1.

INTRODUCTION
Steganography comes from the Greek and literally means, "Covered writing". It is one of various data hiding techniques, which aims at transmitting a message on a channel where some other kind of information is already being transmitted. This distinguishes steganography from covert channel techniques, which instead of trying to transmit data between two entities that were unconnected before. The goal of steganography is to hide messages inside other harmless messages in a way that does not allow any enemy to even detect that there is a second secret message present. The only missing information for the enemy is the short easily exchangeable random number sequence, the secret key, without the secret key, the enemy should not have the slightest chance of even becoming suspicious that on an observed communication channel, hidden communication might take place. Steganography is closely related to the problem of hidden channels n secure operating system design, a term which refers to all communication paths that cannot easily be restricted by access control mechanisms. In an ideal world we would all be able to sent openly encrypted mail or files to each other with no fear of reprisals. However there are often cases when this is possible, either because the working company does not allow encrypted email or the local government does not approve of encrypt communication (a reality in some parts of the world). This is where steganography can come into play. Data hiding techniques can also be classified with respect to the extraction process: Cover Escrow methods need both the original piece of information and the encoded one in order to extract the embedded data. Blind or Oblivious schemes can recover the hidden message by means only of the encoded data. Steganography has developed a lot in recent years, because digital techniques allow new ways of hiding informations inside other informations, and this can be valuable in a lot of situations. The first to employ hidden communications techniques -with radio transmissions were the armies, because of the strategic importance of secure communication and the need to conceal the source as much as possible. Nowadays, new constraints in using strong encryption for messages are added by international laws, so if two peers want to use it, they can resort in hiding the communication into casual looking data. This problem has become
1

more and more important just in these days, after the international Wassenaar agreement, with which around thirty of the major - with respect to technology - countries in the world decided to apply restrictions in cryptography export similar to the USs ones.Another application of steganography is the protection of sensitive data. A file system can be hidden in random looking files in a hard disk, needing a key to extract the original files. This can protect from physical attacks to people in order to get their passwords, because maybe the attacker cant even know that some files are in that disk. The major concern of steganography is stealth, because if an attacker, either passive or active, can detect the presence of the message, from that point he can try to extract it and, if encrypted, to decrypt it. The resistance to attempt at destruction or noise is not required, since we consider the sender and the receiver equally interested in exchanging messages, so that they will try to transmit the stegomedium in the best way they can. If the stego-data can be transmitted over the selected channel, and this is usually the case with all the media that are used, like images or sounds, then the embedded data will be preserved along with them. Thus, data hiding techniques for steganography must focus on the maximum strength against detection and extraction. As a second request, we would prefer a high data rate, because we will usually want to be able to exchange any amount of data, from simple messages to top secret images.

2.STEGANOGRAPHY AND CRYPTOGRAPHY

Cryptography is the study of hiding information and it is used when communicating over an untrusted medium such as internet, where information needs to be protected from other third parties. Modern cryptography focuses on developing cryptographic algorithms that are hard to break by an adversary due to the computational hardness therefore could not be broken by a practical means. In the modern cryptography, there are three types of cryptographic algorithms used called Symmetric key cryptography, Public-key cryptography and hash functions. Symmetric key cryptography involves encryption methods where both the sender and the receiver share the same key used to encrypt the data. In Public-key cryptography, two different but mathematically related keys are used. Hash functions does not use a key, instead they compute a fixed length hash value from the data. It is impossible to recover the length or the original plain text from this hash value. The study of hiding information is called Cryptography. When communicating over an untrusted medium such as internet, it is very important to protect information and
2

Cryptography plays an important role in this. Today, cryptography uses principles from several disciplines such as mathematics, computer science, etc. Steganography deals with composing hidden messages so that only the sender and the receiver know that the message even exists. Since, nobody except the sender and the receiver knows the existence of the message, it does not attract unwanted attention.

Fig: Steganographic model

Fig:Symmetric-key cryptographic model

3

Fig: Unifying model Steganography deals with composing hidden messages so that only the sender and the receiver know that the message even exists. Since nobody except the sender and the receiver knows the existence of the message, it does not attract unwanted attention. Steganography was used even in ancient times and these ancient methods are called Physical Steganography. Some examples for these methods are messages hidden in messages body, messages written in secret inks, messages written on envelopes in areas covered by stamps, etc. Modern Steganography methods are called Digital Steganography. These modern methods include hiding messages within noisy images, embedding a message within random data, embedding pictures with the message within video files, etc. Furthermore, Network Steganography is used in telecommunication networks. This includes techniques like Steganophony (hiding a message in Voice-over-IP conversations) and WLAN Steganography (methods for transmitting Steganograms in Wireless Local Area Networks). there are three types of cryptographic algorithms used called Symmetric key cryptography, Public-key cryptography and hash functions. Symmetric key cryptography involves encryption methods where both the sender and the receiver share the same key used to encrypt the data.
4

Fig: Mapping between model components Steganography and cryptography are cousins in spy-craft family. Cryptography scrambles a message so it cannot be understood. Steganography hides the message so it cannot be seen. A message in cipher text for instance might arouse suspicion on the part of the recipient while an invisible message created with steganographic methods will not. In this way, we can say that steganography completes cryptography, and actually there are usually two ciphers to break when trying to extract the embedded message: one is the one with which the message was embedded, and the other is the one with which the message was enciphered. Cryptography is the study of hiding information, while Steganography deals with composing hidden messages so that only the sender and the receiver know that the message even exists. In Steganography, only the sender and the receiver know the existence of the message, whereas in cryptography the existence of the encrypted message is visible to the world. Due to this, Steganography removes the unwanted attention coming to the hidden message. Cryptographic methods try to protect the content of a message, while Steganography uses methods that would hide both the message as well as the content. By combining Steganography and Cryptography one can achieve better security. The major concern of steganography is stealth, because if an attacker, either passive or active, can detect the presence of the message, from that point he can try to extract it and, if encrypted, to decrypt it. The resistance to attempt at destruction or noise is not required, since we consider the
5

sender and the receiver equally interested in exchanging messages, so that they will try to transmit the stego-medium in the best way they can. If the stego-data can be transmitted over the selected channel, and this is usually the case with all the media that are used, like images or sounds, then the embedded data will be preserved along with them.

3.Image based steganography

Embedding a message into an image requires two files. The first is the innocent-looking image that will hold the hidden information, called the cover image. The second file is the messagethe information to be hidden. A message may be plain-text, cipher-text, other images, or anything that can be embedded in a bit stream. When combined, the cover image and the embedded message make a stegoimage. A stego-key (a type of password) may also be used to hide then later decode the message. Most steganography software recommends the use of lossless 24-bit images such as BMP. The next-best alternative to 24-bit images is 256coloror gray-scale images. The most common of these are GIF files. Steganographic systems uses images as cover media because people often transmit digital pictures over email and other Internet communication (e.g.eBay).Moreover,after

digitalization,images contain the so-called quantization noise which provides space to embed data (Westfeld and Pfitzmann, 1999). In this article, we will concentrate only on images as carrier media. The modern formulation of steganography is often given in terms of the prisoners problem (Simmons, 1984; Kharrazi et al., 2004) where Alice and Bob are two inmates who wish to communicate in order to hatch an escape plan. However, all communication between them is examined by the warden, Wendy, who will put them in solitary confinement at the slightest suspicion of covert communication.
Steganography was used even in ancient times and these ancient methods are called Physical Steganography. Some examples for these methods are messages hidden in messages body, messages written in secret inks, messages written on envelopes in areas covered by stamps, etc. Modern Steganography methods are called Digital Steganography.

Specifically, in the general model for steganography, we have Alice (the sender) wishing to send a secret message M to Bob (the receiver): in order to do this, Alice chooses a cover image C.The steganographic algorithm identifies Cs redundant bits (i.e., those that can be modified without arising Wendys suspicion), then the embedding process creates a stego
6

image S by replacing these redundant bits with data from M. S is transmitted over a public channel (monitored by Wendy) and is received by Bob only if Wendy has no suspicion on it. Once Bob recovers S, he can get M through the extracting process.

Fig: ISC embedded process The embedding process represents the critical task for a steganographic system since S must be as similar as possible to C for avoidingWendys intervention (Wendy acts for the eavesdropper). Least significant bit (LSB) insertion is a common and simple approach to embed information in a cover file: it overwrites the LSB of a pixel with anMs bit

Fig: ISC extracting process

7

Unfortunately, modifying the cover image changes its statistical properties, so eavesdroppers can detect the distortions in the resulting stego images statistical properties. In fact, the embedding of high-entropy data (often due to encryption) changes the histogram of colour frequencies in a predictable way (Provos and Honeyman, 2003; Westfeld and Pfitzmann, 1999). Westfeld (Westfeld, 2001) proposed F5, an algorithm that does not overwrite LSB and preserves the stego images statistical properties (see Sect. 5.2). Since standard steganographic systems do not provide strong message encryption, they recommend to encrypt M before embedding. Because of this, we have always to deal with a two-steps protocol: first we must cipher M (obtaining M) and then we can embeded M in C. Figure shows the result of such comparison obtained using a JPEG cover set Cset of 20 images (1024 x 768, average size 330 KB). In every image of Cset we have embedded a canto from Dantes Divina Commedia (about 5 KB for each canto) with a JPEG quality factor set to 80. Only for ISC, we also used the images of Cset as key images. The mean difference (in percentage) for every AC coefficient in the interval [8,8] is shown on the yaxis in Fig. 7, in particular the black columns represent the differences introduced by F5 embedding step while the white ones correspond to the number of modifications yielded by ISC embedding process. As one can notice, the respective difference values are comparable. Em1 is a simplified version of ISC, because actually ISC spreads M over the entire stego image, yielding the same embedding density everywhere. In doing this, ISC neither uses permutative straddling nor matrix encoding, but simply divides the nonzero coefficients array in blocks of the same length. If necessary, only one of the coefficients in each block is modified. Furthermore, ISC presents an on-line mechanism for correcting the statistical deviations created by the embedding step. If the message length is sufficiently short (i.e., it is less than the number of AC nonzero coefficients), ISC transforms useless coefficients in order to restore the original statistical properties characterizing the cover medium. As an example, if ISC transforms an AC coefficient from -1 into -2, when it encounters the first unused -2, it transforms this value in -1 in order to reequilibrate the histogram. Naturally, the more information we embed in the cover image, the less ISC can correct the introduced modifications. . If we choose a 24-bit image as cover, we can store 3 bits in each pixel. To the human eye, the resulting stego image will look identical to the cover image (Johnson and Jajodia, 1998).

Fig: ISC technique In the next sections we will present a new all-in one method able to perform steganography providing strong encryption at the same time. Our method has been planned either to work with bit streams scattered over multiple images (in an online way of functioning) or to work with still images; it yields random outputs, in order to make steganalysis more difficult and it can cipher M in a theoretically secure manner preserving the stego images statistical properties.The simplicity of our method gives the possibility of using it in real-time applications such as mobile video communication

4.Some history
The first description of the use of steganography dates back to the Greeks. Herodotus tells how a message was passed to the Greeks about Xerses hostile intentions underneath the wax of a writing tablet, and describes a technique of dotting successive letters in a cover text with a secret ink, due to Aeneas the Tactician. Pirate legends tell of the practice of tattooing secret information, such as a map, on the head of someone, so that the hair would conceal it. Steganography is the art and science of writing hidden messages in such a way that no one, apart from the sender and intended recipient, suspects the existence of the message, a form of security through obscurity. The word steganography is of Greek origin and means "concealed writing" from the Greek words steganos meaning "covered or protected", and graphei
9

() meaning "writing". The first recorded use of the term was in 1499 by Johannes Trithemius in his Steganographia, a treatise on cryptography and steganography disguised as a book on magic. Generally, messages will appear to be something else: images, articles, shopping lists, or some other covertext and, classically, the hidden message may be in invisible ink between the visible lines of a private letter. The advantage of steganography, over cryptography alone, is that messages do not attract attention to themselves. Plainly visible encrypted messagesno matter how unbreakable will arouse suspicion, and may in themselves be incriminating in countries where encryption is illegal.[1] Therefore, whereas cryptography protects the contents of a message, steganography can be said to protect both messages and communicating parties. Steganography includes the concealment of information within computer files. In digital steganography, electronic communications may include steganographic coding inside of a transport layer, such as a document file, image file, program or protocol. Media files are ideal for steganographic transmission because of their large size. As a simple example, a sender might start with an innocuous image file and adjust the color of every 100th pixel to correspond to a letter in the alphabet, a change so subtle that someone not specifically looking for it is unlikely to notice it. Kahn tells of a trick used in China of embedding a code ideogram at a prearranged position in a dispatch; a similar idea led to the grille system used in medieval Europe, where a wooden template would be placed over a seemingly innocuous text, highlighting an embedded secret message. Invisible ink offered a common form of invisible writing. Early in WWII, steganographic technology consisted almost exclusively of these inks. With invisible ink, a seemingly innocent letter could contain a very different message written between the lines. During WWII the grille spies used method or some variants. In the same period, the Germans developed microdot technology, which prints a clear, good quality photograph shrinking it to the size of a dot. During the "Cold War" period, USSR and US wanted to hide their sensors in the enemys facilities. These devices had to send data to their nations, without being spotted.

5.SOME DEFINITIONS
We give some definitions common to the steganography field:

10

Cover medium: This is the medium in which we want to hide data, it can be an innocent looking piece of information for steganography, or some important medium that must be protected for copyright or integrity reasons. Embedded message: This is the hidden message we want to put in the cover. It can be some data for steganography and some copyright informations or added content for digital watermarking. Stegokey: This is represented by some secret information, which is needed in order to extract the embedded message from the stegomedium. Stego-medium: This is the final piece of information that the casual observer can see. We can define this simple formula: Cover-medium + embedded-message = stego-message

6.BASIC METHOD BEHIND STEGANOGRAPHY

Fig:Steganography process

7.IMAGE FILES
To a computer, an image is an array of numbers that represent an array of numbers that represent light intensities at various points or pixels. These pixels make up the images raster data. A common image size is 640 * 480 and 256 colors (or 8 bits per pixel). Such an image could contain about 300 kb of data. Digital images are typically stored as either 24-bit or 811

bit files. A 24-bit image provides the most space for hiding information, however, it can be quite large except for the JPEG images. A 24-bit image of 1,024 pixels width and 768 pixels height has more than two million pixels, each having 24-bits, which would produce a file exceeding 2 Mega bytes. Such a file would attract attention during transmission. File compression would thus be beneficial, if not necessary, to transmit such a file.

7.1.File compression
There are two types of file compression methods- lossless and lossy. Both methods save storage space but have different results, interfering with the hidden information, when information is uncompressed. Lossless compression lets us reconstruct the original message exactly; therefore it is preferred when the original information must remain intact (as with steganographic images). Lossless compression as typical of images saved as GIF and 8-bit BMP. Lossless compression, on the other hand, saves space but may not maintain the original images integrity. This method typifies images saved as JPEG. Due to the lossy compression algorithm, which we discuss later, the JPEG formats provide close approximations to highquality digital photographs but not an exact duplicate. Hence the term lossy compression.

7.2.Embedding data
Embedding data, which is to be hidden, into an image requires two files. The first is the innocent looking image that will hold the hidden information, called the cover image. The second file is the message- the information to be hidden. A message may be plain text, cipher text, other images, or anything that can be embedded in a bit stream, when combined, the cover image and the embedded message make a stego- image. A stego-key (a type of password) may also be used to hide, and then later decode, the message. Most steganographic software neither supports not recommends using JPEG images. But recommends instead the use of lossless 24-bit images such as BMP. The next best alternative to 24-bit images is 256- color or gray scale images. The most common of these found on the Internet are GIF files. Every AC coefficient in the interval [8,8] is shown on the yaxis in Fig. 7, in particular the black columns represent the differences introduced by F5 embedding step while the white ones correspond to the number of modifications yielded by ISC embedding process.

12

Fig: ISC for JPEG sequence(Embedded step)

Fig:ISC for JPEG sequence(Extracting step) In 8-bit color images such as GIF files, each pixel is represented by a single byte, and each pixel nearly points to a color index able (a palette) with 256 possible colors. The pixels value is between 0 and 255. The software simply paints the indicated color on the screen at the selected pixel position. Many steganography experts recommend the use of images featuring 256 shades of grapy. Gray scale images are preferred because the shades change very gradually from byte to byte, and the less the value changes between palette entries, the better they can hide information.
13

When considering an image in which to hide information, you must consider the image as well as the palette. Obviously, an image with large areas of solid colors is a poor choice, as variances created from the embedded massage will be noticeable in the solid areas.

7.3. Data embedded security system

The choice of embedding algorithm in the most cases is driven by the results of the steganographic channel robustness analysis . One of the areas that improves steganographic robustness is usage of a key scheme for embedding messages.Various key steganographic schemes have various levels of protection. Key scheme term means a procedure of how to use key steganographic system based on the extent of its use. However, when the steganographic robustness is increased a bandwidth of the whole embedding system is decreased. Therefore the task of a scheme selection for achieving the optimal values of the steganographic system is not trivial. Embedding messages in steganographic system can be carried out without use of a key or with use of a key. To improve steganographic robustness key can be used as a verification option. It can make an impact on the distribution of bits of a message within a container, as well as an impact on the procedure of forming a sequence of embedded bits of a message. The first level of protection is determined only by the choice of embedding algorithm. This may be the least significant bits modification algorithm, or algorithms for modifying the frequency or spatial-temporal characteristics of the container. The first level of protection is presented in any steganographic channel. Steganographic system in this case can be represented as shown at The First Protection Level Scheme figure. There following notations are used: c - is a container file; F - steganographic channel space (frequency or/and amplitude container part, that is available for steganographic modification and message signal transmission); SC - steganographic system; m - message to be embedded; E - embedding method; - modified container file. The second protection level of the steganographic system, as well as all levels of protection of the higher orders, is characterized by the use of Key (password) via steganographic modification. An example of a simple key scheme, which provides a second level of protection, is to write the unmodified or modified password in the top or bottom of the message; or the distribution of the password sign on the entire length of the steganographic channel. Such key schemes do not affect the distribution of messages through the container and do not use a message preprocessing according to the defined key (see figure The Second
14

Protection Level Scheme). This kind of steganographic systems are used in such tasks as, for instance, adding a digital signature for proof of copyright. Data embedding performance is not changed in comparison with the fastest approach of the first protection level usage. Steganographic data channels that use key schemes based distribution of a message through the container and or preprocessing of an embedded message for data hiding are more secure. When the third protection level key scheme is used it affects the distribution of a message through the container (see figure The Third Protection Level Scheme, where F(P, L) distribution function of a message within a container; P minimum number of container samples that are needed to embed one message sample; L step of a message distribution within a container). Accordingly, the performance of container processing will be lower than in the case of the first and the second key schemes. Taking into account that PL, the simplest representation of the F(P, L) function could be as following: F(P, L) = cycle*L + step*P, where cycle is a number of the current L section and step is a number of the embedded message sample. The difference between the fourth protection level scheme and the third one is that in steganographic system there are two distribution functions of a message within a container are used. The first is responsible for a message samples selection according to some function G(Q, N), and the second function F(P, L) is responsible for position selection in a container for message sample hiding. Here Q the size of message block to be inserted; N the size (in bits) of one sample of the message file (see figure The Fourth Protection Level Scheme).

8.CONCEALMENT IN DIGITAL IMAGES

Information can be hidden many different ways in images. To hide information, straight message insertion may encode every bit of information in the message or selectively embed the message in noisy areas that draw less attention- those areas where there is a great deal of natural color variation. The message may also be scattered randomly throughout the image. Redundant pattern encoding wallpapers the cover image with the message. Image based Steganography is the most popular method for message concealment. In this paper, two techniques are proposed for enhancing the message secrecy using image based steganography. The first technique is based on the use of punctuation marks to encode a secret message before embedding it into the image file. The second technique is based on the
15

use of modified scytale cipher to hide a secret message in an image file. Both of these techniques have been implemented and tested using the S-Tools software package. The original and stego-images both are shown for the purpose of comparison A number of ways exist to hide information in digital images. Common approaches include: Least significant bit (LSB) insertion. Masking and filtering. Algorithms and transformations.

8.1.Least significant bit insertion

Least significant Bit insertion is a common, simple approach to embedding information in a cover file. To hide an image in the LSBs of each byte of a 24-bit image, you can store 3 bits in each pixel. A 1,024 * 768 image has the potential to hide a total of 2,359,296 bits of information. Ti you compress the message to be hidden before you embed it, you can hide a large amount of information. To the human eye, the resulting stego-image will look identical to the cover image.

8.2.Masking and Filtering

Masking and filtering techniques, usually restricted to 24-bit and tray-scale images, hide information by marking an image, in a manner similar to paper watermarks. Watermarking techniques may be applied without fear of image destruction due to lossy compression because they are more integrated into the image. Visible watermarks are not steganography by definition. The difference is primarily one of intent. Traditional steganography conceals information; watermarks extend information and become an attribute of the cover image. Digital watermarks may include such information as copyright, ownership, or license. In steganography, the object of communication is the hidden message. In digital watermarking, the object of communication is the cover. To create a watermarked image, we increase the luminance of the masked area by 15 percent. If we were to change the luminance by a smaller percentage, the mask would be undetected by the human eye. Now we can use the watermarked image to hide plaintext or encoded information. Masking is more robust than LSB insertion with respect to compression, cropping and some image processing. Masking techniques embed information in more significant areas so that
16

the hidden message is more integral to the cover image than just hiding it in the noise level. This makes it more suitable than LSB with lossy JPEG images.

8.3.Algorithms and Transformations

LSB manipulation is a quick and easy way to hide information but is vulnerable to small changes resulting from image processing or lossy compression. Such compression is a key advantage that JPEG images have over other formats. High quality images can be stored in relatively small files using JPEG compression method. One steganographic method that integrates the compression algorithm for hiding the information is Jpeg-Jsteg. Jpeg-Jsteg creates a JPEG stego image from the input of a message to be hidden and a lossless cover mage. Another method used in Patchwork and similar techniques is the redundant pattern encoding. Here the hidden information is scattered throughout the cover mage. These approaches may help protect against image processing such as cropping and rotations and they hide information more thoroughly than by simply masking. They also support image manipulation more readily than tools that rely on LSB. In using redundant pattern encoding, you must trade off message size against robustness. A large message may be embedded only once because it would occupy a much greater portion of the image area. Other techniques encrypt and scatter the hidden data throughout an image. Scattering the message makes it appear more like noise. Proponents of this approach assume that even if the message bits are extracted, they will be useless without the algorithm and stego-key to decode them. Scattering and encryption helps protect against hidden message extraction but not against message destruction through image processing. A scattered message in the images LSBs is still as vulnerable to destruction from lossy compression and image processing, as is a clear text message inserted in the LSBs.

8.4. Countermeasures and detection

Detection of physical steganography requires careful physical examination, including the use of magnification, developer chemicals and ultraviolet light. It is a time-consuming process with obvious resource implications, even in countries where large numbers of people are employed to spy on their fellow nationals. However, it is feasible to screen mail of certain suspected individuals or institutions, such as prisons or prisoner-of-war (POW) camps. During World War II, a technology used to ease monitoring of POW mail was specially
17

treated paper that would reveal invisible ink. An article in the June 24, 1948 issue of Paper Trade Journal by the Technical Director of the United States Government Printing Office, Morris S. Kantrowitz, describes in general terms the development of this paper, three prototypes of which were named Sensicoat, Anilith, and Coatalith paper. These were for the manufacture of post cards and stationery to be given to German prisoners of war in the US and Canada. If POWs tried to write a hidden message the special paper would render it visible. At least two US patents were granted related to this technology, one to Mr. Kantrowitz, No. 2,515,232, "Water-Detecting paper and Water-Detecting Coating Composition Therefor", patented July 18, 1950, and an earlier one, "Moisture-Sensitive Paper and the Manufacture Thereof", No. 2,445,586, patented July 20, 1948. A similar strategy is to issue prisoners with writing paper ruled with a water-soluble ink that "runs" when in contact with a water-based invisible ink. In computing, detection of steganographically encoded packages is called steganalysis. The simplest method to detect modified files, however, is to compare them to known originals. For example, to detect information being moved through the graphics on a website, an analyst can maintain known-clean copies of these materials and compare them against the current contents of the site. The differences, assuming the carrier is the same, will compose the payload. In general, using extremely high compression rate makes steganography difficult, but not impossible. While compression errors provide a hiding place for data, high compression reduces the amount of data available to hide the payload in, raising the encoding density and facilitating easier detection (in the extreme case, even by casual observation).

9. LEAST SIGNIFICANT BIT (LSB) INSERTION

9.1.Technique basics
Today, when converting an analog image to digital format, we usually choose between three different ways of representing colors: 24-bit color: every pixel can have one in 2^24 colors, and these are represented as different quantities of three basic colors: red (R), green (G), blue (B), given by 8 bits (256 values) each.

18

 8-bit color: every pixel can have one in 256 (2^8) colors, chosen from a palette, or a table of colors. 8-bit gray-scale: every pixel can have one in 256 (2^8) shades of gray. LSB insertion modifies the LSBs of each color in 24-bit images, or the LSBs of the 8-bit value for 8-bit images.

9.2.Data Rate
The most basic of LSBs insertion for 24-bit pictures inserts 3 bits/pixel. Since every pixel is 24 bits, we can hide 3 hidden-bits/pixel / 24 data-bits/pixel = 1/8 hidden-bits/databits. So for this case we hide 1 bit of the embedded message for every 8 bits of the cover image. If we pushed the insertion to include the second LSBs, the formula would change to: 6 hidden-bits/pixel / 24 data-bits/pixel = 2/8 hidden-bits/databits And we would hide 2 bits of the embedded message for every 8 bits of the cover image. Adding a third-bit insertion, we would get: 9 hidden-bits/pixel / 24 data-bits/pixel = 3/8 hidden-bits/databits Acquiring a data rate of 3 embedded bits every 8 bits of the image. The data rate for insertion in 8-bit images is analogous to the 1 LSB insertion in 24-bit images, or 1 embedded bit every 8 cover bits. We can see the problem in another light, and ask how many cover bytes are needed to send an embedded byte. For 1-LSB insertion in 24-bit images or in 8-bit images this value would be 8/1*8 = 8 Bytes. For 2-LSBs insertion in 24-bit pictures it would be 8/2*8 = 4 Bytes, for 3-LSBs insertion it would be 8/3*8 = 21.33 Bytes.

9.3.Robustness
LSB insertion is very vulnerable to a lot of transformations,even the most harmless and usual ones. Lossy compression, e.g. JPEG, is very likely to destroy it completely. The problem is that the "holes" in the Human Visual System that LSB insertion tries to exploit little sensitivity to added noise - are the same that lossy compression algorithms rely on to be able to reduce the data rate of images.

19

Geometrical transformations, moving the pixels around and especially message, and the only one that could allow recovery is a simple translation. Any other kind of picture transformation, like blurring or other effects, usually will destroy the hidden data. All in all, LSB insertion is a very little robust technique for data hiding. displacing them from the original grid, are likely to destroy the embedded

9.4.Ease of detection/extraction
There is no theoretical outstanding mark of LSB insertion, if not a little increase of background noise. Its very easy, instead, to extract LSBs even with simple programs, and to check them later to find if they mean something or not.

9.5.Suitability for steganography or watermarking

First of all, since it is a so vulnerable technique even for simple processing, LSB insertion is almost useless for digital watermarking, where it must face malicious attempts at its destruction, plus normal transformations like compression/decompression or conversion to analog (printing or visualization)/conversion to digital (scanning). Its comparatively high data rate can point it as a good technique for steganography, where robustness is not such an important constraint.

9.6.Problems and possible solutions

Having stated that LSB insertion is good for steganography, we can try to improve one of its major drawbacks: the ease of extraction. We dont want that a malicious attacker be able to read everything we are sending. This is usually accomplished with two complementary techniques: Encryption of the message, so that who extracts it must also decrypt it before it makes sense. Randomizing the placement of the bits using a cryptographical random function (scattering), so that its almost impossible to rebuild the message without knowing the seed for the random function. In this way, the message is protected by two different keys, acquiring much more confidentiality than before. This approach protects also the integrity of the message, being much more difficult (we could say at least computationally infeasible) to counterfeit the message.

20

Anyway, since we dont want our message to be only an encrypted and scrambled message, we must go back to the purpose of making the communication hidden. The two most important issues in this problem are: The choice of images The choice of the format (24-bit or 8-bit, compressed or not) The cover image first of all must seem casual, so it must be chosen between a set of subjects that can have a reason to be exchanged between the source and the receiver. Then it must have quite varying colors, it must be "noisy", so that the added noise is going to be covered by the already present one. Wide solid-color areas imagnify very much any little amount of noise added to them. Second, there is a problem with the file size, which involves the choice of the format. Unusually big files exchanged between two peers, in fact, are likely to arise suspicion. To solve this problem, it has been studied a modification to the JPEG algorithm that inserts LSBs in some of the lossless stages or pilots the rounding of the coefficients of the DCT used to compress the image to encode the bits. Since we need to have small image file sizes, we should resort in using 8-bit images if we want to communicate using LSB insertion, because their size is more likely to be considered as normal. The problem with 256 colors images is that they make use of an indexed palette, and changing a LSB means that we switch a pixel from a position to an adjacent one. If there are adjacent contrasting colors in the palette, it can happen that a pixel in the image changes its color abruptly and the hidden message becomes visible. To solve this problem different methods have been studied, like rearranging the palette so that adjacent colors dont contrast so much, or even reducing the palette to a smaller number of colors and replicating the same entry in the table in adjacent positions, so that the difference after the embedding of the message is not visible at all. Moreover for most images the reduction of colors from, for instance, 256 to 32 is hardly visible. Most of the experts, anyway, advise to use 8-bit grayscale images, since their palette is much less varying than the color one, so LSB insertion is going to be very hard to detect by the human eye.

21

10.SSIS - SPREAD SPECTRUM IMAGE STEGANOGRAPHY

Techniques of error-control coding, image restoration, and those similar to spread spectrum communication are combined within the SSIS system. The fundamental concept is the embedding of the hidden information within noise, which is then added to a digital cover image. This noise is typical of the noise inherent to the image acquisition process and, if kept at low levels, is not perceptible to the human eye or by computer analysis without access to the original image. To successfully decode the message, image restoration techniques and error-control coding are employed. Image restoration is used to obtain an approximate estimate of the original cover image from the stegoimage. This promotes the estimation of the embedded signal that was added to the cover, in addition to allowing SSIS to be a blind steganography scheme. Finally, because the noise is of low power and the restoration process is not perfect, the estimation of the embedded signal is poor, resulting in an embedded signal bit error rate (BER) that is rather high. To compensate, the message signal is processed by a low-rate error-correcting code before embedding. This conglomeration of communication and image processing techniques provides a method of reliable blind image steganography. The major processes of the stegosystem encoder are portrayed. Within the system, the message is optionally encrypted with key 1 and then encoded via a low-rate errorcorrectingcode, producing the encoded message. Thesender enters key 2 into a wideband pseudorandom noise generator, producing a real-valued noise sequence, sequently, the

modulation scheme is used to combine the message with the noise sequence, thereby composing the embedded signal, , which is then input into an interleaver using key 3. This signal is now added with the cover image to produce the stegoimage , which is appropriately quantized and clipped to preserve the initial dynamic range of the cover image. The stegoimage is then transmitted in some manner to the recipient. At the receiver the stegoimage is received by the recipient, who maintains the same keys as the sender, uses the stegosystem decoder to extract the hidden information. The decoder uses image restoration techniques to produce an estimate of the original cover image, , from the received stegoimage, . The difference between and is fed into a keyed deinterleaver to construct an estimate of the embedded signal, . With key 2, the noise sequence, is regenerated, the encoded message is then demodulated, and an estimate of the encoded message, , is constructed. The estimate of the message is then
22

decoded via the low-rate errorcontrol decoder, optionally decrypted using key 1 and revealed to the recipient. The interleaver in this scheme, which reorders the embedded signal before it is added to the cover image, serves a dual function. The first is to prevent a group or burst of errors. This allows the errors to occur almost independently within a codeword, thus giving the errorcorrecting code an equal chance at correcting the errors in all codewords. Second, since the interleaver requires a key to stipulate the interleaving algorithm, this key can serve as another level of security to establish the proper order of the embedded signal before decoding. We point out this technique as an example for spread spectrum data-hiding methods. Spread spectrum techniques are now widely used in military radio communications, due to their very high robustness to detection and extraction. SSIS is a quite mature process, and its aim is to achieve low detectability, ease of extraction, high data rate and good robustness to removal. It is based on spread spectrum techniques, but it enhances them by adding other encoding steps.

Fig:SSIS encoder

23

Fig:SSIS decoder

10.1.Technique basics
The core of SSIS is a spread spectrum encoder. These devices work by modulating a narrow band signal over a carrier. The carriers frequency is continually shifted using a pseudorandom noise generator fed with a secret key. In this way the spectral energy of the signal is spread over a wide band, thus decreasing its density, usually under the noise level. To extract the embedded message, the receiver must use the same key and noise generator to tune on the right frequencies and demodulate the original signal. A casual observer wont be able even to detect the hidden communication, since it is under the noise level.

10.2.Data Rate
The data rate for this technique can be fairly high, but it depends on the choices made for the different parameters of the encoding. We can assume that the message will be compressed before embedding to allow for a higher capacity. The ECC encoder instead is going to insert redundant data into the stream to be able to correct the errors. The more errors we want to correct, the more bits will be added. Then, we have a tradeoff between good retrieval and capacity. If we can allow for small glitches in the recovered message, then we can use a weaker encoding. Moreover, the more data we want to insert in the image, the more noise we are going to add to it. Then, if our cover is not noisy, we will be able to hide very little data, while if we choose a noisy one, its capacity will be higher. Experiments with 512x512 grey scale images (256 KB) could embed from 500 bytes to 5KB, depending on the cover. These experiments used a spread spectrum signal powerful enough to give almost total error-free retrieval, because the compression method adopted didnt allow for any errors. This means a data rate

24

varying from 1 hidden-bytes/50 cover-bytes to 10 hiddenbytes/ 50 cover-bytes, a rate surpassed only by LSB insertion.

10.3.Robustness
Spread spectrum techniques are usually quite robust. Every transformation that adds noise to the image isnt able to destroy the message. Anyway, a determined attacker can quite easily compromise the embedded data using some digital processing, like for example:noise reduction filters, the same that are used in decoding to estimate the original cover.

10.4.Ease of detection/extraction
Spread spectrum encoding is widely used in military communications for its robustness against detection. An attacker cant usually even know if the message was embedded, and anyway it will be very hard for him to extract it without knowing the right key2 and key3.

10.5.Suitability for steganography or watermarking

Due to its fairly high capacity and low ease of detection and extraction, SISS is very good for steganography.

10.6.Problems and possible solutions

The basic tradeoff in using SSIS is between the error rate we can afford and the amount of informations we want to embed, that varies in turn the power of the added noise. The ECC is used to allow for a lower power without increasing the Bit Error Rate as well. Further improvements will deal with improving the original cover estimate stage, so that itll lead to a lower Bit Error Rate in the recovered signal, allowing to use less redundant ECCs. The first is redundant encoding by dividing the cover into blocks, and embedding the same message in each of them, so that the hidden data can be extracted even from a part of the image as big as one block, but the more of it we have, the more certain we can be about the result. Moreover, they added to the spectrum a template that can, through a log-polar transform applied to the spectrum of the stegoimage, determine the original scale factor and orientation of the image, rendering the stego-message virtually immune to scaling and rotation. Finally, spread spectrum techniques can add an adaptive perceptual masking filter before the insertion of the signal, so that the added noise is quite sure to be under perceptual limits. This,

25

however, will increase the error rate in the retrieval, because it reduces the power of the embedded signal.

11.Applications of Steganography
." Steganography is applicable to, but not limited to, the following areas.
1) Confidential communication and secret data storing 2) Protection of data alteration 3) Access control system for digital content distribution 4) Media Database systems The area differs in what feature of the steganography is utilized in each system.

11.1. Confidential communication and secret data storing

The "secrecy" of the embedded data is essential in this area.Historically, steganography have been approached in this area. Steganography provides us with: (A) Potential capability to hide the existence of confidential data (B) Hardness of detecting the hidden (i.e., embedded) data (C) Strengthening of the secrecy of the encrypted data In practice, when you use some steganography, you must first select a vessel data according to the size of the embedding data. The vessel should be innocuous. Then, you embed the confidential data by using an embedding program (which is one component of the steganography software) together with some key. When extracting, you (or your party) use an extracting program (another component) to recover the embedded data by the same key ( "common key" in terms of cryptography). In this case you need a "key negotiation" before you start communication. Attaching a stego file to an e-mail message is the simplest example in this application area. But you and your party must do a "sending-and-receiving" action that could be noticed by a third party. So, e-mailing is not a completely secret communication method.There is an easy method that has no key-negotiation. We have a model of "Anonymous Covert Mailing System." There is some other communication method that uses the Internet Webpage. In this

26

method you don't need to send anything to your party, and no one can detect your communication. Each secrecy based application needs an embedding process which leaves the smallest embedding evidence. You may follow the following. (A) Choose a large vessel, larger the better, compared with the embedding data. (B) Discard the original vessel after embedding. For example, in the case of Qtech Hide & View, it leaves some latent embedding evidence even if the vessel has a very large embedding capacity. You are recommended to embed only 25% or less (for PNG / BMP output) of the maximum capacity, or only 3% of the vessel size (for JPEG output)..

11.2. Protection of data alteration

We take advantage of the fragility of the embedded data in this application area. "The embedded data can rather be fragile than be very robust." Actually, embedded data are fragile in most steganography programs. Especially, Qtech Hide & View program embeds data in an extremely fragile manner. However, this fragility opens a new direction toward an information-alteration protective system such as a "Digital Certificate Document System." The most novel point among others is that "no authentication bureau is needed." If it is implemented, people can send their "digital certificate data" to any place in the world through Internet. No one can forge, alter, nor tamper such certificate data. If forged, altered, or tampered, it is easily detected by the extraction program. Stated somewhat more formally, the objective for making steganographic encoding difficult to detect is to ensure that the changes to the carrier (the original signal) due to the injection of the payload (the signal to covertly embed) are visually (and ideally, statistically) negligible; that is to say, the changes are indistinguishable from the noise floor of the carrier. Any medium can be a carrier, but media with a large amount of redundant or compressible information are better suited. From an information theoretical point of view, this means that the channel must have more capacity than the "surface" signal requires; that is, there must be redundancy. For a digital image, this may be noise from the imaging element; for digital audio, it may be noise from recording techniques or amplification equipment. In general, electronics that digitize an analog signal suffer from several noise sources such as thermal noise, flicker noise, and shot
27

noise. This noise provides enough variation in the captured digital information that it can be exploited as a noise cover for hidden data. In addition, lossy compression schemes (such as JPEG) always introduce some error into the decompressed data; it is possible to exploit this for steganographic use as well. Steganography can be used for digital watermarking, where a message (being simply an identifier) is hidden in an image so that its source can be tracked or verified (for example, Coded Anti-Piracy), or even just to identify an image (as in the EURion constellation).

11.3. Access control system for digital content distribution

In this area embedded data is "hidden", but is "explained" to publicize the content.Today, digital contents are getting more and more commonly distributed by Internet than ever before. For example, music companies release new albums on their Webpage in a free or charged manner. However, in this case, all the contents are equally distributed to the people who accessed the page. So, an ordinary Web distribution scheme is not suited for a "case-by-case" and "selective" distribution. Of course it is always possible to attach digital content to e-mail messages and send to the customers. But it will takes a lot of cost in time and labor. If you have some valuable content, which you think it is okay to provide others if they really need it, and if it is possible to upload such content on the Web in some covert manner. And if you can issue a special "access key" to extract the content selectively, you will be very happy about it. A steganographic scheme can help realize a this type of system. We have developed a prototype of an "Access Control System" for digital content distribution through Internet. The following steps explain the scheme. (1) A content owner classify his/her digital contents in a folder-by-folder manner, and embed the whole folders in some large vessel according to a steganographic method using folder access keys, and upload the embedded vessel (stego data) on his/her own Webpage. (2) On that Webpage the owner explains the contents in depth and publicize worldwide. The contact information to the owner (post mail address, e-mail address, phone number, etc.) will be posted there. (3) The owner may receive an access-request from a customer who watched that Webpage. In that case, the owner may (or may not) creates an access key and provide it to the customer (free or charged)..

28

In this mechanism the most important point is, a "selective extraction" is possible or not.We have already developed such a selective extraction program to implement the system.

11.4. Media Database systems

In this application area of steganography secrecy is not important, but unifying two types of data into one is the most important.Media data (photo picture, movie, music, etc.) have some association with other information. A photo picture, for instance, may have the following. (1) The title of the picture and some physical object information (2) The date and the time when the picture was taken (3) The camera and the photographer's information Formerly, these are annotated beside the each picture in the album.Recently, almost all cameras are digitalized. They are cheap in price, easy to use, quick to shoot. They eventually made people feel reluctant to work on annotating each picture. Now, most home PC's are stuck with the huge amount of photo files. In this situation it is very hard to find a specific shot in the piles of pictures. A "photo album software" may help a little. You can sort the pictures and put a couple of annotation words to each photo. When you want to find a specific picture, you can make a search by keywords for the target picture. However, the annotation data in such software are not unified with the target pictures. Each annotation only has a link to the picture. Therefore, when you transfer the pictures to a different album software, all the annotation data are lost. This problem is technically referred to as "Metadata (e.g., annotation data) in a media database system (a photo album software) are separated from the media data (photo data) in the database managing system (DBMS)." This is a big problem. Steganography can solve this problem because a steganography program unifies two types of data into one by way of embedding operation. So, metadata can easily be transferred from one system to another without hitch. Specifically, you can embed all your good/bad memory (of your sight-seeing trip) in each snap shot of the digital photo. You can either send the embedded picture to your friend to extract your memory on his/her PC, or you may keep it silent in your own PC to enjoy extracting the memory ten years after. If a "motion picture steganography system" has been developed in the near future, a keyword based movie-scene retrieving system will be implemented. It will be a step to a "semantic movie retrieval system.

29

12.CONCLUSION
In this paper we tried to give an all-round view of steganography, both used to exchange messages and watermarking. First we gave an outline of the problem, telling also some of the history of this quickly developing field. Then we showed the different techniques invented, from the simplest to the more complex ones, trying to evaluate them under many points of view. Major emphasis was put on data hiding in images, for the techniques involved are usually more mature than the corresponding ones for other kinds of informations. Image encoding algorithms can also be representative for manipulation of other types of media like voice, text, binary files, binary files, communication channels etc. The strength of our system resides in the new concept of key image. Involving two images (the cover and the key) in place of only one (the cover) we are able to change the cover coefficients randomly. This opportunity does not give a steganalytic tool the chance of searching for a predictable set of modifications. The proposed approach has many applications in hiding and coding messages within standard medias, such as images or videos. As future work, we intend to study steganalytic techniques for ISC and to extend ISC to mobile video communication Then we gave an outline of the problems involved with watermarking, a field that has come into light after the development of broadband worldwide digital networks. Steganography and digital watermarking are undergoing a development process similar to that of encryption. Steganographys niche in security is to supplement cryptography and not to replace it. There is a continuous invention of new techniques for steganography followed by successful breakings and new improvements of them.

30

13.REFERENCES
Neil F. Johnson, Sushil Jajodia, George Mason University, "Exploring Steganography: Seeing the Unseen", IEEE Computers, February 1998, pp. 26-34 W. Bender, D. Gruhl, N. Morimoto, A. Lu, "Techniques for Data Hiding" IBM Systems Journal, Vol. 35 Ross Anderson, Roger Needham, Adi Shamir, "The Steganographic File System", 2nd Information Hiding Workshop, 1998 Ross J. Anderson, Fabien A.P. Petitcolas, "On the limits of steganography. W. Bender, D. Gruhl, N. Morimoto, and A. Lu, Techniques for data hiding, IBM Syst. J., vol. 35, 1996. I. J. Cox, J. Kilian, T. Leighton, and T. Shamoon, Secure spread spectrum watermarking for images, audio and video, in Proc. IEEE Int. Conf. Image Processing, Lausanne, Switzerland, Sept. 1996, vol. 111, pp. 243246. D. Kahn, The CodebreakersThe Story of Secret Writing. New York: Scribner, 1967. F. Johnson and S. Jajodia, Exploring steganography: Seeing the unseen, IEEE Computer Mag., pp. 2634, Feb. 1998. B. Pfitzmann, Trials of traced traitors, in Information Hiding, First International Workshop, Lecture Notes in Computer Science, R. Anderson, Ed. Berlin, Germany: Springer-Verlag, 1996, vol. 1, pp. 4964. J. R. Smith and B. O. Comisky, Modulation and information hiding in images, in Information Hiding, First International Workshop, Lecture Notes in Computer Science, R. Anderson, Ed. Berlin, Germany: Springer-Verlag, 1996, vol. 1174, pp. 207226. L. M. Marvel and C. G. Boncelet, Jr., Capacity of the additive steganographic channel, submitted for publication. R. van Schyndel, A. Tirkel, and C. Osborne, A digital watermark, in Proc. IEEE Int. Conf. Image Processing, 1994, vol. 2, pp. 8690. R. B. Wolfgang and E. J. Delp, A watermark for digital images, in Proc. IEEE Int. Conf. Image Processing, Lausanne, Switzerland, Sept. 1996, vol. 111, pp. 219222

31