................22

5.1.2 Code for Inserting Eclipse .........................................................................22

5.2 Flow of Encoding Mechanism for Android ...........................................................24

5.2.1 AES Algorithm ..........................................................................................26

5.2.2 Bytes ..........................................................................................................26

5.2.3 Bit Conversion ...........................................................................................27

5.3 Encoding Text ........................................................................................................27

5.3.1 GetInstance Method ...................................................................................27

5.3.2 Hexagon Insertion Algorithm ....................................................................28

5.4 Email ..................................................................................................................30

6 DECODING OF STEGANOGRAPHY MESSAGES ................................................336.1 Decoding Text in Android Module ........................................................................33

6.2 Decoding Text in Matlab Module ..........................................................................35


7/51

vii

7 CONCLUSION ............................................................................................................387.1 Limitations .............................................................................................................38

7.2 Future Enhancements .............................................................................................39

REFERENCES. ...................................................................................................................40


8/51

viii

LIST OF FIGURES

PAGE

Figure 2.1. Davlik debug monitor. .............................................................................................7

Figure 2.2. Log cat view. ...........................................................................................................8

Figure 2.3. Android SDK and AVD manager ............................................................................8

Figure 3.1. Android architecture ..............................................................................................10

Figure 3.2. Activity ..................................................................................................................11

Figure 3.3. Life cycle of activity ..............................................................................................12

Figure 3.4. Conversion from .java to .dex file .........................................................................13

Figure 4.1. Gray-color palette ..................................................................................................16

Figure 4.2. Bit-plane representation of 8-bit digital images ....................................................17

Figure 4.3. 3D representation of a cone ...................................................................................18

Figure 4.4. Top view of cone on 8-bit planes ..........................................................................19

Figure 4.5. Graphical representation of hexagon .....................................................................20

Figure 5.1. Flow of encoding image steganographic process in matlab ..................................22

Figure 5.2. Bit-planes of original image ..................................................................................23

Figure 5.3. Original image and steno image with hidden image .............................................23

Figure 5.4. Flow of encoding image steganographic process in android .................................25

Figure 5.5. Displaying message of text file and images from gallery .....................................30

Figure 5.6. Sending stego image via email ..............................................................................32

Figure 5.7. UI of emailing stego image ...................................................................................32

Figure 6.1. Flow of decoding image steganographic process in android .................................34


9/51

ix

Figure 6.2. Message after decoding image file ........................................................................36


10/51

x

ACKNOWLEDGEMENTS

I owe great many thanks to a great many people who helped and supported me during

writing of this book. I express my thanks to Professor Carmelo Interlando, Department of

Mathematics and Statistics, San Diego State University for guiding me throughout my thesis

term. His support and encouragement were instrumental in achieving the optimum results in

this thesis. I also thank Prof. Alan Riggins, and Prof. Joseph Lewis for being a part of my

thesis committee and for their kind co-operation. I offer my regards to all of those who

supported me in any respect during the completion of the thesis and I also extend my

heartfelt thanks to my family and well wishers.


11/51

1

chapter 1

introduction

Data transmissions are vital and became a necessity nowadays. Whether you share

your private messages with your close friends, or business secrets with your partners, you

must protect your condential information from hackers, your boss, or your competitors. But

we live in an insecure world where unwanted people can access your personal information

(like e-mails or personal documents) and often use it against you. The word steganography

is derived from the Greek words stegos meaning cover and grafa meaning writing

dening it as covered writing [1].

We all know the purpose of steganography: to hide data into other data. In contrast

to cryptography, where the enemy is allowed to intercept and do modication in messages

without being able to violate certain security guaranteed by a cryptosystem, the goal of

steganography is to hide messages inside other messages in a way that does not allow

any enemy to even detect the presence of the intended message. In a digital world,

steganography and cryptography are both intended to protect information from unwanted

parties. Both steganography and cryptography are excellent means to accomplish this but

neither technology alone is perfect and both can be broken. It is for this reason that most

experts would suggest to add multiple layers of security by using both. When steganography

and cryptography are combined, it becomes much more secure way of communication. A

message sent secretly in an encrypted form is much more secure than a plain text message

sent by secret means or a clearly sent encrypted message; there are some cases in which

steganography can take the place of cryptography [2].

1.1 Historyof steganograpHy

The rst noted use of this technology dates back to Greek times when messages were

carved into walls or tablets, which were then covered in wax to hide the original carving.


12/51

2

This process would effectively hide the underlying message, thus protecting the data from

the casual observer. Even during World War II invisible ink was used to write information on

pieces of paper so that just being blank pieces of paper appeared to normal person.

Another method used in Greece was to select messengers and shave their head.

They would then write a message on their head. Once the message had been written the

hair was allowed to grow back. After the hair grew back the messenger was sent to deliver

the message, The recipient would shave off the messengers hair to see the secret. Now that

some 2000+ years have passed, people have turned to digital technologies to help them hide

sensitive data. Radio and TV messages, from World War II to today, can be used to hide

coded or hidden messages. Some government sources suspect that Osama bin Ladens pre-

recorded videos that are re-played on TV stations around the world contain hidden messages

[3].

1.2 DetaileD lookon steganograpHy

To start, lets look at what a theoretically perfect secret communication

Steganography would consist of. To illustrate, we will use three characters named Alice,

Bob and Eve. Alice wants to send a secret message (M) to Bob using a random (R) harmless

message to create a cover (C) which can be sent to Bob without raising suspicion. Alice

then changes the cover message (C) to a stego-object (S) by embedding the secret message

(M) into the cover message (C) by using a stego-key (K). Alice should then be able to send

the stego object (S) to Bob without being detected by Eve. Bob will then be able to read

the secret message (M) because he knows the stego-key (K) used to embed it into the cover

message (C). As Fabien A.P. Petitcolas points out, In a perfect system, a normal cover

should not be distinguishable from a stego-object, neither by a human nor by a computer

looking for statistical patterns. In practice, however, this is not always the case. In order

to embed secret data into a cover message, the cover must contain a sufcient amount of

redundant data or noise. There are numerous methods used to hide information inside of

image, audio and video les. A few of them are explained briey incoming subsection [4].


13/51

3

1.2.1 e S Msss ims

Steganography can be used in a large amount of data formats in the digital world of

today. The most popular data formats used are .gif, .jpeg, .mp3, .txt are .bmp, .doc and .wav.

Almost any plain text, cipher text, image and any other media that can be encoded into a

bit stream can be hidden in a digital image. The following formula (Equation 1.1) provides

description of the pieces of the steganographic process:

cover medium + hidden data + stego_key = stego_medium

In this context, the cover medium is the le in which we will hide the hidden data,

which may also be encrypted using thestego_key. The resultant le is thestego_medium

which is typically an image/audio/video le [3].

1.2.2 e S Msss tx

Encoding secret messages in text can be a very challenging task. This is because text

les have a very small amount of redundant data to replace with a secret message. Another

drawback is the ease of which text based Steganography can be altered by an unwanted

parties by just changing the text itself or reformatting the text to some other form (from .txt

to .pdf, etc.) Line-shift encoding involves actually shifting each line of text vertically up or

down by few centimeters. Word-shift encoding works in much the same way that line-shift

encoding works, only we use the horizontal spaces between words to equate a value for the

hidden message. This method of encoding is less visible than line-shift encoding but requires

that the text format support variable spacing [3].

1.2.3 e S Msss aEncoding secret messages in audio is the most challenging technique to use when

dealing with Steganography. Spread Spectrum is method used to hide information inside of

an audio le. This method works by adding random noises to the signal the information is

hidden inside a carrier and spread across the frequency spectrum. Low-bit encoding embeds

(1.1)


14/51

4

secret data into the least signicant bit (LSB) of the audio le. This method is easy to

incorporate but is very susceptible to data loss due to channel noise and resampling [3].

1.3 Contribution

The main purpose of my work is to show how steganography is used to hide the

occurrence of communication. I have come with new concept of using geometric object

intersection point to hide message in image. The Android module that I have developed can

be used to store personal password, information securely on individual phones. This Android

application can be used in business/military to exchange private data using android cell

phones.

1.4 bookoverview

As we move forward, Chapter 2 will cover the functional requirements like memory-

card, images in gallery should be present for android application and platform requirement

like matlab, android SDK integrated with eclipse IDE for proper working of application.

Chapter 3 will contain information about the technologies used in both modules and

reason to choose this technology in developing this application. Chapter 4 tells more about

steganography using various geometric objects like cone and hexagon and more about

various image formats and bitplanes. Chapters 5 and 6 explain the encoding and decoding

mechanisms in both modules in detail, and Chapter 7 concludes with future enhancements

and limitations.


15/51

5

chapter 2

requireMentS

The primary aim behind developing this tool is to understand how steganography

can be achieved using various geometric object with cover media being an image le. Upon

completion, this tool will help the students from mathematics as well as computer science

in learning more about geometric objects use in steganography. This software can also be

integrated into different application such as email client, http server etc. for creating images

with secret messages embedded. The requirements gathered have been further classied into

platform requirements and functional requirements.

2.1 platform requirements

The main objective in choosing the software development kit was that it should

be platform independent. So that the nal product will have the capability to run on any

environment irrespective of the operating system either hardware or software.

The software should run as a stand-alone application/mobile application rather than a

web based software. Hence Java SDK with Google android instead of Java Enterprise Edition

has been chosen to be the appropriate language for writing the code. One of the module

was implement in Matlab. Matlab is useful in image processing when we require to extract

information from image.

2.2 funCtional requirements

The software should be able to read any image le as a cover media so that secret

message can be embedded into it. The intersection of geometric object with an image

should not induce additional complexity to the existing bit stream. The core principle of

steganography should be achieved. That is, message as well as its existence should be


16/51


17/51

7

Dalvik Debug Monitor Service (ddms): Dalvik debug monitor service act as a middle

layer and it connect eclipse IDE with the user application. Every application running on

android emulator is running in as a separate process (See Figure 2.1).

The DDMS perspective can be chosen from the upper right or if not already opened

from the menu Window -> Open Perspective -> DDMS.

Log Cat (Import Package -android.util.Log) is basically the output window of all

messages from the Emulator. For example, if you add a System.out.println () to your source

code, it will appear here (see Figure 2.2).

Android Debug Bridge (ADB): By unpacking SDK, you can get ADB in tools folder.

It allows you to control and interface with your Android device.

F 2.1. dvlk b m.


18/51

8

Android SD Card: In Google android emulator sdcard is known as a storage space

for les, images, music les. When user download any le from browser or email, when user

receive an image or music le in MMS , the default location where he can save all these les

is inside emulators memory. But when ever user runs emulator this sdcard is disabled. If you

want to load MP3 les on a real Android phone, you will probably insert an SD card into the

phone. The emulator can emulate this. So, if user wants to use storage space provided by the

emulator, he needs to enable sdcard when making AVD for emulator.

To create an sdcard go to WindowsAndroid SDK and AVD Manager (see

Figure 2.3).

F 2.2. L vw.

F 2.3. a SdK aVd m.


19/51


20/51

10

signed/unsigned APKs to distribute your application. Developing in Eclipse with ADT is the

fastest way to get started [5, 6].

Android applications written in Java, compiled Java code that is packaged into

an Android package known as an .apk le. Bundling application data in this way allows

applications to be easily distributed for installation on mobile devices. Indeed, the .apk le

is the le that users are required to download and all the code in an .apk is essentially one

application.

3.2.1 a a

Below is a brief explanation of components of android architecture [7] (see Figure 3.1).

3.2.1.1 appliCations

It makes the top most layer of android architecture. Built in applications like sms,

mms, contacts, browser are part of this layer. Also all the user application-code lies in this

F 3.1. a . S: Zksk,a a. Zksk, 2010, ://bl.zsk.m/2010/11/11/- ssnvmb 2010.


21/51

11

section. These user applications, data and resource les make an android package. One of

the main features of Android is that the basic elements of applications can be shared. If

permissions are granted for these elements, it is possible to use already developed features

of other applications. For example, on application might make use of a great scrolling list of

images that you want to use for your application. If that scroller is made available to others

you can utilize that scroller rather than developing your own. Interestingly, your application

doesnt use the code from the other application or even link to it. Instead, that piece of code

is started in the other application whenever the need should arise.

This means that Android has been designed to allow application processes to be

started when any part of it is needed. In other words, while most systems and applications

have a single entry point, or main function, Android applications rely on central components

that are instantiated and run when they are needed. There are 4 major types of Android

components: Activities, Services, Broadcast receivers, and Content providers. Applications

are comprised of components. Components interact using Intentmessages. Recipient

components assert their desire to receive Intent messages by dening Intent lters [8] (see

Figure 3.2).

There are four types of components used to construct applications.

Firstly, activities in the system are managed in an activity stack .When a new activity

is launched it becomes on the top of the stack. Any previous activity will be below it and

wont come to the top until the new one exists. Android runs each activity in a separate

process each of which hosts a separate virtual machine. As shown in Figure 3.3, the activity

can be in one of four states [9]:

Activity Activity

Intent

F 3.2. av.


22/51

12

Active: the activity started, is running and is in the foreground.

Paused: the activity is running and visible but another activity is running on the top.A paused activity is maintains state and member information but can be killed by thesystem in low memory situations.

Stopped: similar to paused but invisible.

Dead: either the activity is not started or it was in pause or stop state and wasterminated by the system to free some memory or by asking the user to do so.

Second, service components provide for background processing when an applications

activity leaves focus and another GUI application comes in the foreground.

Third, broadcast receiver components provide a general mechanism for asynchronous

events.

Fourth, content provider is for sharing of data between Applications [10].

3.2.1.2 appliCations framework

Main component of application framework is activity manager, resource manager,

package manager, notication manager. Activity manager manages the entire life cycle of

application and processes. Resource manager handles resources like binary les, layout-xml

les. Notication manager handles any notication when certain event occurs. For example

F 3.3. Lf l f v. S: L. d S. c, hw Bl a al, S b S. ComputerWorld, as 30, 2010. ://www.mwl.m/s/l//9181925/hw__bl__a_l_s_b_s?xmnm=a%20dvlm& , ss nvmb 2010.


23/51

13

user gets SMS, alarm notication, low battery. All this event can be notify to the user either

by ashing screen or by vibrating or by certain ringtone.

3.2.1.3 libraries

This library provides basic common tasks which are used frequently in user

application. This library includes functions to handle date/time manipulation, functions

for string and number conversion, message passing, interprocess communication, database

handling, graphics classes, and media libraries. Android runtime consist of core libraries and

dalvik virtual machine.

3.2.1.4 linux kernel

This is the bottom layer of android architecture. It is used for memory management,

process management. You will never have access to this layer. This provides better

performance, better scalability, improved threading support, networking features.

3.2.2 a rm

Every Android application runs in its own process, with its own instance of the Dalvik

virtual machine. Dalvik has been written so that a device can run multiple VMs efciently.

The Dalvik VM executes les in the Dalvik Executable (.dex) format. It was designed

specically for Android running in limited environment, where the limited battery, CPU,

memory and data storage are the main issues. Android gives an integrated tool dx, which

converts generated byte code from .jar to .dex le, after this byte code becomes much more

efcient to run on the small processors (see Figure 3.4).

.java .class .jar .dex

Figure 3.4. Conversion from .java to .dex le.


24/51

14

3.2.3 al Bv

Every application in Android runs as a separate process with a unique UID. The

UID of an application in Android protects its data. Programs cannot typically read or write

each others data, and sharing between applications must be done explicitly. Developers

can generate self-signed certicates to update their own applications without creat.ing

complicated interfaces and permissions to run an application on the Android phone.

3.2.4 a Lm

The current security policy of Android works on a static level only during installation

to identify whether the application is permitted all the requested permissions from the user.

Thus we can say that Android applications built with the set of permissions that protect the

system from malicious applications [8].


25/51

15

chapter 4

Steganography uSing VariouS

geoMetric oBjectS

The goal of steganography is to hide the message into some other le in such a way

that an intruder is not capable to detect the actual data of exchange between the sender and

receiver. RGB (Red - Green - Blue) is the most famous color format used to store images in

computer world. Computers generally display RGB using 24-bit color. In the 24-bit RGB

color model there are 256 variations for each of the additive colors of red, green and blue.

Therefore there are 16,777,216 possible colors (256 reds x 256 greens x 256 blues) in the

24-bit RGB color model. If you were to change a few of these color numbers the resulting

picture would probably look a lot like the original image in fact, most people probably

couldnt tell that you had changed the image at all. Of course, the resulting image will still

look mostly like the original one.

4.1image Definition

In a computer, an image is an array of numbers that represent light intensities at

various points (pixels) in the image. A common image size is 640 by 480 and 256 colors (or

8 bits per pixel). Such an image could contain about 300 kilobits of data. Most images on the

Internet consists of a rectangular map of the images pixels where each pixel is located and

its color. These pixels are displayed horizontally row by row. Each bit represents two colors

because it has a value of 0 or 1. The more bits per pixel, the more colors can be displayed

Monochrome and Gray scale images use 8 bits for each pixel and are able to display 256

different colors or shades of grey. Gray-scale images are very good because the shades

gradually change from byte to byte. Many argue that gray-scale images render the best

results for steganography. Figure 4.1 is a palette containing 256 shades of gray [11].


26/51

16

Digital color images are typically stored in 24-bit les and it uses the RGB color

model, also known as true color. Let us say that we have a 24-bit image 1024 x 768. This

may produce a le over 2 megabytes in size (1024x768x24/8 = 2,359,296 bytes). 24-bit

images use 3 bytes per pixel. If information is stored in the least signicant bit (LSB) of

each byte, 3 bits can be a stored in each pixel. The stego image will lookidenticalto the

human eye, even if viewing the picture side by side with the original. Unfortunately, 24-bit

images are quite large. They would draw would draw attention when being transmitted across

a network. At that time compression would be benecial but le compression may interfere

with the storage of information.

Lossless compression is preferred when there is a requirement that the originalinformation remain intact. The original message can be reconstructed exactly. Thistype of compression is mainly for GIF and BMP images.

Lossy compression-does not maintain the integrity of the original image while savingspace. This method is is mainly for JPG images [11].

4.2 bit-plane sliCing

Image enhancement is the process of making images more useful for example of

removing noise from images which makes images more visually appealing. Digital image

consists of pixel which can be represented by bits depending on the image type. Dividing an

F 4.1. g-l l. S:e. hll, Computer Image Processingand Recognition, nw yk c:am pss, 1979.


27/51

17

image into bit plane is known as bit plane slicing. For example we have a gray scale image

where each pixel is of 8 bits. Dividing this image into 8 bit planes means plane 0 contains all

the least signicant bits, plane 1 contain all the second least signicant bits, plane 7 contain

all the most signicant bits. This is a very important method in Image Processing. Plane

7 contains the majority of visually signicant data. Other planes contribute to more subtle

details in an image. Incrementing a bit plane by 1 gives the nal result half of a value of a

previous bit-plane. If the difference between the bits value between two bit planes is more

than there is more distortion in the image. In lossy media compression that uses bit-planes it

gives more freedom to encode less signicant bit-planes and it is more critical to preserve the

more signicant ones [1]. Adding up all the bit planes builds original image (Figure 4.2).

4.3 Cone-insertion algoritHm

A cone is pyramid with circular cross section. A solid shape with round base which

narrows to a point. The conics were rst dened as the intersection of a right circular cone of

varying vertex angle; a plane perpendicular to an element of the cone. An element of a cone

is any line that makes up the cone [12] (see Figure 4.3).

In at least d positions, where d is the Hamming distance between the two codewords

and addition of any these codewords, e.g., c0

and c1,

fetch a result say c2

which also is a

F 4.2. B-l s f 8-b l ms.


28/51

18

codeword belonging to the same set C. In mathematical terms, Hamming distance is the

number of co-ordinates I which c0

and c1

disagree.

Depending the angle is less than, equal to, or greater than 90 degrees, we get ellipse,

parabola, or hyperbola respectively. Conics can be dened as follows. As shown in

Equation 4.1, given a line d and a point F not on d, conics is the locus of points P such that:

distance[P,F]/distance[P,d] = e, where e is a given constant

F is called the focus of the conic, d the directrix, and e the eccentricity. If 0 < e < 1,

the conics is an ellipse [13] (see Figure 4.4).

Assume that we are inserting the cone through all the 8 planes of the image,

Message is stored at the intersection of the cone and the image planes.1.

To increase the complexity cone is inclined, so the surface of intersection between2.cone and the image planes is ellipse.

F 4.3. 3d s f . S:

a. M, S. rm, a. Sms, Blkhls. gl gs asss,jbs uvs, 2010. ://www.fl.-bm./s/fll02/210101/ss/Blkhls/Blk%20ls%20%20Swzsl%20m.m, ssnvmb 2010.

(4.1)


29/51

19

Message is stored along the planes to make it difcult to detect.3.

Also pixels are shifted along each row of the image plane.4.

4.4 Hexagon-insertion algoritHm

A regular polygon is a polygon whose sides are all the same length, having all angles

same. The sum of the angles of a polygon with n sides, where n is 3 or more, is 180 (n - 2)

degrees. In geometry, a hexagon is a one among polygon with six edges and six vertices. A

regular hexagon has all sides of the same length, and all internal angles are 120. The longest

diagonals of a regular hexagon, connecting diametrically opposite vertices, are twice the

length of one side. The top view of hexagon looks like Figure 4.5 [14]. Message is stored at

the intersection of the hexagon and the image planes [15].

F 4.4. t vw f 8-b ls.


30/51

20

F 4.5. gl s f x.S: tx, ps f pls.tx, 2010. ://www.x.m/s-ls-x/1017,ss nvm 2010.


31/51


32/51

22

Figure 5.1 is ow chart of MATLAB module how stego image is formed.

5.1.1 cone is alm

In Matlab at the sender end, I have used cone as geometric object to hide message

into image. At the sender side user has already one image which he will use as cover

image. Original message is stored inside a text le. This plain text is feed as an input to the

steganography algorithm along with the cover image. Geometric object cone is used in

algorithm. Image is divided into bit planes. And then the intersection points of the cone and

the image is found to hide the plain text (see Figures 5.2 and 5.3).

5.1.2 c f is els

Below is the code used for inserting eclipse on images in matlab.

% at each intersection point of cone and image the binary form oftext will be inserted

Converting into Gray Scale Image

Reading Text File

Dividing Image into Bit Planes

Cone Insertion Algorithm for Hiding message

Stego File with

Hidden Message

F 5.1. Flw f m sss mlb.


33/51

23

Loops=2;k=1;for i=1:4

[x,y]=Ellipse (128+((i-1)*128/16), 128, 128-((i-1)*128/8),100-((i-1)*100/8));

x=double(uint8(x+1))y=double(uint8(y+1))

[a,b]=Ellipse (128+(((4+i)-1)*128/16), 128, 128-(((4+i)-1)*128/8),100-(((4+i)-1)*100/8));

a=double(uint8(a+1));b=double(uint8(b+1));

for j=1:length(x)if k >= length(val)break;

elseh(x(j),y(j))=val(k);

k=k+1;h(a(j),b(j))=val(k);

k=k+1;

F 5.2. B-ls f l m.

F 5.3. ol m s m w m.


34/51

24

h(x(j),((256*4)/(2*Loops))+y(j))=val(k);k=k+1;

h(a(j),((256*4)/(2*Loops))+b(j))=val(k);k=k+1;

h(x(j),2*((256*4)/(2*Loops))+y(j))=val(k);

k=k+1;h(a(j),2*((256*4)/(2*Loops))+b(j))=val(k);k=k+1;

h(x(j),3*((256*4)/(2*Loops))+y(j))=val(k);k=k+1;

h(a(j),3*((256*4)/(2*Loops))+b(j))=val(k);k=k+1;

end

endend

gure,imshow(h),title(h);;

for i=1:256for j=1:256*4

if mod((i-1)*shift+j,256*4) == 0;he(i,j)=h(i,256*4);

elsehe(i,j)=h(i,mod((i-1)*shift+j,256*4));

endend

endgure,imshow(he),title(he);

for i=1:4;for j=1:256;

for k=1:256;bitplane1{i}(j,k)=he(j,256*(i-1)+k);

endend

endfor i=5:8

bitplane1{i}=bitplane{i};endfor i=1:4gure,imshow(bitplane1{i}),title(Stego images);end

5.2 flowof enCoDing meCHanismforanDroiD

I have used 64 MB SD memory card in my android emulator to store images. In

my Android module, text le is read from resource folder and he can pick images from


35/51

25

image gallery of emulator as cover object to hide message (see Figure 5.4). The message

is encrypted using AES algorithm. Encryption is the process of changing data into a form

that can be read only by the intended receiver. To decipher the message, the receiver of the

encrypted data must have the proper decryption key.

Reading text file from resource

folder and displaying contents in

textbox

Select Image from Image

Gallery as cover object

Encypt text using AES Algorithm

with Random key generator

Hexagon Insertion Algorithm for

Hiding message in image

Stego File with Hidden

Message send via Email

F 5.4. Flw f ms ss .


36/51

26

5.2.1 aeS alm

Traditionally, the sender and the receiver use the same key to encrypt and decrypt

data. Also known as Advance Encryption Standard. It is a symmetric key algorithm. When

using symmetric algorithms, both parties share the same key for encryption and decryption.

To provide privacy, this key needs to be kept secret. It is not safe anymore when once

somebody else gets to know the key, A few well-known examples are: DES, Triple-DES,

BLOWFISH. AES has a xed block size of 128 bits and uses one of three cipher key

strengths: a 128, 192, or 256-bit key. Depending on the key length the no of iterating round

are decided. No of round are 10 rounds if it is 128 bits, 12 rounds if it is 192 bits, 14 rounds

if it is 256 bits. The input and output of AES is sequence of 128 bit blocks. AES steps consist

of Substitution permutation network. The AES cipher is specied as a number of repetitions

of transformation rounds that convert the input plaintext into the nal output of cipher text.

Each round consists of several processing steps, including one that depends on the encryption

key. Below is code for how key is generated to encrypt message using AES Algorithm and

how actually AES algorithm is used to encrypt plaintext [16].

// Get the Key GeneratorKey Generator kgen = KeyGenerator.getInstance (AES);Secure Random sr = SecureRandom.getInstance (SHA1PRNG);sr.setSeed (seed);

kgen.init (128, sr);Secret Key skey = kgen.generateKey ();Byte [] raw = skey.getEncoded ();Return raw;

This code is written using Java/Android SDK, and the following topics will need to

be understood, before properly understanding how this method works.

5.2.2 BsA byte is made of bits, 1s and 0s, 8 of them to be exact. And the 8 0s and 1s have a

decimal value, it is simply a case of transforming the binary (base 2) into decimal (base 10).

Example:00000000 = 0,00000010 = 2


37/51

27

5.2.3 B cvs

private byte[] bit_conversion(int i){

byte byte3 = (byte)((i & 0xFF000000) >>> 24);

byte byte2 = (byte)((i & 0x00FF0000) >>> 16);

byte byte1 = (byte)((i & 0x0000FF00) >>> 8 );

byte byte0 = (byte)((i & 0x000000FF) );return(new byte[]{byte3,byte2,byte1,byte0});

}

Because a byte holds a max value of 127, all shifts of 8 and greater than 8, will

replace them with zeros. Example:0000000100011111 = 287,0000000011111111 = 255 or

0x00FF. The result has the last 8 bits matching 1, but the rst 8 bits were all removed to 0s

due to being AND with 0s in all positions, but the last 8. The thing to take from this, is we

can force a value to 0, by ANDing with 0, and leave a value alone, by ANDing with 1.

5.3 enCoDing text

Android phones are ubiquitous today, having access to sensitive personal information

they are a prime target for attackers. In this project, we address some security issues relevant

to the current Android framework. Specically, we demonstrate an exploit that targets the

Android telephony service. In addition, as a defense against the loss of personal information,

we provide a means to encrypt data stored on the external media card. While phones remain

vulnerable to a variety of security threats, this encryption provides an additional level of

security.

This Cipher class provides the functionality of a cryptographic cipher for encryption

and decryption. It forms the core of the Java Cryptographic Extension (JCE) framework. In

order to create a Cipher object, the application calls the Ciphers getInstance method.

5.3.1 gis M

getInstance() is a static method and passes the name of the requested transformation

to it which returned a Cipher object of the specied transformation from the implementation

of the specied provider. If provider is not specied, the default implementation is used.


38/51

28

A transformation is a string that describes set of operations to be performed on the

given input, to produce some output. For example (Equation 5.1), the

Cipher c = Cipher.getInstance(DES/CBC/PKCS5Padding);

When requesting a block cipher in stream cipher mode (e.g., AES in CFB or OFB

mode), the user may optionally specify the number of bits to be processed at a time, by

appending this number to the mode name as shown in the DES/CFB8/NoPadding.

init():Initializes this cipher for the specied operation mode like Cipher.ENCRYPT_

MODE and Cipher.DECRYPT_MODE with the specied key or public key certicate.

public static nal int ENCRYPT_MODE: It initialize cipher to encryption mode.

doFinal(): Performs the last step of a multi-step encryption/decryption operation

by processing any remaining buffered data. If necessary, padding is performed. Returned

number of bytes stored in the output byte array are returned.

public static byte[] encrypt(byte[] raw,byte[] message)throwsException {

SecretKeySpec skeySpec = new SecretKeySpec(raw, AES);Cipher cipher = Cipher.getInstance(AES);cipher.init(Cipher.ENCRYPT_MODE, skeySpec);byte[] encrypted = cipher.doFinal(message);

return encrypted;}

5.3.2 hx is alm

In Android at sender end, I have used hexagon as geometric object to hide message

into image.

private byte[] encode_text1(byte[] image, byte[] addition, int

offset){int tx=1,ty=1;

int tx1=57,ty1=1; // End point 1

int tx2=170,ty2=1; // End point 2int tx3=225,ty3=113; // End point 3int tx4=170,ty4=225; // End point 4int tx5=57,ty5=225; // End point 5int tx6=1,ty6=113; // End point 6

(5.1)


39/51

29

for(ty=1;ty0) &&(fCD(tx,ty,tx3,ty3,tx4,ty4)*fDE(tx,ty,tx4,ty4,tx5,ty5)>0) &&(fDE(tx,ty,tx4,ty4,tx5,ty5)*fEF(tx,ty,tx5,ty5,tx6,ty6)>0) &&(fEF(tx,ty,tx5,ty5,tx6,ty6)*fFA(tx,ty,tx6,ty6,tx1,ty1)>0))

{break;

}}//int add = addition[ty-1];int pt = (ty-1)*225+tx;image[pt] = addition[ty-1];

for(tx=170;tx0) &&(fBC(tx,ty,tx2,ty2,tx3,ty3)*fCD(tx,ty,tx3,ty3,tx4,ty4)>0) &&(fCD(tx,ty,tx3,ty3,tx4,ty4)*fDE(tx,ty,tx4,ty4,tx5,ty5)>0) &&(fDE(tx,ty,tx4,ty4,tx5,ty5)*fEF(tx,ty,tx5,ty5,tx6,ty6)>0) &&(fEF(tx,ty,tx5,ty5,tx6,ty6)*fFA(tx,ty,tx6,ty6,tx1,ty1)>0)))

{break;

}}int pt1 = (ty-1)*225+tx;

image[pt1] = addition[ty];

ty=ty+2;}String st = new String(addition);return image;

}

public static oat fAB(int x,int y,int x1,int y1,int x2,int y2){

return ((y-y1)*(x2-x1) - (x-x1)*(y2-y1));}public static oat fBC(int x,int y,int x2,int y2,int x3,int y3){

return ((y-y2)*(x3-x2) - (x-x2)*(y3-y2));}public static oat fCD(int x,int y,int x3,int y3,int x4,int y4){

return ((y-y4)*(x3-x4) - (x-x4)*(y3-y4));}public static oat fDE(int x,int y,int x4,int y4,int x5,int y5){


40/51

30

return ((y-y4)*(x5-x4) - (x-x4)*(y5-y4));}public static oat fEF(int x,int y,int x5,int y5,int x6,int y6){

return ((y-y5)*(x6-x5) - (x-x5)*(y6-y5));}

public static oat fFA(int x,int y,int x6,int y6,int x1,int y1){return ((y-y6)*(x1-x6) - (x-x6)*(y1-y6));

}

After hiding message at intersection point of hexagon and image, stego image formed

is store in database and also another copy of stego image to SD Card then automatically

image is attached and we can send hidden message in form of stego image to receiver

via email in more secure way as encryption and steganography is used to provide more

complexity (see Figure 5.5).

5.4 email

The Android platform introduces many new and exciting features for users and

developers. For example, a user can tap a contact photo and select to call, SMS, or email

the person. Other applications are Email, Messaging, etc. Here is the code to start email

Figure 5.5. Displaying message of text le and imagesfm ll.


41/51

31

intent from android emulator. To send email in android we should provide permission in its

manifest le.

//permission

// Email

Uri attached_Uri = Uri.parse(content://media/external/images/media/4);Intent emailIntent = new Intent(android.content.Intent.ACTION_SEND,attached_Uri);String[] recipients = new String[]{[email protected],};emailIntent.putExtra(android.content.Intent.EXTRA_EMAIL, recipients);emailIntent.putExtra(android.content.Intent.EXTRA_STREAM,attached_Uri);

emailIntent.putExtra(android.content.Intent.EXTRA_SUBJECT, Test);emailIntent.putExtra(android.content.Intent.EXTRA_TEXT, This isemails message);emailIntent.setType(image/jpeg);startActivity(Intent.createChooser(emailIntent, Send mail...));nish();

ACTION_ SEND:this intent is used to send email from emulator. Basically, it tells

the Android system that your application wants to send some sort of message.

EmailIntent.setType: set the type of data sender wants to send. Once you have set the

type data for the Intent, you can call the startActivity() method, passing in your Intent.

Figures 5.6 and 5.7 illustrate sending stego image via email and UI of emailing stego

image, respectively.


42/51

32

F 5.7. ui f ml s m.

F 5.6. S s m v ml.


43/51

33

chapter 6

decoding oF Steganography MeSSageS

I have used 64 MB SD memory card in my android emulator to store images. In my

Android module, whenever user get stego image in email, he can download stego image

from email. The downloaded image will be stored by default in sdcard/ folder. The message

is decrypted using AES algorithm. Decryption is the reverse process of encryption that is

getting original data back from encrypted message. To decipher the message, the receiver of

the encrypted data must have the proper decryption key (password) as AES is symmetric key

or private key cryptography.

6.1 DeCoDing textin anDroiD moDule

Once the stego image is sent in an email, the recipient of the image can download

this image into his emulators memory that is also known as sdcard. User can use this image

in order to get hidden message back. Here I have selected Hexagon as a geometric object.

Above code explain how to nd the intersection points of Hexagon and image. Once this

intersection points are found we can get the message hidden into these points. To receive

email in android we should provide permission in its manifest le of android application (see

Figure 6.1).

The code for decrypting text follows:

private static byte[] decrypt(byte[] raw, byte[] encrypted) throwsException{

SecretKeySpec skeySpec = new SecretKeySpec(raw, AES);Cipher cipher = Cipher.getInstance(AES);cipher.init(Cipher.DECRYPT_MODE, skeySpec);byte[] decrypted = cipher.doFinal(encrypted);return decrypted;

The code for getting text from images in android follows:

privatebyte[] decode_text1(byte[] image)


44/51

34

{ int tx=1,ty=1; int tx1=57,ty1=1; // End point 1 int tx2=170,ty2=1; // End point 2 int tx3=225,ty3=113; // End point 3 int tx4=170,ty4=225; // End point 4 int tx5=57,ty5=225; // End point 5 int tx6=1,ty6=113; // End point 6

int lenmsg1 = Integer.parseInt(lenmsg);byte[] result = newbyte[lenmsg1]; for(ty=1;ty0) && (fCD(tx,ty,tx3,ty3,tx4,ty4)*fDE(tx,ty,tx4,ty4,tx5,ty5)>0)&& (fDE(tx,ty,tx4,ty4,tx5,ty5)*fEF(tx,ty,tx5,ty5,tx6,ty6)>0) && (fEF(tx,ty,tx5,ty5,tx6,ty6)*fFA(tx,ty,tx6,ty6,tx1,ty1)>0))

{ break;

}}

int pt = (ty-1)*225+tx;result[ty-1] = image[pt];

for(tx=170;tx0) && (fBC(tx,ty,tx2,ty2,tx3,ty3)*fCD(tx,ty,tx3,ty3,tx4,ty4)>0) && (fCD(tx,ty,tx3,ty3,tx4,ty4)*fDE(tx,ty,tx4,ty4,tx5,ty5)>0)&& (fDE(tx,ty,tx4,ty4,tx5,ty5)*fEF(tx,ty,tx5,ty5,tx6,ty6)>0) && (fEF(tx,ty,tx5,ty5,tx6,ty6)*fFA(tx,ty,tx6,ty6,tx1,ty1)>0)))

Download The Stego Image With Hidden Message From Email

Apply The Hexagon Insertion Algorithm

Find Out The Encrypted Message And The Decrypt It

Ori inal Messa e

F 6.1. Flw f m s ss .


45/51

35

{ break;

}}

int pt1 = (ty-1)*225+tx;result[ty] = image[pt1];

ty=ty+2;}String st = new String(result);

return result;}

publicstaticoat fAB(int x,int y,int x1,int y1,int x2,int y2){ return ((y-y1)*(x2-x1) - (x-x1)*(y2-y1));}

publicstaticoat fBC(int x,int y,int x2,int y2,int x3,int y3){ return ((y-y2)*(x3-x2) - (x-x2)*(y3-y2));

}publicstaticoat fCD(int x,int y,int x3,int y3,int x4,int y4){ return ((y-y4)*(x3-x4) - (x-x4)*(y3-y4));}

publicstaticoat fDE(int x,int y,int x4,int y4,int x5,int y5){ return ((y-y4)*(x5-x4) - (x-x4)*(y5-y4));}

publicstaticoat fEF(int x,int y,int x5,int y5,int x6,int y6){ return ((y-y5)*(x6-x5) - (x-x5)*(y6-y5));}

publicstaticoat fFA(int x,int y,int x6,int y6,int x1,int y1){ return ((y-y6)*(x1-x6) - (x-x6)*(y1-y6));}

Figure 6.2 illustrates the message after decoding an image le.

6.2 DeCoDing textin matlab moDule

A bit plane of a digital image is a set of bits having the same position in the

respective binary numbers. For example, for 8-bit data representation there are 8 bit-planes:

the rst bit-plane contains the set of the most signicant bit and the second bit-plane contains

the second most signicant bit and so on. In the decoding process the gray scale image is

converted into 8-bit planes. All these image bit planes are shifted by 1 bit and then cone is

inserted into these 8 bit planes. Intersection point of cone and image are then considered as


46/51

36

a place where sender has hide his secret message. So the recipient of message can nd the

hidden message. The code for getting text from images in matlab follows:

%get 8 bitplanes of image

for i=1:8bitsd=bitget(image,i);bitsd = bitsd ~= 0;bitplaned{i}=bitsd;

end

for i=1:4for j=1:256

for k=1:256helixd(j,256*(i-1)+k)=bitplaned{i}(j,k);

endend

end

%performing shift operation on the imageshift=1;

for i=1:256;for j=1:256*4;

if mod((i-1)*shift+j,256*4) == 0;h1(i,256*4)=helixd(i,j);

else

h1(i,mod((i-1)*shift+j,256*4))=helixd(i,j);

Figure 6.2. Message after decoding image le.


47/51

37

endend

end

Loops=2;

%gure,imshow(h);

%getting back the inserted txt at the intersection point of image andcone back

k=1;for i=4:4:256;

for j=4:4:(256*4)/(2*Loops);if k >= length(val);

break;elseval1(k)=h1(i,j);k=k+1;

val1(k)=h1(i,((256*4)/(2*Loops))+((256*4)/(2*Loops))-j);k=k+1;val1(k)=h1(i,2*((256*4)/(2*Loops))+j);k=k+1;val1(k)=h1(i,3*((256*4)/(2*Loops))+((256*4)/(2*Loops))-j);k=k+1;end

endend

code=zeros(length(val1)/8,8);p=0;q=0;

r=1;for i=1:length(val1)/8

p=0;q=0;for j=1:8

code(i,j)=val1((i-1)*8+j);p=p+((2^(j-1))*(double(val1((i-1)*8+j))));

endstr(r) = mod(p,255);r=r+1;

end

str=char(str);

%writing decoded text to le name unsecure.txt

dlmwrite(unsecure.txt,str,);


48/51

38

chapter 7

concLuSion

Steganography is powerful and effective for communication of secret data. In some

countries, cryptography is not allowed to be applied in full application. They have put certain

restrictions due to security reasons. Steganography is very important in such situations. On

the other side, steganography alone is not secure entirely. Steganography when combined

with cryptography indeed becomes a powerful method of secure of communication. If

Steganography is broken then the attacker has to still break cryptography. One also needs to

implement steganography keeping in mind the various possible attacks.

The two modules showing the encoding and decoding techniques of storing the secret

message in a cover media work very effectively. The techniques discussed here to achieve

such kind of a covert communication is just an effort to show that practically any kind of

secret communication is possible in information security.

7.1 limitations

To validate in Matlab Module, we have already mentioned name of cover image to

be used in code and text le name to be read. In Android module , message from text le

is made to read and cover image is selected from picture gallery available in that particular

SD Card. In my application all images has to be jpeg le and for android application has

to be of at least 1024x768.The memory card is basic requirement for Android otherwise

application would not execute further. Sometimes Downloading Larger images from gmail

forces android phones to stay in busy mode. So my suggestion is to attach embedded image

manually with email.


49/51

39

7.2 future enHanCements

The existing application is a desktop application. The Java application runtime (.jar)

that is created using the eclipse IDE which is nothing but an archive which can be moved to

any workstation irrespective of the operating system that the workstation has and a single

click can easily install the entire system on the respective machine.

The result of Android module will be an .APK le which is the actual program binary

of application. However, the .APK le your compiler creates can only be used with the

emulator on your desktop PC/Mac. You cannot use the same .APK le to install and run your

app on your Android phone.

Google wants to protect its phone users from installing and running fraudulent

software on their devices. Therefore, each and every application needs to be signed with a

valid certicate that ensures where the application comes from. I am planning to signed the

application with my certicate using suitable private key and upload on open source Android

market to get feedback from Android phone user and see how many downloads occurs by

users to use this application.

Also the web support can be extended by adding MMS feature to the software where

the encoded stream can be mms to the receiver to get it decoded. This feature can make the

software really efcient. These kind of small additions can be tried for the software to make it

more interactive, user friendly and technically more sound and secure in combination of one

or the other. The results clearly show the considerable difference between the errors detected

in Mode 1 and Mode 2. Also in both the modes, as more number of bits per codeword is

encoded, the number of errors decreases at the receivers end. The numbers remain fairly

consistent for all the three cases in Mode 1, but for Mode 2 the difference between 1 stega bit

sent per codeword and 2 stega bits sent per codeword are large. This phenomenon is observed

due to the fact that the detection mechanism in Mode 2 becomes much more stringent and

expectation of erred bits is more accurate as we increase the bit frequency at the sender.


50/51

40

reFerenceS

T. Morkel , J.H.P. Eloff , and M.S. Olivier. An Overview of Image Steganography.[1]

Department of Computer Science, University of Pretoria, South Africa, 2010. http://mo.co.za/open/stegoverview.pdf, accessed November 2010.

N. Sharma, N. Gupta, and J.S. Bhatia. An Encrypto-Stegno Technique Based Secure[2]Data Transmission System. Chandigrah, 2010. http://www.infosecwriters.com/text_resources/pdf/encrypto.pdf, accessed November 2010.

A. Mangarae. Steganography FAQ. Zone-H.org, March 18, 2006. http://[3]infosecwriters.com/text_resources/pdf/Steganography_AMangarae.pdf, accessedNovember 2010.

R. Bergmair. Towards Linguistic Steganography: A Systematic Investigation of[4]Approaches, Systems, and Issues. Keplerstrasse 3. http://citeseerx.ist.psu.edu/

viewdoc/download?doi=10.1.1.122.8569&rep=rep1&type=pdf, accessed November2010.

J. Burns. Developing Secure Mobile Application. ISEC Parnters, October 2008.[5]https://www.isecpartners.com/les/iSEC_Securing_Android_Apps.pdf, accessedNovember 2010.

Wikipedia. Android. Wikipedia, 2010. http://en.wikipedia.org/wiki/[6]Android(operating_system), accessed October 2010..

Zeukstek, Android Architecture. Zeukstek, 2010, http://blog.zeustek.com/2010/11/11/[7]android-architecture accessed November 2010.

R. Meier. Professional Android Application Development. New York: Wrox[8]Publication, 2008.

L. Darcey and S. Conder. How to Build an Android Application, Step by[9]Step, ComputerWorld, August 30, 2010. http://www.computerworld.com/s/article/print/9181925/How_to_build_an_Android_application_step_by_step?taxonomyName=App%20Development& , accessed November 2010.

M. Murphy. The Busys Coder Guide to Android Development. New York:[10]Commonware, 2009.

E. L. Hall. Computer Image Processing and Recognition. New York: Academic Press,[11]

1979.

A. Mehta, S. Rampu, and A. Simionescu, Black Holes. General Geoscience and[12]Astrophysics, Jacobs University, 2010. http://www.faculty.iu-bremen.de/course/fall02/c210101/students/BlackHoles/Black%20holes%20and%20Schwartzschild%20geometry.htm, accessed November 2010.

Wikipedia. Cone. http://en.wikipedia.org/wiki/Cone, accessed October 2010.[13]


51/51

41

Wikipedia. Hexagon. Wikipedia, 2010. http://en.wikipedia.org/wiki/Hexagon,[14]accessed October 2010.

Tutornext, Properties of Polygons. Tutornext, 2010. http://www.tutornext.com/[15]properties-polygonspentagon-hexagon/1017, accessed Novemer 2010.

Wikipedia. AES. Wikipedia, 2010. http://en.wikipedia.org/wiki/Advanced_[16] Encryption_Standard, accessed October 2010.

Documents

Gandhi Viraj