Sunday, December 15, 2013

Paper: BMP 隱寫工具之嵌入簽章與安全分析

這是我們發表在 2013 全國計算機會議 (National Computer Symposium) 的論文:

BMP 隱寫工具之嵌入簽章與安全分析
Embedding Signature and Staganalysis of BMP Steganographic Tools
李慧娟、李遠坤、蔡振揚
銘傳大學資工系

中文摘要

本論文針對可從網路下載的 BMP 影像隱寫工具進行安全性檢測。首先,針對隱寫工具所產生的 BMP 偽裝影像進行嵌入簽章的萃取實驗。接著,針對嵌入簽章的所在位置與檔頭格式進行比對,提出各個隱寫工具所使用的特定輸出模式。最後,再透過簽章驗證實驗來評估特定輸出模式對安全性的影響。

實驗結果顯示 10 個隱寫工具只有 3 個隱寫工具沒有在檔頭留下任何簽章;其中 2 個隱寫工具是將機密訊息藏在檔案尾端,偽裝影像很容易被辨識出來。因此,只有 1 個隱寫工具所使用的輸出模式是真正安全的。所萃取出的 7 組嵌入簽章,透過簽章驗證實驗結果歸納出當隱寫工具所採用的輸出模式愈特殊時,透過嵌入簽章來篩選偽裝影像的正確率也會愈高。因此,隱寫工具除了將機密訊息嵌入到數位媒體內容之外,在輸出偽裝媒體時,絕對不可採用特定的輸出模式,以避免在檔案標頭區域留下簽章,成為安全漏洞。



投影片下載

Saturday, February 09, 2013

News: 錯字也抄 論文抄襲去年 23 件

中國時報 2013-02-09 李宗祐、胡清暉/台北報導
原始新聞連結

國科會昨日公布歷年涉及研究論文抄襲、或未適當引註等違反學術倫理案件統計,從民國八十八年到去年為止,共有一百件被裁定違反學術倫理,不但出現逐漸攀升趨勢,去年更以廿三件創下歷年新高,凸顯國內學術界「文抄公」越來越多,抄襲歪風日益猖獗!

面對學術抄襲歪風日盛,國科會昨日修訂《學術倫理案件處理及審議要點》,也頒布《研究人員學術倫理規範》,以負面表列把造假、變造、抄襲、與研究成果發表及作者定義相關之不當行為、自我抄襲和一稿多投等,列為學術研究「不該有的行為」,讓學者明確瞭解什麼事情可以做、什麼事情不能做。

國科會副主委孫以瀚解釋,指導教授把學生做的研究據為已有、發表論文,沒有讓學生掛名「共同作者」,就是與研究成果發表及作者定義相關之不當行為。

至於性騷擾、師生關係和經費使用(不實發票報銷)等則被列為一般生活或工作倫理,因另有主管機關或相關規範處理,被列為學術倫理無關。孫以瀚舉例,不實發票核銷研究經費,國科會另設有《專題研究計畫經費浮報虛報處理作業要點》處理,不在學術倫理規範內。

教育部長蔣偉寧表示,若違反學術規範,應有適當處置,教育部支持國科會訂定學術倫理規範的做法,也會加強宣導,杜絕抄襲、造假等爭議。

孫以瀚直言,去年被裁定違反學術倫理的案件,有幾件真的抄得很嚴重,「不但滿大篇幅的抄襲,連錯字都沒改」;還有人在個人著作目錄列了一堆根本不是他的論文,卻把自己的名字加到別人的論文裡面,甚至連論文引註頁數都寫錯;有的則是把別人的研究背景說明整段抄過來。

相較於民國九十八年以前,每年違反學術倫理案件僅個位數,去年增加到廿三件,大幅成長二.八三倍。國科會綜合業務處長陳宗權指出,案件明顯增加,最主要是因為過去都是被動靠人家檢舉,近幾年多數由審查委員在審查研究計畫時主動發現。

不過國科會昨日以《個人資料保護法》為由,拒絕公布「文抄公」名單,僅透露廿三件被裁定案件,有一名學者被裁定停權五年、不得申請國科會研究計畫經費補助;被罰停權三年和二年者各有一名和三名,其餘十八人均被停權一年。

News: 抓研究造假 學術倫理規範出爐

【聯合報╱記者劉盈慧/台北報導 原始新聞連結
2013.02.09 02:46 am

國科會昨天首度公布「研究人員學術倫理規範」,國科會副主委孫以瀚表示,這是國內第一次對學術研究領域的學術倫理下規範,造假、變造、抄襲等行為都違反學術倫理。他期盼透過這項明文規定,讓學研單位都有所遵循,避免做出違反倫理的事。

國科會訂定的學術倫理規範中,將造假、變造、抄襲、重複發表、作者定義不清、一稿多投、自我抄襲列為學術研究倫理的不良態樣。像是引述他人著述卻又沒註明出處,視為抄襲,或是明明有五名學者共同做研究,出處上卻只寫出其中三名,沒標出其他兩名的貢獻,就屬於作者定義不清。

孫以瀚表示,這次的學術倫理規範將最常見的狀況逐一列出,也有部分說明與定義。只要是有向國科會申請研究計畫的教授、研究助理、博士後研究員都屬於規範對象。

學者若觸犯,學術倫理審議會將依情節輕重,輕者被告誡,重者要停止在國科會申請的研究計畫一至十年,並追回部分或全部的研究補助費與獎勵。最嚴重的還會被處以終身停權。

孫以瀚指出,國科會近年處理違反學術倫理的案子,件數逐年增加;民國九十七年有七件,九十九年有十四件,去年有廿三件。他說,以去年的為例,八成的案件都涉及抄襲。去年最嚴重的一件是某學者在著作目錄裡,「把別人的文章也加到自己的名下」,因此處以停權五年。另有一件被停權三年、三件被停權一年。

而先前的教授浮報、虛報發票案件,並沒有列入學術倫理規範中;他回答,學術倫理針對的是研究內容,浮報及假發票不屬於這個層面。這項學術倫理規範,昨天公布後立即生效。

Wednesday, May 16, 2012

Friday, May 11, 2012

Talk: digital steganography & steganalysis



今天晚上應元智大學資工系 王任瓚教授的邀請, 到元智資工和研究生聊什麼是數位隱寫術與隱寫分析(digital steganography & steganalysis), 主要是談論基本觀念與一些有趣的故事, 順便把自己這兩三年的研究成果的原始構想介紹出來。

前幾天, 剛好有一位蓋達組織的成員被逮, 藏在內褲的記憶卡被搜了出來。記憶卡中色情影片被分析後, 找到一百多份蓋達組織的機密文件。因此, 演講剛好就可以用這個故事開場, 時間還配合的剛剛好呢! 而 CNN 網站長達10分鐘的影片, 剛好可以在等待演講前, 在會場播放給早到的研究生觀看。

故事用蓋達最近的新聞開場, 但我真正想表達的是這樣的技術在學術界早就公開教人怎麼藏了, 所以我拍了一張 2003 年 Min Wu 在 IEEE 所發表的兩篇論文的照片, 主題就是 Data Hiding in Image and Video, 希望表達 steganography 並不是什麼新技術; 而且, Jack Kelly 在 911 事件發生之前, 就在 USA Today 新聞網站上發表了 2 篇文章, 指出恐怖組織可能使用隱寫技術進行秘密通訊。

接下來, 演講主題進入 steganography 專業術語的解說, 並且藉著與 cryptography 術語的異同比較, 指出這兩個領域其實是可以互相搭配與結合, 讓秘密通訊的安全性可以進一步獲得提升。演講中, 提到梅鐸新聞集團的醜聞, 除了指出密碼技術的新運用之外, 也點出密碼技術是可能被破解的。密碼與破解密碼的故事, 在許多書上都有精彩的描述, 在演講中, 順便介紹了一些我覺得可以閱讀的中英文相關書籍。沒錯! 其中還包含一本漫畫書。

其實這是一個有長達 2500 年歷史的研究領域。

Friday, May 04, 2012

News: Documents reveal al Qaeda's plans for seizing cruise ships, carnage in Europe

By Nic Robertson, Paul Cruickshank and Tim Lister, CNN
May 1, 2012 -- Updated 0930 GMT (1730 HKT)

CNN's Original Link



Editor's note: This story is based on internal al Qaeda documents, details of which were obtained by CNN. Hundreds of documents were discovered by German cryptologists embedded inside a pornographic movie on a memory disk belonging to a suspected al Qaeda operative arrested in Berlin last year. The German newspaper Die Zeit was the first to report on the documents.

(CNN) -- On May 16 last year, a 22-year-old Austrian named Maqsood Lodin was being questioned by police in Berlin. He had recently returned from Pakistan via Budapest, Hungary, and then traveled overland to Germany. His interrogators were surprised to find that hidden in his underpants were a digital storage device and memory cards.

Buried inside them was a pornographic video called "Kick Ass" -- and a file marked "Sexy Tanja."

Several weeks later, after laborious efforts to crack a password and software to make the file almost invisible, German investigators discovered encoded inside the actual video a treasure trove of intelligence -- more than 100 al Qaeda documents that included an inside track on some of the terror group's most audacious plots and a road map for future operations.

Future plots include the idea of seizing cruise ships and carrying out attacks in Europe similar to the gun attacks by Pakistani militants that paralyzed the Indian city of Mumbai in November 2008. Ten gunmen killed 164 people in that three-day rampage.

Terrorist training manuals in PDF format in German, English and Arabic were among the documents, too, according to intelligence sources.

U.S. intelligence sources tell CNN that the documents uncovered are "pure gold;" one source says that they are the most important haul of al Qaeda materials in the last year, besides those found when U.S. Navy SEALs raided Osama bin Laden's compound in Abbottabad, Pakistan, a year ago and killed the al Qaeda leader.

One document was called "Future Works." Its authorship is unclear, but intelligence officials believe it came from al Qaeda's inner core. It may have been the work of Younis al Mauretani, a senior al Qaeda operative until his capture by Pakistani police in 2011.

The document appears to have been the product of discussions to find new targets and methods of attack. German investigators believe it was written in 2009 -- and that it remains the template for al Qaeda's plans.

Investigative journalist Yassin Musharbash, a reporter with the German newspaper Die Zeit, was the first to report on the documents. One plan: to seize passenger ships. According to Musharbash, the writer "says that we could hijack a passenger ship and use it to pressurize the public."

Musharbash takes that to mean that the terrorists "would then start executing passengers on those ships and demand the release of particular prisoners."

The plan would include dressing passengers in orange jump suits, as if they were al Qaeda prisoners at Guantanamo Bay, and then videotaping their execution.

Lodin and a man called Yusuf Ocak, who allegedly traveled back to Europe with him, are now on trial in Berlin where they are pleading not guilty. Ocak was detained in Vienna two weeks after Lodin's arrest.

According to a senior Western counterterrorism official, their names were on a watch list, and when they handed over documents at a European border crossing, their names registered with counterterrorism agencies.

Both men have pleaded not guilty to terrorism charges. Ocak is also charged with helping to form a group called the German Taliban Mujahedeen, and is alleged to have made a video for the group threatening attacks in Germany.

Prosecutors believe the pair met at a terrorist training camp in Pakistan's tribal territories and were sent back to Europe to recruit a network of suicide bombers.

"We do not know what those men were up to but there are certain files of information that would make it plausible that they were probably thinking of a Mumbai-style attack," says Musharbash.
In the fall of 2010, a year after the document was written, European intelligence agencies were scrambling to investigate a Mumbai-style plot involving German and other European militants -- which sparked an unprecedented U.S. State Department travel warning for Americans in Europe.

"I think it is plausible to think that the 'Future Works' document is part of that particular project," says Musharbash.

"Future Works" suggests al Qaeda was an organization under great pressure, without a major attack to its name in several years, harried by Western intelligence. If anything, its predicament is even more dire today.

"The document delivers very clearly the notion that al Qaeda knows it is being followed very closely," Musharbash tells CNN. "It specifically says that Western intelligence agencies have become very good at spoiling attacks, that they have to come up with new ways and better plotting."

Part of the response, according to the document, should be to train European jihadists quickly and send them home -- rather than use them as fighters in Afghanistan and Pakistan -- with instructions on how to keep in secret contact with their handlers.

What emerges from the document is a twin-track strategy -- with the author apparently convinced that al Qaeda needs low-cost, low-tech attacks (perhaps such as the recent gun attacks in France carried out by Mohammed Merah) to keep security services preoccupied while it plans large-scale attacks on a scale similar to 9/11.

Those already under suspicion in Europe and elsewhere would be used as decoys, while others would prepare major attacks.

That is yet to materialize, but Musharbash believes a complex gun attack in Europe is still on al Qaeda's radar.

"I believe that the general idea is still alive and I believe that as soon as al Qaeda has the capacities to go after that scenario, they will immediately do it," he says.

While "Future Works" does not include dates or places, nor specific plans, it appears to be a brainstorming exercise to seize the initiative -- and reinstate al Qaeda on front pages around the world.

Wednesday, May 02, 2012

News: Al Qaeda ship secret plans encrypted in porn movie

Written by Nick Farrell
Wednesday, 02 May 2012 09:59

Original Link

Spooks didn’t see that one coming

Al Qaeda has been distributing its top secret plans across the internet embedded and encrypted within a file of a porn movie.

According to the German newspaper Die Zeit the file was discovered on a 22-year-old Austrian named Maqsood Lodin. When he was questioned his interrogators were surprised to find that hidden in his underpants were a digital storage device and memory cards. Buried inside them was a pornographic video called "Kick Ass" and a file marked "Sexy Tanja."

These are not the usual thing you expect to find on a Muslim fundamentalist, although it was viable for a Christian fundamentalist politician, so the investigators smelt a rat. It took several weeks to crack the a password and software to make the file visible and it turned out that there were more than 100 al Qaeda documents included inside the file. These included some plans for taking over cruise ships and carrying out attacks in Europe similar to the gun attacks by Pakistani militants in Mumbai in November 2008.

There were terrorist training manuals in PDF format in German, English and Arabic were among the documents, too, according to intelligence sources. Investigative journalist Yassin Musharbash, a reporter with the German newspaper Die Zeit said that one plan was to hijack a passenger ship. They would dress passengers in orange jump suits, as if they were al Qaeda prisoners at Guantanamo Bay, and then videotape their execution. That was before the idea of travelling on a cruise ship turned out to be such dangerous exercise, particularly if it was piloted by an Italian.

News: 'Sexy Tanja' Porn Movie Hid al Qaida's Plot for Mumbai-style Attack on Europe

By EWAN PALMER, May 1, 2012 12:08 PM GMT
Original Link

Hundreds of al-Qaida documents have been discovered embedded inside a pornographic movie, including a plot to carry out an attack in Europe similar to the 2008 Mumbai attacks.

The documents were found after 22-year-old Austrian Maqsood Lodin was detained and searched by investigators in Berlin after flying from Pakistan via Budapest.

The investigators discovered a storage device and a memory card hidden in Lodin's underwear which contained a pornographic film called Kick Ass and a file marked Sexy Tanja.

Several weeks later, investigators decoded the device and found more than 100 al-Qaida documents embedded in the video, including terrorist training manuals and plans to seize cruise ships to launch an attack on Europe similar to the 2008 Mumbai attacks in which 10 gunmen killed 164 people.

US intelligence told CNN the materials discovered are the most important since the trove which were discovered during the killing of Osama Bin Laden last year.

One of the documents, entitled Future Works, was reported to appear to show discussions by al-Qaida to find new targets and methods of attacks. German investigators believe the document was written in 2009 and still forms a large part of al-Qaida's plans.

A year after the document was written; European intelligence agencies investigated a Mumbai-style plot involving Germany which sparked a US State Department travel warning for Americans in Europe.
Investigative journalist Yassin Musharbash, a reporter with theGerman newspaper Die Zeit, was the first to report on the documents. He was quoted as saying: "I think it is plausible to think that the 'Future Works' document is part of that particular project."

Musharbash told CNN: "The document delivers very clearly the notion that al Qaeda knows it is being followed very closely.

"It specifically says that Western intelligence agencies have become very good at spoiling attacks, that they have to come up with new ways and better plotting."

Lodin and alleged compatriot Yusuf Ocak, who was detained in Vienna two weeks later, was stopped in Berlin, are currently on trial in the German capital.

They have pleaded not guilty to terrorism charges. The men, who reportedly met in a terrorist training camp in Pakistan, were both listed on a watch list. Prosecutors said they believe the men were sent back to Germany to recruit others to take part in the attacks outlined in the documents.

News: 賓拉丹遭斃週年 解碼情色片藏攻擊訊息

賓拉丹遭斃週年 解碼情色片藏攻擊訊息

(自由時報 即時新聞 2012/5/1 17:42 原始新聞連結)

台灣時間5月2日,是911事件主謀賓拉丹(Osama bin Laden)遭美軍擊斃屆滿週年的日子,現在傳出,當時賓拉丹住處擁有大量色情片,經過情報人員解碼後,這批色情片原來藏有恐怖攻擊的訊息。

賓拉丹的住處遭搜出大量色情片,其中一支叫「Kick Ass」的片子,裡面藏有「Sexy Tanja」的資料夾,恰巧與德國警方去年逮捕的一名恐部分子所擁有的內容相同,經交叉比對後,色情片原來暗藏恐怖攻擊計畫,包括炸彈攻擊與劫持郵輪等。

「Sexy Tanja」的資料夾裡共有上百個開打恐怖組織(Al-Qaeda)檔案,檔案顯示開打欲以殺死乘客為籌碼,逼迫美國或德國當局釋放特定囚犯,若不從,將錄製殺害乘客的過程,寄給有關當局。

美國情報人員表示,種種資料顯示,這份資料可能是在2009年完成,雖然未真實發生類似事件,但攻擊的手法,已經成為日後恐怖組織進行攻擊活動時,主要的模仿方式。


暗藏基地情報 A片變恐怖片

(中時電子報 2012/5/2 5:30 am 記者陳文和 綜合報導 原始新聞連結)

德國當局破解恐怖分子嫌犯偽製成色情影片的數位檔案後赫然發現,裡頭竟隱藏「基地」國際恐怖組織上百份內部文件,宛如挖出一座情報寶庫。而基地組織一些膽大包天的攻擊計畫也因而曝光,其中包括劫持遊輪,以及在歐洲地區重演二○○八年印度最大城市孟買傷亡慘重的連環恐怖攻擊。

德國警方去年五月十六日在柏林盤問廿二歲奧地利籍恐怖活動嫌犯洛汀,意外查獲他內衣褲裡藏匿數位儲存裝置和記憶卡,而裡面存有一部名為《Kick Ass》的成人影片,以及一個標示為「性感坦雅」(Sexy Tanja)的檔案。

洛汀與籌組「德國塔里班人民聖戰士」組織的另一名嫌犯歐卡克都到過巴基斯坦,在恐怖分子訓練營相識,並奉派返回歐洲召募人員準備發動自殺式炸彈攻擊。洛汀被捕後兩周,歐卡克也在維也納落網,兩人正接受法庭審判。

洛汀所持有檔案的真實內容經編碼加密,且有保護程式使其隱而不見,德國調查人員經數周努力才成功破解。據美國情報界描述,裡面所暗藏的基地內部文件如同「高純度黃金」,和美軍擊殺基地首腦賓拉登後斬獲的情資等量齊觀。

該批文件內含德文、英文與阿拉伯文版PDF格式的恐怖分子訓練手冊,以及基地組織未來的運作計畫,其中包括劫持客輪,讓乘客換穿如同關達那摩灣美軍基地監獄恐怖嫌犯的橙色囚服,以殺害乘客為要脅,甚至將他們處決並公布相關錄影,以迫使有關當局釋放特定囚犯。
此外,基地也計畫在歐洲發動連環恐怖攻擊,手法近似二○○八年的孟買事件。當年十一月廿六日到廿九日,來自巴基斯坦的恐怖分子接連襲擊孟買十多處地點,以槍械和炸彈奪走一百六十四人的生命,並造成逾三百人受傷。

而一份名為「未來工作」的文件明確顯示,基地組織自知受到嚴密監控,西方國家情報機構對偵破其攻擊計畫越來越得心應手,因此亟欲「構想新攻擊方式並進行更完善規畫」,包括訓練歐洲的伊斯蘭聖戰士並派遣他們回國執行任務,以及運用低成本且低科技的攻擊,讓歐洲各國安全單位疲於奔命,再趁機擘劃「九一一事件」規模的攻擊行動。

Wednesday, April 18, 2012

News: 31 篇論文造假 女教授判囚 1.5 年

蘋果日報 2012/04/18 許淑惠 台中報導

逢甲大學自動控制系前女教授陳OO,被控為了升等,六年來謊稱在國際期刊發表三十一篇論文著作,以致校方誤認而陸續給予升等副教授、教授,檢方認定她因此騙得升等薪資近三十萬元,台中地院昨依詐欺罪判她一年六月徒刑。

稱無不法「將上訴」

至今無業的陳OO(四十一歲)昨透過友人表示:「論文升等這是身分上(指教授、副教授)的取得,她並未因此獲得經濟上的不法利益,不符詐欺罪構成要件,會再上訴。」陳女友人表示,判決結果讓陳女很難過。

陳OO是成功大學航太所博士,曾獲救國團青年獎章、亞洲傑出青年科學家獎,二○○○年進入逢甲擔任助理教授,二○○四年升副教授、二○○八年底升教授,其間還赴美國聖路易市華盛頓大學擔任訪問學者,但隔年即遭檢舉她提出升等送審的論文涉嫌偽造、變造,校方逐一清查屬實,撤銷她的教授及副教授資格,且十年不得再提升等,陳女則主動離職。

未在國際期刊發表

開庭時,陳女主張三十一篇論文都是她的作品,其中有十二篇已確認公開發表過,其餘陸續確認中,而校方曾將她的論文送外審單位審核通過,即代表具升等實力,並未詐騙校方。

但檢察官為查明陳女的論文究竟有無在《Journal of Guidance, Control, and Dynamics》等期刊發表,曾函轉外交部,將陳女申請升等的論文送到美國,經追查、比對認定陳女所寫多篇論文並未在國際期刊發表,因此將她依詐欺罪起訴。