Thursday, December 18, 2008

News: Terrorist instructions hidden online

2001/02/05 Jack Kelley 接連在《 USA Today 》發表兩篇報導, 指出美國官方及專家認為賓拉登及其組織可能透過將恐怖攻擊計畫藏在色情網站的圖片之中,或是運動聊天室來傳遞攻擊指令。

原始新聞連結 / Original Link
Terror groups hide behind Web encryption



02/05/2001 - Updated 05:17 PM ET
By Jack Kelley

WASHINGTON — Hidden in the X-rated pictures on several pornographic Web sites and the posted comments on sports chat rooms may lie the encrypted blueprints of the next terrorist attack against the United States or its allies. It sounds farfetched, but U.S. officials and experts say it's the latest method of communication being used by Osama bin Laden and his associates to outfox law enforcement. Bin Laden, indicted in the bombing in 1998 of two U.S. embassies in East Africa, and others are hiding maps and photographs of terrorist targets and posting instructions for terrorist activities on sports chat rooms, pornographic bulletin boards and other Web sites, U.S. and foreign officials say.

"Uncrackable encryption is allowing terrorists — Hamas, Hezbollah, al-Qaida and others — to communicate about their criminal intentions without fear of outside intrusion," FBI Director Louis Freeh said last March during closed-door testimony on terrorism before a Senate panel. "They're thwarting the efforts of law enforcement to detect, prevent and investigate illegal activities."

A terrorist's tool

Once the exclusive domain of the National Security Agency, the super-secret U.S. agency responsible for developing and cracking electronic codes, encryption has become the everyday tool of Muslim extremists in Afghanistan, Albania, Britain, Kashmir, Kosovo, the Philippines, Syria, the USA, the West Bank and Gaza and Yemen, U.S. officials say.

It's become so fundamental to the operations of these groups that bin Laden and other Muslim extremists are teaching it at their camps in Afghanistan and Sudan, they add.

"There is a tendency out there to envision a stereotypical Muslim fighter standing with an AK-47 in barren Afghanistan," says Ben Venzke, director of special intelligence projects for iDEFENSE, a cyberintelligence and risk management company based in Fairfax, Va.

"But Hamas, Hezbollah and bin Laden's groups have very sophisticated, well-educated people. Their technical equipment is good, and they have the bright, young minds to operate them," he said.

U.S. officials say bin Laden's organization, al-Qaida, uses money from Muslim sympathizers to purchase computers from stores or by mail. Bin Laden's followers download easy-to-use encryption programs from the Web, officials say, and have used the programs to help plan or carry out three of their most recent plots:

  * Wadih El Hage, one of the suspects in the 1998 bombing of two U.S. embassies in East Africa, sent encrypted e-mails under various names, including "Norman" and "Abdus Sabbur," to "associates in al Qaida," according to the Oct. 25, 1998, U.S. indictment against him. Hage went on trial Monday in federal court in New York.

  * Khalil Deek, an alleged terrorist arrested in Pakistan in 1999, used encrypted computer files to plot bombings in Jordan at the turn of the millennium, U.S. officials say. Authorities found Deek's computer at his Peshawar, Pakistan, home and flew it to the National Security Agency in Fort Meade, Md. Mathematicians, using supercomputers, decoded the files, enabling the FBI to foil the plot.

  * Ramzi Yousef, the convicted mastermind of the World Trade Center bombing in 1993, used encrypted files to hide details of a plot to destroy 11 U.S. airliners. Philippines officials found the computer in Yousef's Manila apartment in 1995. U.S. officials broke the encryption and foiled the plot. Two of the files, FBI officials say, took more than a year to decrypt.

"All the Islamists and terrorist groups are now using the Internet to spread their messages," says Reuven Paz, academic director of the Institute for Counter-Terrorism, an independent Israeli think tank.

Messages in dots

U.S. officials and militant Muslim groups say terrorists began using encryption — which scrambles data and then hides the data in existing images — about five years ago.

But the groups recently increased its use after U.S. law enforcement authorities revealed they were tapping bin Laden's satellite telephone calls from his base in Afghanistan and tracking his activities.

"It's brilliant," says Ahmed Jabril, spokesman for the militant group Hezbollah in London. "Now it's possible to send a verse from the Koran, an appeal for charity and even a call for jihad and know it will not be seen by anyone hostile to our faith, like the Americans."

Extremist groups are not only using encryption to disguise their e-mails but their voices, too, Attorney General Janet Reno told a presidential panel on terrorism last year, headed by former CIA director John Deutsch. Encryption programs also can scramble telephone conversations when the phones are plugged into a computer.

"In the future, we may tap a conversation in which the terrorist discusses the location of a bomb soon to go off, but we will be unable to prevent the terrorist act when we cannot understand the conversation," Reno said.

Here's how it works: Each image, whether a picture or a map, is created by a series of dots. Inside the dots are a string of letters and numbers that computers read to create the image. A coded message or another image can be hidden in those letters and numbers.

They're hidden using free encryption Internet programs set up by privacy advocacy groups. The programs scramble the messages or pictures into existing images. The images can only be unlocked using a "private key," or code, selected by the recipient, experts add. Otherwise, they're impossible to see or read.

"You very well could have a photograph and image with the time and information of an attack sitting on your computer, and you would never know it," Venzke says. "It will look no different than a photograph exchanged between two friends or family members."

U.S. officials concede it's difficult to intercept, let alone find, encrypted messages and images on the Internet's estimated 28 billion images and 2 billion Web sites.

Even if they find it, the encrypted message or image is impossible to read without cracking the encryption's code. A senior Defense Department mathematician says cracking a code often requires lots of time and the use of a government supercomputer.

It's no wonder the FBI wants all encryption programs to file what amounts to a "master key" with a federal authority that would allow them, with a judge's permission, to decrypt a code in a case of national security. But civil liberties groups, which offer encryption programs on the Web to further privacy, have vowed to fight it.

Officials say the Internet has become the modern version of the "dead drop," a slang term describing the location where Cold War-era spies left maps, pictures and other information.

But unlike the "dead drop," the Internet, U.S. officials say, is proving to be a much more secure way to conduct clandestine warfare.

"Who ever thought that sending encrypted streams of data across the Internet could produce a map on the other end saying 'this is where your target is' or 'here's how to kill them'?" says Paul Beaver, spokesman for Jane's Defense Weekly in London, which reports on defense and cyberterrorism issues. "And who ever thought it could be done with near perfect security? The Internet has proven to be a boon for terrorists."


原始新聞連結 / Original Link
Terrorist instructions hidden online



02/05/2001 - Updated 05:22 PM ET
By Jack Kelley

WASHINGTON — Osama bin Laden and other Muslim extremists are posting encrypted, or scrambled, photographs and messages on popular Web sites and using them to plan terrorist activities against the United States and its allies, U.S. officials say. The officials say bin Laden and his associates are using the Internet to conduct what some are calling "e-jihad," or holy war. Bin Laden, a dissident Saudi businessman, has been indicted for the 1998 bombing of two U.S. embassies in East Africa and is believed to be responsible for last fall's bombing of the USS Cole in Yemen. Four alleged bin Laden associates went on trial Monday in federal court in New York for the embassy bombings. "To a greater and greater degree, terrorist groups, including Hezbollah, Hamas, and bin Laden's al Qaida group, are using computerized files, e-mail, and encryption to support their operations," CIA Director George Tenet wrote last March to the Senate Foreign Relations Committee. The testimony, at a closed-door hearing, was later made public.

Through weeks of interviews with U.S. law-enforcement officials and experts, USA TODAY has learned new details of how extremists hide maps and photographs of terrorist targets — and post instructions for terrorist activities — on sports chat rooms, pornographic bulletin boards and other popular Web sites. Citing security concerns, officials declined to name the sites. Experts say it's difficult for law enforcement to intercept the messages.

"It's something the intelligence, law-enforcement and military communities are really struggling to deal with," says Ben Venzke, special projects director for iDEFENSE, a cyberintelligence company.

Officials and experts say the Internet is a new form of the "dead drop," a Cold War-era term for where spies left information. Officials and experts say the messages are scrambled using free encryption programs set up by groups that advocate privacy on the Internet. Those same programs also can hide maps and photographs in an existing image on selected Web sites. The e-mails and images can only be decrypted using a "private key" or code, selected by the recipient .

"The operational details and future targets, in many cases, are hidden in plain view on the Internet," Venzke says. "Only the members of the terrorist organizations, knowing the hidden signals, are able to extract the information."

Officials say bin Laden began using encryption five years ago, but recently increased its use after U.S. officials revealed they were tapping his satellite telephone calls in Afghanistan and tracking his activities.

"We will use whatever tools we can — e-mails, the Internet — to facilitate jihad against the (Israeli) occupiers and their supporters," Sheik Ahmed Yassin, the founder of the militant Muslim group Hamas said in a recent interview in the Gaza Strip. "We have the best minds working with us."

Sunday, December 14, 2008

Defending Against Statistical Steganalysis (part 3)

本篇文章延續 part 2 的討論, 將焦點鎖定在 Section 7 Analysis, 一篇完整的論文, 一定要從各方面去分析所提出的方法, 是否禁得起各方面的考驗。

作者首先交代實驗的影像來源為何?
To evaluate our correction algorithm, we embedded data into 54 pictures taken with a Fuji MX-1700 digital camera around Ann, Arbor, Michigan. The sizes of images is 640*480 pixels.


將照片從數位相機下載到電腦後, 作者設定壓縮品質參數為 75, 將影像重新壓縮, 用來模擬沒有嵌入任何機密訊息的影像。

這組影像中, 可用來嵌入機密訊息的 DCT 係數, 平均為 46,000 個, 最低為 30,000 個, 最高為 97,000。每一個 DCT 係數則提供了一個冗餘位元。 在還沒嵌入機密訊息之前, 作者注意到這些冗餘位元具有較多的 1 (a strong correlation toward one):
On average 63.8% of all the bits are set with a standard derivation of 3.4% between images.
接著, 作者將 Lewis Carroll (愛麗絲夢遊仙境 作者)所著的 "The Hunting of the Snark" 第一章內容 壓縮, 得到 14,700 位元的機密訊息。


Figure 7: Comparison between unmodified images, images with data embedded but without ststistical corrections, and finally images with data embedded plus statistical corrections.

Figure 7 顯示只針對冗餘位元運算的簡單統計結果。針對一個完全隨機, 8 位元大小的資料來源做 Maurer test 的實驗結果是 7.184。在沒有使用校正轉換 (No corrections) 的情況下, 我們注意到 entropy 是從 6.732±0.233 增加到 6.976±0.168, 在 One-Correlation 方面, 也是從 63.41%±3.50% 減少到 59.10%±3.19%; 然而, 當使用校正(Corrections)時, 不管是 One-Correlation 還是 Maurer test, 實驗結果都非常接近沒有嵌入機密訊息的 unmodified images。若僅僅針對那些具備 a priori estimate 的影像實驗, 作者注意到使用校正的實驗結果, 不管是 One-Correction 還是 Maurer test, 實驗結果都更接近未嵌入機密訊息的原始影像。因此, 可以知道使用簡單的統計測試是偵測不到機密訊息的。


Figure 8: The extended Chi-square test detects the embedding for image that has no statistical corrections. Our naive correction is even more detectable. However, an image that receives the proper statistical correction can not be distinguished from an unmodified image.

接下來, 作者要討論的對象是 DCT 係數直方圖 (DCT frequency histogram)。作者指出在使用校正功能的情況下, 將直方圖直接畫出來是無法注意到和原始影像的差別的。Figure 8 則顯示出針對 extended Chi-square test 的實驗結果, 作者指出使用 Algorithm 1 做校正, extended Chi-square test 在影像的每一部分所計算出的嵌入機率(probability of embedding)都是接近 0 的。

Back to: Defending Against Statistical Steganalysis (part 1)
Back to: Defending Against Statistical Steganalysis (part 2)


Niels Provos, "Defending Against Statistical Steganalysis,"10th USENIX Security Symposium, August 13-17, 2001.

Thursday, December 04, 2008

Defending Against Statistical Steganalysis (part 2)

本篇文章延續 part 1 的討論, 將焦點鎖定在 Section 6 Correcting Statistical Deviations, 探討 OutGuess 0.2 是如何做到將掩護影像(cover-images) 的直方圖特性保留在偽裝影像(stego-images) 之中。

part 1 的討論, 我們知道 OutGuess 0.2 並沒有把所有的冗餘位元(redundant bits) 都拿來作為機密訊息嵌入之用。在 Selection process 中, 最多只允許一半的冗餘位元放置機密訊息。

隱藏學這個研究領域有一項要特別注意的就是: 通常我們並不知道將來對手會用什麼的統計測試(statistical tests) 來偵測機密訊息是否被嵌入到媒體之中。假設我們已經知道一些特定的攻擊手法, 自然就可以事先防範, 同樣用一些冗餘位元來將這些因為嵌入動作而產生的統計偏差(statistical deviation) 給修正回來。

作者首先考量的是 one-correlation 和 Maurer test。作者在本篇論文 Section 1 Introduction 中曾提及:
For example, ones and zeros are equally likely in a message that has been encrypted. However, the redundant data being replaced might have a strong correction towards either zero or one. Embedding the encrypted message weakens that correction.
Maurer test 則是一個用來測試所產生的二元亂數資料是否符合良好亂數的規範的工具 (Ueli M. Maurer, "A Universal Statistical Test for Random Bit Generators," Journal of Cryptography, Vol. 5, pp 89-105, 1992 )。基本上, 當有一個冗餘位元從 0 被改成 1, 作者便嘗試在附近找到另一個冗餘位元將其從 1 改成 0, 這樣做的優點是可以避免增加冗餘位元的亂度(entropy), 確保機密訊息無法從這種統計方式偵測出來。然而, 使用上述的方法, 針對 JPEG 影像, 會使得 DCT 係數直方圖走樣(distortion), 如 Figure 5 中的 DCT 係數 -2 與 -1 比 Figure 3 更接近, DCT 係數 2 與 3 則幾乎相同。


Figure 5: The naive statistical corrections cause the frequency of adjacent DCT coefficients to be equalized. It is immediately evident that the image is modified.

要避免 DCT 係數直方圖走樣的情況發生, 勢必要進行其他的校正(correction)工作來維持住 DCT 係數的分布。舉例來說, 如果要嵌入機密訊息到第 j-th 個 DCT 係數, 令這個係數值為 DCT(j), 假設 DCT(j) = 2i, 那這個 DCT 係數就會被改成 2i+1。要校正這個嵌入動作所產生的走樣, 就要在臨近位置找一個 DCT 係數, 其值剛好為 2i+1, 然後將其值改成 2i。令所找到的這個位置為 k, 那麼 DCT(k) 將由 2i+1 改變成 2i。如果在每一個改變原值的嵌入動作後, 就立刻執行這項校正工作, 那所產生偽裝影像的 DCT 係數直方圖將與原始的掩護影像一模一樣。

再者, 校正轉換(correcting transform) 基本上就是要保持所有的 DCT 係數 (即 frequency counts) 維持不變。因此, 以 frequency counts 為基礎的統計方式是無法偵測出原始媒體與偽裝媒體之間的差異的。

令 f 表示在直方圖中的一個 frequency count, 而 g 為其相鄰的 frequency count, 在不失其一般性的情況下, 令 f > g。令 α 表示冗餘位元用於嵌入機密訊息的比例。在嵌入機密訊息後, frequency count 變成:
f* = f - α ( f - g ) / 2 ,
g* = g + α ( f - g ) / 2 .
我們知道當嵌入量 α 為 0% 時, f 與 g 之間的差距為 ( f - g ), 當 α 越來越大時, f* 與 g* 會越來越接近, 當 α 達到 100% 時, 則
f* = f - ( f - g ) / 2 = ( f + g ) / 2 ,
g* = g + ( f - g ) / 2 = ( g + f ) / 2 .
換句話說, 當全部的冗餘位元都拿來做為嵌入機密訊息之用時, f* = g* = ( g + f ) / 2.

OutGuess 為了維持 DCT 係數直方圖不變, 必須保留足夠的冗餘位元可以在嵌入機密訊息後, 做為校正轉換之用, 因此底下的式子必須成立:
(1- α ) g ≥ α ( f - g) /2
上述式子可以化簡得到 α 的預先估計值(a priori estimate), 做為嵌入機密訊息時的參考:
α ≤ 2 g / (f + g)
給定一個機密訊息, 我們可以使用這個估計值來選擇一個用有足夠冗餘位元來保持原始 frequency counts 的掩護影像。有趣的是, 擁有更多 DCT 係數的影像, 並不代表擁有更多可供嵌入機密訊息的冗餘位元, Figure 6 說明了此一現象。Figure 6 中的每一個圈圈代表一個影像, 橫軸表示其擁有的 DCT 係數的總數, 總軸表示經過上述公式計算後, 所得到可以用來嵌入機密訊息的比例(fraction)。


Figure 6: The fraction of the DCT coefficients that can be used for data hiding does not increase linearly for images with more coefficients.

作者希望提出的校正轉換(correcting transform) 能夠具備下列兩個需求(requirements):
1. For any part of the image, the distribution of the DCT coefficients should be similar to the unmodified image.

2. The number of corrections necessary to preserve statistical properties should be small.
仔細剖析這兩個需求, 要同時達到最佳狀況是不可能的。因為如果要讓第二個需求 - 校正個數達到最小, 就要先分析整體的嵌入狀況, 再著手校正所產生整體誤差, 在這種情況下, 很可能發生某些部分影像 DCT 係數的分布, 無法跟原始分布一樣。換句話說, 要做到任何部分影像的 DCT 係數分布和原始分布一樣, 就必須在這個部分影像中, 立即把嵌入機密訊息的走樣修正回來。如此, 就不可能使校正數目達到最小。作者針對這個問題, 提出一個妥協的方法, 為每個頻率(frequency) 定義了一個臨界值 (threshold), 來表示該 frequency count 可容忍的誤差值。


Algorithm 1: This transform preserves the statistical properties of an JPEG image. It keeps track of differences in the frequency counts between original and stego medium. If the differences exceed a certain threshold, the frequency count is adjusted.

作者宣稱 Algorithm 1 可以滿足上述兩項需求。Algorithm 1 是在整個機密訊息嵌入完成之後, 才開始執行校正的。在論文中, Algorithm 1 註記了 5 個標記, 我們在此分別說明這些關鍵步驟:
標記 1 : 從原始掩護影像中, 計算 DCT 頻率的直方圖, 並將之存放於陣列 N 之中。

標記 2 : 決定每一個頻率可容忍的誤差值, 並將之存放於陣列 N* 之中。
    計算方式如下:
    k ← number of coefficients in image;
    α← 0.03 * 5000 / k ;
    N*(i) = α * N(i);
    用陣列 N error 記錄每個 DCT 係數目前的累積誤差。
    Nerror (i) ← 0;

標記 3 : AdjDCT ← DCT(i) ⊕ 1;
Algorithm 1 針對每一個可供嵌入的位置, 從影像的開端開始處理, 如果找到一個 DCT 係數遭到修改, 他並不會直接就去想辦法校正回來, 而是看看這個修改是否已經超出可容忍的程度, 如果只是就先去看看與其配對的 DCT 係數 AdjDCT (標記 3) 是否也存在誤差值, 如果也存在誤差值 (標記 4), 那就正好可以抵銷, 不需另外做修正, 以滿足第二個需求 - 校正越少越好。如果 AdjDCT 並不存在誤差值, 再加上本身的誤差尚未超出容忍值 (標記 5), 則暫時先不做校正動作, 僅是累計其誤差值 increment Nerror [DCT(i)]。如果誤差已經超出容忍值 N*[DCT(i)] 了, 為了滿足第一項需求, 必須要立即執行校正程序: 在附近找到配對的係數修正回來, 也就是執行 Algorithm 2: exchDCT(i, DCT(i)); 如果找不到配對的係數, 則記錄其誤差, 留待最後階段再一起做大範圍 (從影像末端 k, 開始往前找) 的校正工作。

如果想要更進一步了解 Algorithm 1 中 threshold frequencies 作用的讀者, 可以嘗試將 α 值先設定為 0, 觀察執行情形, 然後將 α 值先設定為 1, 再觀察其變化, 應該就能比較了解 α 所扮演的角色。


Algorithm 2: Find a specific DCT coefficient and change it to its adjacent DCT coefficient.

Algorithm 1 在兩種情況下會呼叫 Function exchDCT() 進行實際校正的動作:

1. 當累積的誤差 Nerror 已經超過可容任的範圍, 則會立即進行校正動作, 以免累機誤差太大, 不符合需求 1。
If the number of errors for the coefficient, Nerror[DCT(i)], can be incremented without exceeding its threshold value. If another increment is possible, we continue with the next modification. Otherwise, we have to correct the current modification in the image. The exchDCT algorithm is responsible for that.
2. 最後階段, 進行大範圍的搜尋, 將所有的誤差都校正回來。雖然, 並不是所有的誤差都可以校正回來, 但只要能夠將大部分的誤差都校正回來, 就不會被偵測出來。
After all modifications have been examined, we need to correct all remaining errors. Not all the corrections might be possible. However, if we are able to correct most of the errors, changes in the histogram are not detectable.
 
Back to: Defending Against Statistical Steganalysis (part 1)
Go to: Defending Against Statistical Steganalysis (part 3)


Niels Provos, "Defending Against Statistical Steganalysis,"10th USENIX Security Symposium, August 13-17, 2001.
 

Saturday, November 01, 2008

Paper: Detecting Low Embedding Rates


Author: Andreas Westfeld

Information Hiding Workshop 2002 (IHW 2002)
Noordwijkerhout, The Netherlands, 7–9 October 2002

Springer-Verlag Berlin Heidelberg,
LNCS 2578, pp. 324–339, 2003.



Abstract

This paper shows three approaches for detecting steganograms with low change density. MP3Stego is a steganographic algorithm with a very low embedding rate. The attack presented here is a statistical analysis of block sizes. It is able to detect 0.001 % of steganographic payload in MP3 files. The second approach is the use of hash functions to combine sample categories for the chi-square attack. One of these hash functions enables us to detect about 0.2 bits per pixel in true colour images. Another algorithm (Hide) was presented at the last workshop and constructed to be secure against visual and statistical chi-square attacks. The detection method for Hide combines the three colour components of each pixel to recognise an increased number of "neighbour colours".

From StegoRN



這篇論文提出三個偵測低嵌入量(改變量)的隱藏分析技術:

1. 針對 MP3Stego -
分析 MP3 檔案中, 每一個 block 的大小, 透過統計的方式找到一般 MP3 檔案不會出現的特徵, 藉此判定是否被 MP3Stego 這個隱藏工具嵌入機密訊息。實驗結果顯示, 當嵌入量為 MP3 檔案所能提供嵌入量的 0.001% 時, 此論文所提出的方法就可以辨識出來。

2. 提升卡方攻擊法(Chi-Square Attack)的偵測能力
第二個技術是透過雜湊函數(hash function) 整合樣本分群(sample category), 然後再使用原來的卡方攻擊法分析。本論文提到透過某種雜湊函數確實可以使卡方攻擊法偵測出儘含有 0.2 bpp 的彩色影像(true color image)。

3. 針對 Hide
Hide 是 IHW 2001 所提出來的隱藏軟體, 其使用的 LSB Matching 的技術可以抵抗卡方攻擊法的分析。這篇論文透過觀察每個色彩的臨色總數(the number of neighbor colors), 發現嵌有機密訊息的影像, 臨色總數明顯增加許多。

From StegoRN

From StegoRN

From StegoRN

Monday, October 27, 2008

An Advanced Least-Significant-Bit Embedding Scheme for Steganographic Encoding

Authors: Yeuan-Kuen Lee, Graeme Bell, Shih-Yu Huang, Ran-Zan Wang and Shyong Jian Shyu

The 3rd Pacific-Rim Symposium on Image and Video Technology ( PSIVT 2009 )
Tokyo, Japan, January 13th - 16th, 2009
Official Website: http://psivt2009.nii.ac.jp/

Abstract

The advantages of Least-Significant-Bit (LSB) steganographic data embedding are that it is simple to understand, easy to implement, and it results in stego-images that contain hidden data yet appear to be of high visual fidelity. However, it can be shown that under certain conditions, LSB embedding is not secure at all. The fatal drawback of LSB embedding is the existence of detectable artifacts in the form of pairs of values (PoVs). The goals of this paper are to present a theoretic analysis of PoVs and to propose an advanced LSB embedding scheme that possesses the advantages of LSB embedding suggested above, but which also provides an additional level of communication security. The proposed scheme breaks the regular pattern of PoVs in the histogram domain, increasing the difficulty of steganalysis and thereby raising the level of security. The experimental results show that both the Chi-square index and RS index are less than 0.1, i.e., the hidden message is undetectable by the well-known Chi-square and RS steganalysis attacks.



這篇就是我們即將在 PSIVT 2009 發表的論文, 其實內容就是 95 學年度 國科會計畫 的結案報告改寫成論文發表。

國科會計畫編號: NSC 95-2221-E-130-014
最低位元嵌入法的修正模型與安全分析
A Modified LSB Embedding Scheme of Steganography and its Security Analysis
執行期間: 2006/08/01 ~ 2007/10/31
計劃書中文摘要下載:

Comments of Reviewer 1

SUMMARY AND CONTRIBUTIONS: This paper proposed an improved LSB steganographic method. The contribution is that both the Chi-square and RS steganalysis attacks can be resisted.
OVERALL EVALUATION: 7 (strong accept)

COMMENTS ON OVERALL EVALUATION: LSB-basd embedding methods seem to be impractical because an image is usually compressed before transmission.
ORIGINALITY: 3 (moderately original)
REFERENCE TO PRIOR WORK: 4 (excellent reference to prior work)
RELEVANCE/IMPORTANCE TO PSIVT: 3 (of sufficient interest)
CLARITY OF PRESENTATION: 3 (is clear enough)
TECHNICAL CORRECTNESS: 3 (probably correct)
EXPERIMENTAL EVALUATION: 4 (sufficient evaluation or theoretical paper)

Comments of Reviewer 2

SUMMARY AND CONTRIBUTIONS: The author(s) of this paper touch(es) on the simplicity of least significant bit (LSB) embedding and highlight(s) its weakness in the form of pairs of values (PoVs) as steganographic encoding artifacts. A new technique using pseudorandom number generator (PRNG) is employed in an algorithm to modify the method of embedding the secret message bits in the LSB of the target image. This method breaks the correlation between the frequency of these pairs of values commonly caused by LSB embedding. The result of the paper is promising and shows resistance to both the Chi-square and RS steganalysis attacks.

OVERALL EVALUATION:
7 (strong accept)

COMMENTS ON OVERALL EVALUATION: This paper establishes a good model for analysing the effect of PoVs and ventures from there to find a method to avoid the pitfalls of LSB embedding by captilising on the property of pseudorandom number generator. The proposed algorithm effectively prevents successful attacks from both Chi-square and RS steganalysis.

ORIGINALITY:
4 (very original)
REFERENCE TO PRIOR WORK: 3 (references adequate)
RELEVANCE/IMPORTANCE TO PSIVT: 3 (of sufficient interest)
CLARITY OF PRESENTATION: 4 (easy to read)
TECHNICAL CORRECTNESS: 3 (probably correct)
EXPERIMENTAL EVALUATION: 4 (sufficient evaluation or theoretical paper)

Comments of Reviewer 3

SUMMARY AND CONTRIBUTIONS: The Least-significant-bit embedding method is well-known technique in data embedding field, however, this paper proposes an advanced LSB embedding method to improve the lack of traditional LSB embedded method. And the experimental results are enough to verify the goals. The paper is esay to read and understand.

OVERALL EVALUATION:
6 (accept)

COMMENTS ON OVERALL EVALUATION: This system is valuable to data embeddubg scheme.

ORIGINALITY: 3 (moderately original)
REFERENCE TO PRIOR WORK: 3 (excellent reference to prior work)
RELEVANCE/IMPORTANCE TO PSIVT: 3 (of sufficient interest)
CLARITY OF PRESENTATION: 4 (references adequate)
TECHNICAL CORRECTNESS: 3 (probably correct)
EXPERIMENTAL EVALUATION: 4 (sufficient evaluation or theoretical paper)

Comments of Reviewer 4

SUMMARY AND CONTRIBUTIONS: The paper describes a known weakness of LSB embedding, and proposes two counter measures.

OVERALL EVALUATION:
4 (borderline)

COMMENTS ON OVERALL EVALUATION:
The main idea is simple and interesting. However, there are many methods proposed in the past few years and I'm not sure whether the method described here have been studied before. Furthermore, there is a problem with the boundary cases, pixels with value 0 and 255. Using the proposed method will create artifacts that look like salt and pepper noise.

ORIGINALITY: 2 (minor originality)
REFERENCE TO PRIOR WORK: 3 (refer)
RELEVANCE/IMPORTANCE TO PSIVT: 3 (of sufficient interest)
CLARITY OF PRESENTATION: 3 (is clear enough)
TECHNICAL CORRECTNESS: 3 (probably correct)
EXPERIMENTAL EVALUATION: 4 (sufficient evaluation or theoretical paper)

PSIVT 2009 received 247 submissions, and accepted 40 papers for oral presentations and 58 for poster presentations. The acceptance rate is slightly less than 40%.
 

Monday, October 06, 2008

Message from PSIVT 2009

10月3日終於接到來自 PSIVT 2009 的消息, 接受了我們投稿的論文。可以開始著手準備前往東京了。

Dear Yeuan-Kuen Lee,

We wish to congratulate you on the acceptance of your submission with paper ID: 154 as an oral presentation in the PSIVT2009 program. Review comments for your paper are now available in the papers management system: https://cmt.research.microsoft.com/PSIVT2009.

The camera-ready paper deadline is on 17 October 2008, and paper preparation instructions can be found at http://psivt2009.nii.ac.jp/node/39. Please note that for your paper to be published in this conference, the camera-ready paper must be received by the deadline, and one of the authors must register for the conference by this deadline as well.

We are looking forward to the presentation of your paper in PSIVT2009.

Best regards,
PSIVT2009 Program Committee

Wednesday, September 24, 2008

Bivariate Distribution & Marginal Distribution

Bivariate Distribution 顧名思義就是具有兩個隨機變數的分配。

From StegoRN

貓頭鷹出版社 所出版的 統計學辭典 中, 舉的例子非常容易理解: 特定構造與型示的二手車。一般來說, 對有興趣的買主來說, 二手汽車有兩個令人感興趣且容易測量的變數: 車齡 里程數

假設有一家二手車行購進了同一樣式的二手車 30 輛, 車行就可以將其依車子的使用年齡和行駛里程數製成一個二變量次數表。換句話說, 就是列出一個二維表格, 一維是車齡, 另一維是里程數, 表中統計符合條件的車輛數。例如: 使用 2-3 年, 行駛 4-5 萬英里的車子有 2 輛。在這個例子中, 兩個變數並不是相互獨立的, 較舊的車通常行駛較長的距離。

From StegoRN

如果表中所使用的是機率, 那就是一個 二變量機率分布 (bivariate probability distribution), 在二變量分配表上, 分別做行相加, 或列相加的動作, 所得出的分配就稱為 邊際分配 (marginal distribution)

在二手車的例子中, 邊際分配為:
里程數  0-10 10-20 20-30 30-40 40-50 50-60 60-70 70-80
車輛數  1   2   2   3   7   6   6   3

車 齡  0 - 1   1 - 2   2 - 3   3 - 4   4 - 5   5 - 6   6 - 7   7 - 8
車輛數  3   2   7   9   3   3   1   2

維基百科中的 聯合分布 ( joint probability distribution ) 條目的說明, 其實和這邊的 Bivariate Distribution 的解釋是差不多的, 指的應該就是同樣的東西。

Tuesday, September 23, 2008

Feature-Based Steganalysis for JPEG Images and Its Implications for Future Design of Steganographic Schemes


Author: Jessica Fridrich

Information Hiding Workshop 2004
Toronto, Ontario, Canada
23 - 25, May, 2004

Lecture Notes in Computer Science, Vol. 3200



Abstract

In this paper, we introduce a new feature-based steganalytic method for JPEG images and use it as a benchmark for comparing JPEG steganographic algorithms and evaluating their embedding mechanisms. The detection method is a linear classifier trained on feature vectors corresponding to cover and stego images. In contrast to previous blind approaches, the features are calculated as an L1 norm of the difference between a specific macroscopic functional calculated from the stego image and the same functional obtained from a decompressed, cropped, and recompressed stego image. The functionals are built from marginal and joint statistics of DCT coefficients. Because the features are calculated directly from DCT coefficients, conclusions can be drawn about the impact of embedding modifications on detectability. Three different steganographic paradigms are tested and compared. Experimental results reveal new facts about current steganographic methods for JPEGs and new design principles for more secure JPEG steganography.

Monday, September 08, 2008

WCE 2008

2008/07/02

World Congress on Engineering (WCE) 每年都在 Imperial College, London 舉辦, 底下聯合了 15 個不同領域的研討會, 今年我們一行人投稿了兩篇論文, 一篇屬於 ICISIE'08, 由元智資工系王任瓚教授在 07/02 早上場次報告; 另一篇則是屬於 ICSIE'08, 由黃世育教授在 07/02 下午場次報告。


Imperial College, London
 

Imperial College, London

很幸運地, 出了地鐵站, 就遇見了已經在 WCE 2008 奮鬥了一個早上的三位教授。王任瓚教授已經報告完了, 所以一臉輕鬆。進入會場後, 我們先找個合適的地方留影,  


(left to right) Prof. Ran-Zan Wang, Prof. Shih-Yu Huang, Prof. Graeme Bell and I.
WCE 2008, Imperial College, London


Prof. Graeme Bell and I.
WCE 2008, Imperial College, London


Prof. Ran-Zan Wang and I.
WCE 2008, Imperial College, London


WCE 2008, Imperial College, London

最辛苦的兩位教授, 王任瓚教授已經報告完了, 所以一臉輕鬆。


Prof. Ran-Zan Wang and Prof. Shih-Yu Huang,
WCE 2008, Imperial College, London

會場提供的杯子是 IKEA 的 ... 便宜, 環保, 又非常好看!


Prof. Graeme Bell and Prof. Ran-Zan Wang
WCE 2008, Imperial College, London

這位學者看到我拿 Nikon D70 相機, 就跑來和我們閒聊 ...


WCE 2008, Imperial College, London

黃世育教授上台報告, ...


Prof. Shih-Yu Huang, WCE 2008, Imperial College, London


WCE 2008, Imperial College, London

看到窗外的大樹, 突然覺得可以在這邊上課是很幸福的 ...


Big trees outside the windows,
WCE 2008, Imperial College, London


贊助書商擺的攤子...


WCE 2008, Imperial College, London


WCE 2008, Imperial College, London


WCE 2008, Imperial College, London
 

Sunday, August 31, 2008

An Implementation of Key-Based Digital Signal Steganography

Author: Toby Sharp

Information Hiding Workshop 2001
Pittsburgh, PA, USA, April 25–27, 2001

Spring LNCS 2137, pp. 13-26, 2001

Abstract
A real-life requirement motivated this case study of secure covert communication. An independently researched process is described in detail with an emphasis on implementation issues regarding digital images. A scheme using stego keys to create pseudorandom sample sequences is developed. Issues relating to using digital signals for steganography are explored. The terms modified remainder and unmodified remainder are defined. Possible attacks are considered in detail from passive wardens and methods of defeating such attacks are suggested. Software implementing the new ideas is introduced, which has been successfully developed, deployed and used for several years without detection.

在談論這篇論文所使用的嵌入技術之前, 必須要先弄清楚 Pseudo-Random Sequence Generator 的運作方式。作者運用一個 Linear Feedback Shift Register (LFSR) 及使用傳訊者(sender) 和接收者(receiver) 所共同擁有的 stego-key 來建立與初始化這個 LFSR, 產生一連串的擬隨機序列。

使用 LFSR 所產生的擬隨機序列, 就可以決定要將訊息嵌入到 cover signal 的哪些 samples 之中, 作者稱造訪次序(visiting order) 為 sample sequence。假設 cover signal 一共有 P 個 samples, 令 t = log2(P), 因此我們就可以用 LFSR 所產生的 t 個位元來代表一個數字 k , 所以, 下一個要造訪的就是第 k 個 sample。作者在論文中還提到: 如果已經嵌入 x 位元, 剩下 (P-x) samples, 因此只要使用 t' = log2(P-x) 個擬隨機位元就可以決定下一個要造訪的 sample 了。

由上面的討論我們知道 sample sequence 是和 stego-key 值相關的, stego-key 不同, 所造訪的次序就不相同。除了和 stego-key 相關, 為了讓 sample sequence 也與 cover signal 及 embedded data相關, 作者還將所造訪的 sample value 的 Most significant Bit (MSB) 及 Least Significant Bit (LSB) 分別取出, 做為下一個擬隨機次序的前兩個位元。 而 MSB 所代表的就是 sample value, LSB 所代表的就是 embedded data。

這篇論文最重要的核心嵌入技術描述在 p. 15 的最後一段:
When a sample is visited, its data value is modified so that its least significant bit (LSB) is equal to the next bit of the secret data. The LSBs are not simply replaced; instead the whole sample value is incremented or decremented if the LSBs differ. This avoids the "pairs of values" statistical attack introduced in [9]. At each sample, one operation bit is taken from the generator and, if required, is used to determine whether to increment or decrement the sample value.
很可惜地, 論文中提到的隱藏工具 Hide, 網路上已經找不到下載點了。A. WestfeldIHW 2002 年所提出的論文 "Detecting Low Embedding Rates" 中有一張執行的初始畫面(Fig. 6),

 
在本篇論文的 Fig.4 則是展示使用者介面。 
 
 

Monday, August 11, 2008

Steganography in Cuil

From StegoRN

今天在 天下知識網Podcasting 聽到一篇文章 "為什麼全世界媒體都在報導這個網站?" 原來在介紹一個新的搜尋引擎 Cuil,...



我特地搜尋了 steganography 這個關鍵字, 搜尋結果的頁面排版還包含相關圖片, 感覺還真的不錯。仔細看搜尋結果, 包含的範圍似乎還蠻廣的, 各代表類型都有, 大家可以去試試看。

Sunday, August 03, 2008

LaTeX

由於 PSIVT 2009 並不鼓勵使用 MS Word 排版論文投稿, 因此我們開始準備將論文用 LaTeX 來編輯。雖然, 自己還在當博士生的時代, 曾經用 LaTex 寫過論文, 不過至少也是 6 年多前的陳年舊事了。以前用的系統, 早就老舊不堪, 也換了電腦。因此, 兩天前我開始在網路上搜尋, 準備重新建立 LaTex 的論文編輯環境。

最早搜尋到的一篇正體中文文章是我們互動媒體實驗室的新成員 小葉老師 在博士生時代 (2003) 所寫的 LaTeX 快速入門教學, 小葉老師推薦 WinShell + MiKTeX, 因此, 問題解決了一半, 直接上網搜尋這兩個套裝軟體的相關訊息, 開始研究。

以下是一些會使用到的相關軟體的網站:

MiKTeX is an up-to-date TeX implementation for the Windows operating system...

WinShell is a free multilingual integrated development environment (IDE) for LaTeX and TeX...

Ghostscript, Ghostview and GSview

CTAN: the Comprehensive TeX Archive Network



網路上還有一些寫得很不錯的中文文章, 值得推薦給大家:

1. 大家來學 LaTeX , by 李果正 Edward G.J. Lee

2. tw.bbs.comp.tex FAQ

PSIVT 2009: The 3rd Pacific-Rim Symposium on Image and Video Technology 2009

The 3rd Pacific-Rim Symposium on Image and Video Technology 2009
Tokyo, Japan, January 13th - 16th, 2009
Official Website: http://psivt2009.nii.ac.jp/

PSIVT 2009 is the continuation of a series of successful events in Hsinchu, Taiwan in 2006 and Santiago, Chile in 2007.
The symposium provides a forum for presenting and exploring the newest research and development in image and video technology by discussing the possibilities and directions in this field, and a place where both academic research and industrial activities are presented and meet for mutual benefit.

Main Themes
1. Image Sensors and Multimedia Hardware
2. Graphics and Visualization
3. Image and Video Analysis
4. Recognition and Retrieval
5. Multi-view Imaging and Processing
6. Computer Vision Applications
7. Video Communications and Networking
8. Multimedia Processing
 Image and video watermarking, steganalysis, steganography,
 multimedia content analysis, multimedia feature extraction, etc.

Important Dates:
Submission Deadline: August 11, 2008
Notification: September 22, 2008
Camera-ready Submission: beginning of October, 2008
Symposium: January 13–16, 2009

Call for papers

Sunday, March 30, 2008

Defending Against Statistical Steganalysis (part 1)

N. Provos10th USENIX Security Symposium, August 13-17, 2001 發表了 "Defending Against Statistical Steganalysis" 這篇論文, 內容就是闡述 OutGuess 0.2 這個隱藏軟體是如何運作的。

本篇文章所要討論的主軸是論文中有關 OutGuess 核心技術的部分 - Section 3 。

Section 3 Embedding Process

作者將 embedding Process 切割成兩個獨立的步驟:

1. Identification of redundant bits.
Redundant bits can be modified without detectably degrading the cover medium.
作者指出所謂的冗餘位元(redundant bits) 就是經過修改也不會在掩護媒體中產生會被偵測出來的品質下降現象(degrading)。

2. The selection of bits
in which the hidden information should be placed.

切割成兩個步驟的好處是容易取代(easy replacement), 如果要將本篇論文提出的方法在別的資料格式中實作出來, 只要將 identification algorithm 換掉, 然後用新的選擇策略(selection strategy)即可。

Section 3.1 Identification of Redundant Bits

作者闡述了一個觀念, 用來嵌入機密訊息的冗餘位元通常和影像的儲存格式相關。整個嵌入程序自然也和輸出格式有關。通常壓縮程序也包含其中。要最小化對掩護媒體(cover-medium)的修改(modification), 必須具備有關冗餘位元的相關知識才做得到, 作者提到 OutGuess 實作了整個輸出影像的運算。
For example, the OutGuess system performs all operations involved in created the output object and saves the redundant bits encountered. For the JPEG image format, this might be the LSB of the discrete cosine transform coefficients.

Section 3.2 Selection of Bits

探討如何從影像的 redundant bits 中選取一些 bits 來嵌入機密訊息。OutGuess 是使用 RC4 串流加密器(stream cipher)對機密訊息加密, 同時也用 RC4 來建立一個 PRNG (pseudo-random number generator), 然後再將選定的 seed 餵進這個 PRNG 來選擇冗餘位元。

32 state bits = 16-bit seed + 16 bit integer
16-bit seed: 由於不同的 seeds 會選取不同的冗餘位元來作為嵌入機密訊息之用, 因此, 不同的 seeds 自然對原始影像造成的 change, 也會有所不同。當接收端(receiver)收到偽裝影像(stego-image)後, 必須知道當初所選定的 seed, 因此必須把這16-bit seed 也嵌入到掩護影像(cover-image) 之中。
16-bit integer: containing the length of the hidden message.

冗餘位元的選取方式是利用上述的 PRNG 來計算下一個 bit 的隨機距離(random offset) R i(x),

 b0 = 0,
 bi = bi-1 + Ri(x)  for i = 1, 2, ... , n

bi 表示第 i 個選取位元的位置, Ri(x) 表示與上個選取位元之間的隨機距離, 值介於 [1, x] 之間。x 為最大的間隔(interval), 這個值在每嵌入 8 個位元, 就會重新使用下列的公式重新計算, 目的就是讓所有的機密訊息可以分布到整個可以使用的位元中。

 interval = 2 * remaining redundant bits / remaining length of message.

用上述的方法來設定 interval, 會使得機密訊息的長度限制在 50% 嵌入空間之內。

Section 3.3 Beneficial Reseeding of the PRNG


談論如何靠著選擇不同的 seeds, 智慧地選擇不同的嵌入位置的子集合, 不但可以讓 changed bits 的總數降低, 而且使得嵌入行為較不容易被偵測出來 (Detectability is also used as a bios in the selection process.)。

由於掩護影像(cover-image)中的冗餘位元, 不是 1 就是 0, 加上要嵌入的資料先用 RC4 stream cipher 加密, 變成一串二元的隨機資料流(binary random stream), 將機密訊息嵌入到冗餘位元, 造成這些冗餘位元被改變的機率期望值為 0.5。因此, 統計學中的二元分布(binomial distribution)正好可以用來描述一般的 LSB 嵌入行為。

假設, 我們從冗餘位元之中, 將一個 seed 餵進 PRNG 選擇了 4430 個位元, 並將同樣長度的機密訊息嵌入其中, 便可以去計算此次嵌入動作一共改變了多少個 redundant bits。注意: 不同的 seed 餵進同一個 PRNG 將使得所選擇的嵌入位置不同。Figure 1 就是重複使用不同的 seeds 來統計這 4430 個redundant bits 被改變的總數, 累計其統計值所畫出來的結果。


Figure 1: Probability distribution of changed bits for different seeds compared to a binomial distribution with n=4430 and p=0.5.

不管是從 binomial distribution 公式推論, 或是從 Figure 1 中的實驗中, 我們都可以觀察到當我們選定一個 seed 時, changed bits 的個數是以 n/2 = 2215 的可能性(機率)最高, 不過, 還是存在一些 seeds 會使得 changed bits 的個數小於 2150。論文中是這樣討論的:
Picking a seed that represents the changed bits at the lower end of the binomial distribution allows us to reduce the number of bits that have to be changed; see Figure 1. It becomes harder to detect the modifications, as more of the hidden message is already naturally represented in the redundant bits.
除了降低修改之外, 可偵測性(detectability)也是 selection process 要考量的一個因素。
Detectability is also used as a bias in the selection process. The selector does not try to reduce only the number of changed bits but also the overall detectability. Whenever a bit has to be modified, its detectability will be added to a global bias. A higher accumulated bias reduces the likelihood that this specific embedding will be used.

Section 3.4 Choices with Coding Theory

作者在這邊提到 Coding Theory 的考量為使用 PRNG 去選擇冗餘位元就無可避免地選到
1. locked bits
2. bits with a high detectability
上述兩類冗餘位元是作者不想去更改的。因此, 作者想使用錯誤更正碼(error-correcting codes)來解決上述問題。

[n, k, d] coding 指的是長度為 k 位元的機密訊息(k-bit data block), 將被編碼成長度為 n 位元的編碼區塊(n-bit code block), 每個 code 之間的 Hamming distance 至少是 d, 假設 d = 2t + 1, 那麼這個編碼就具備了可以更正 t 個錯誤位元的能力。換句話說, n 個位元的編碼區塊之中, 如果發生 t 個位元的錯誤, 那麼使用解碼程序, 就可以偵測出哪 t 個位元發生錯誤, 進而更正回來, 因此原先的 k 位元的資料, 是可以完全解碼出來的。

將機密訊息用錯誤更正碼來編碼, 無疑也會增加要嵌入的長度。然而, 觀察整個嵌入過程獲知:
1. 有一半的資訊嵌入是不會改變到冗餘位元的 ( n / 2),
2. 可以有 t 個位元可以不用嵌入(更改冗餘位元)
因此, 假如
 ( n /2 ) - t = ( k / 2 )
成立, 那麼作者希望嵌入 n 位元的編碼區塊需要修改的位元數(上述式子的等號左邊)要和嵌入未經編碼的 k 位元的資料區塊需要更改的位元數(上述式子的等號右邊)相等。將上述式子通分得到 n -2t = k, 並將 d+1 = 2t 帶入可以得到
 d = n - k + 1,
剛好就是 MDS (maximum distance separable) code 的 Singleton bound。因此, 作者在這邊得到一個結論就是只要選擇 MDS codes, 就可以滿足上述作者期望的。

不幸地, 值得一提的(non-trivial)二元 MDS code 就只有重複碼(repetition code), 主要缺點就是編碼必須將資料重複 n 次, 因此, 重複碼僅使用在隱藏訊息很小的情況。

資料經過編碼後, 每個編碼區塊可以選擇 t 個位元不去修改冗餘位元。作者所使用的選擇策略是:
欲嵌入的位元與冗餘位元不同(conflict), 且冗餘位元先前已經被嵌入過資料, 被 locked bits 鎖住。

OutGuess 所使用的技術與 Ross J. Anderson and Fabien A. P. Petitcolas 發表在 Journal on Selected Areas in Communication, 16(4): 474-481, May, 1998 的論文 On the Limits of Steganography 中所建議的 parity encoding 相似。然而, 使用 error-correcting codes 的好處要比使用 parity encoding 多。透過選擇一種不是 MDS 的 code, 我們可以犧牲些許的嵌入容量(capacity) 而得到更高的安全性(security)。除此, 對照使用 parity encoding 必須 lock 住 n 個位元, 使用 error-correcting codes 則僅僅需要 lock 住 n-t 個位元。

Section 3.5 Plausible Deniability

為了嵌入機密訊息, 我們修改掩護媒體中的冗餘位元。這些冗餘位元可能存在一些我們沒有感知, 或是對手比我們了解的自然統計特質。假如嵌入程序改變了上述特質, 在這方面知識淵博的觀察者, 不用指出哪些特定位元被改變, 就可以推論出隱藏訊息是存在的。

偽裝媒體的創造者必須面對的是: 欲隱藏的通訊行為可能被揭露出來。然而, 我們假設觀察者僅僅可以確定的事實是掩護媒體被更改了。假如傳訊者嵌入多重訊息, 其中可以包含一份無害的訊息, 讓它和真正想要傳送的訊息(request)攪在一起, 然後宣稱沒有任何訊息隱藏在偽裝媒體之中, 偽裝媒體並沒有遭受破壞(沒有遭到修改, 換句話說就像原始掩護影像一樣, 沒有破壞原先存在的特質)。這就是所謂的似乎合理的可否認性(plausible deniability)

  

實際上, 整個 Section 3 所描述的技術已經隱含地支援上述所提到的似乎合理的可否認性。可以隱藏不只一份的訊息, 使用 locked bits 來避免先嵌入的訊息被後嵌入的訊息覆蓋掉。即使是與嵌入訊息的大小相關, 不與先前 locked 住的冗餘位元重疊的可能性是很小的, 在這種情況下, 使用 error-correcting codes 則是可以增加選擇的彈性。

Section 3.6 Hidden Message Determines Cover

針對特定的隱藏訊息, 可以在不同的掩護媒體中, 選擇一個機密訊息對掩護媒體本身影響較小(with minimal modification)的掩護媒體, 來嵌入機密訊息。這和 Section 3.3 中有關 binomial distribution 的系列討論是差不多的。

Go to: Defending Against Statistical Steganalysis (part 2)

Go to: Defending Against Statistical Steganalysis (part 3)

Niels Provos, "Defending Against Statistical Steganalysis,"10th USENIX Security Symposium, August 13-17, 2001.
 

Wednesday, March 19, 2008

The Difference between Conference and Workshop

昨天上課在討論時, 研究生問我 conference 和 workshop 有什麼不同? 我記得前幾個禮拜曾經在空中英語教室 chatroom 聽過這麼一段討論, 於是就把檔案找出來一起聽聽看。剛剛想到和黃世育老師規劃非資訊學院科系大二多媒體課程時, 有納入音訊檔的簡單處理, 黃老師建議使用 GoldWave , 於是就上網搜尋這個軟體下載, 想要把 chatroom 這一段單獨剪輯成一個檔案, 放在這邊給研究生分享。


Sunday, March 16, 2008

IHW 2008: Information Hiding Workshop 2008

Information Hiding Workshop 2008
Santa Barbara, California, USA,
May 19-21, 2008

For many years, information hiding has captured the imagination of researchers. Digital watermarking and steganography tools are used to address digital rights management, protect information, and conceal secrets. From an investigators perspective, information hiding provides an interesting challenge for digital forensic investigations and steganalysis techniques allows hidden information to be discovered. These are but a small number of related topics and issues. Current research themes include:

  * Watermarking (attacks, security, algorithms)
  * Anonymity and privacy
  * Steganography and steganalysis
  * Multimedia security
  * Other hiding domains (e.g. text, software, etc.)
  * Information assurance
  * Digital forensics
  * Covert/subliminal channels
  * Theoretical aspects of information hiding
  * Intrusion detection
  * Digital rights management
  * Novel technologies/applications

Continuing a successful series that brought together these closely linked research areas, the 10th Edition of Information Hiding (IH08) will be held in Santa Barbara, California.
Call for papers

Saturday, March 15, 2008

EDAS Conference Management System

要投稿到 ISC 2008, 必須透過 EDAS Conference Management System, 換句話說, 我們必須要先到 EDAS 註冊, 取得帳號後, 才能投稿論文。這兩天, 使用 EDAS 的感覺還不錯, 投稿時, 要求論文初稿上不能有作者的相關資料, 以維護審稿的公正性, 因此每一個作者也都必須要有 EDAS 帳號, 然後再用新增作者的功能加上去。

有許多研討會都是透過 EDAS 來投稿論文, 我上星期剛接觸到 EDAS 時, 在 EDAS 的網站看到許多可以投稿的研討會相關資訊, 那時候我就覺得透過這個系統中 Submit paper 功能, 看到原本分散在各處的研討會訊息被整合起來, 對每年都要參加研討會的學者來說, 應該是很不錯的管道。

Tuesday, March 11, 2008

Message from ISC 2008

今天中午收到來自 ISC 2008 的 mail, 說明目前投稿狀況, 台灣只有 8 篇, 真的是有點少, 希望大家多多投稿到 ISC 2008,...

收到的 mail 如下:

各位好,
TWISC 與資訊安全學會將於九月主辦第十一屆 Information Security Conference 國際會議,李德財所長擔任會議之 General Chair,論文集列入 LNCS,目前投稿情形有五十六篇,其中就日本投了超過十七篇,我們主辦國卻只有八篇投稿,截稿日期到 3/15 日截止,會議網站請參考:http://isc08.twisc.org/ 若各位目前手頭有稿件,祈請踴躍投稿。

PS:依學術慣例,LNCS 接受之論文,若有進行 Major revision,也可再轉投 journal。倘若論文(初稿)沒有被接受,Reviewer 的意見,也將對未來論文修改有許多助益。

吳宗成 敬上

Thursday, March 06, 2008

ISC08: Information Security Conference 2008

September 15-18, 2008
Taipei, Taiwan
Website http://isc08.twisc.org/index.html

Information Security 每年一度的盛事, 今年剛好在台灣舉辦, 研討會的 Topics 包含了我們的研究領域 - Information Hiding, ( 另一個重要的國際研討會是 IHW, Information Hiding Workshop, 今年 May 19-21 在 Santa Barbara, California, USA 舉辦, 論文截稿日期是 February 2, 2008 早就已經 來不及了 )。

今年 ISC 原本的 Submission Deadline 是 March 1, 2008, 我的論文原先的規劃是準備投稿到屬於 WCE 2008ICISOIE 08 , 昨天其實已經將論文改成 WCE 2008 的六頁格式, 準備今天投稿出去。早上開車到學校的路上, 就一直在考慮改投到 ISC 08, 在車上和黃世育老師討論後, 決定將我們一起合作寫的兩篇論文分散到兩個研討會, 黃老師寫的 CAPTCHA 那篇, 照原定計畫投稿的 WCE 2008, 我寫的這篇 Modified LSB Embedding 改投到 ISC 08, 兩個研討會都要參加。

昨天花了一整天, 將論文調整成 WCE 2008 的格式, 決定改投之後, 今天又要把論文格式重新改成 ISC 08 的格式了。

Call for papers


Important Dates
Conference Dates: September 16-18, 2008
Submission Deadline: March 15, 2008, 11pm GMT (firm deadline)
Notification of Acceptance: May 20, 2008
Camera-ready Copies Deadline: June 15, 2008

Topics of Interest
ISC aims to attract high quality papers in all technical aspects of information security.
Topics of interest include, but are not limited to, the following:

 * Access Control
 * Accounting and Audit
 * Anonymity and Pseudonymity
 * Applied Cryptography
 * Attacks and Prevention of Online Fraud
 * Authentication and Non-repudiation
 * Biometrics
 * Cryptographic Protocols and Functions
 * Database and System Security
 * Design and Analysis of Cryptographic Algorithms
 * Digital Rights Management
 * Economics of Security and Privacy
 * Formal Methods in Security
 * Foundations of Computer Security
 * Identity and Trust Management
 * Information Hiding and Watermarking
 * Infrastructure Security
 * Intrusion Detection, Tolerance and Prevention
 * Mobile, Ad Hoc and Sensor Network Security
 * Network and Wireless Network Security
 * Peer-to-Peer Network Security
 * PKI and PMI
 * Private Searches
 * Security and Privacy in Pervasive/Ubiquitous Computing
 * Security in Information Flow
 * Security for Mobile Code
 * Security of Grid Computing
 * Security of eCommerce, eBusiness and eGovernment
 * Security Modeling and Architectures
 * Security Models for Ambient Intelligence environments
 * Trusted Computing
 * Usable Security