Introduction
Cheddad, Condell, Curran and Kevitt (2010) allege, “Steganography refers to the art of covered or hidden writing” (p. 752). The primary objective of steganography is surreptitious communication to conceal a message from unauthorized parties. Steganography is different from cryptography, which is an art of hidden writing that aims at ensuring that a third party does not read a message.
While steganography hides the presence of a secret communication, cryptography leaves it palpable. Despite numerous distinctions between steganography and cryptography, there are numerous similarities between the two. Some scholars treat steganography as a method of encryption. Nevertheless, this article will tackle steganography as a distinct way of ensuring information security.
Even though the term steganography was invented in the early 16th century, the use of secret communication dates back a couple of millennia. Before the innovation of steganography, people could “tattoo messages on the scalps of slaves or hide information in the stomachs of rabbits” (Cheong, Ling, & Teh, 2014, p. 3566). Students and kids have been using indiscernible ink for hundreds of years.
Besides, terrorists and spies have for decades used the concept of concealed communication to perpetrate serious espionages (Cheong et al., 2014). Despite steganography hiding the hidden message, it is easy to note that two parties are communicating. The process of steganography entails inserting covered communication in a particular transport means, known as the carrier (Cheong et al., 2014).
The clandestine communication is attached to the carrier to create the steganography medium. The parties may use a steganography key to encrypt the concealed message or randomize the scheme. There are two main categories of steganography; technical and linguistic steganography (Cheong et al., 2014).
Technical steganography applies experimental techniques to conceal a communication. The experimental methods include microdots, invisible ink, and other size-reduction mechanisms. On the other hand, linguistic steganography hides a message in a transport medium in a manner that is hard to detect (Cheong et al., 2014).
History of Steganography
Throughout history, individuals have been concealing messages through numerous approaches and variations. For instance, in the early days, the Greeks used wax-coated tablets to hide texts. To relay a secreted message, an individual would scrap wax off a tablet, engrave a communication and conceal it using wax. It was hard for other people to suspect that a wax-coated tablet contained significant information (Chiew & Pieprzyk, 2010).
Another ingenious method was to “shave the head of a messenger and tattoo a message or image on the messenger’s head” (Fridrich, Goljan, & Hogea, 2012, p. 86). Once the hair grew back, it was hard for people to notice the message. The recipient of the message had to trim the messenger’s hair to retrieve the communication. During the World War II, people began to use invisible ink to send messages.
During this period, steganography entailed the use of invisible inks only. The inks enabled people to encrypt a message in an apparently innocent letter. It was hard for a third party to detect a signal included in a message. Later, technological development made it easy for third parties to recognize concealed messages.
Consequently, people had to look for alternative methods of relaying clandestine messages. The need for hiding sensitive information led to the invention of the microdot technology (Fridrich et al., 2012). The technology used images to send information. It made it easy for government agencies and criminal groups to relay information undetected.
As computer experts continue to develop programs that can detect hidden communications, people are developing novel steganographic applications. Some information security experts have built on ancient steganographic methods. Indeed, the present development of computer technology has resulted in a revolution in steganography.
People continue to store massive and sensitive information in computers and broadcast it over networks. There is no doubt that steganography has infiltrated the digital era (Hamid, Yahya, Ahmad, & Al-Qershi, 2012). Today, there are steganographic applications that enable people to hide any form of a binary file in other records. Nevertheless, most messages are transmitted in the form of audio and image files.
Hamid et al. (2012) hold that steganography offers some quite valuable and economically essential roles in the digital universe. For instance, steganography facilitates digital watermarking. Digital watermarking enables an author to “embed a hidden message in a file to safeguard the integrity of the content” (Hamid et al., 2012, p. 177).
An artist, for instance, can publish their creative work on a website without fear that another person might steal it. If other parties take the work and claim it to be theirs, the real owner can retrieve the watermark to substantiate their claims. Even though both digital watermarking and steganography use similar concepts, the former has singular technical objectives.
The contemporary steganography allows people to conceal data in varied formats like text, images, internet protocol (IP) headers, and email. Hernandez-Castro, Blasco-Lopez, Estevez-Tapiador and Ribagorda-Garnacho (2006) claim that steganography has been crucial in information warfare throughout history.
Hernandez-Castro et al. (2006) posit, “Steganography continued to be seen as another aspect of the internet until the September 11th attack against the United States” (p. 68). A majority of the media outlets alleged that terrorists were using steganography to send secret messages. They further noted that terrorists could entrench messages into pornographic image files, websites, notice boards, and chat rooms (Hernandez-Castro et al., 2006).
However, it was hard for the media outlets to substantiate their claims since they never produced evidence. Today, many people are apprehensive that terrorists may use steganography to stage a devastating cyber attack. Consequently, the internet civil libertarians call for the law enforcers to institute stringent rules to govern encryption and steganography (Hernandez-Castro et al., 2006).
Principles of Steganography
According to Hmood, Jalab, Kasirun, Zaidan, and Zaidan (2010), various embedding techniques and rules enable communicating parties to conceal messages in a given medium. Nonetheless, all the techniques and regulations must meet several principles for steganography to be useful. One of the principles is that the integrity of the concealed message must not change during and after concealment.
In other words, the meaning and purpose of the hidden message should remain intact. A successful steganography is one that upholds the integrity and quality of the secret information. Another principle is that the image or object used to hide information should remain unchanged (Hmood et al., 2010).
People should not see changes in the stego-object as this might stir nosiness. Individuals sending messages through steganography should always presume that a third party is aware of the concealed message. Such an assumption helps to ensure that the communicating parties are cautious when concealing and relaying messages.
Steganographic Techniques
People use different approaches to hiding information. Over the years, information technology (IT) experts have come up with diverse techniques of embedding covert information in multimedia objects. According to Lin and Tsai (2008), IT experts have come up with multiple ways of entrenching messages in images such that it is hard to detect them.
The experts encode entire message or segments of a message in “noisy” regions that are hard to detect. Besides, some experts distribute a message haphazardly all over the image. The most conventional steganographic techniques used in images include “masking and filtering, least significant bit (LSB) insertion and transform techniques” (Lin & Tsai, 2008, p. 407).
Apart from the steganographic techniques used to conceal messages in images, individuals use numerous methods to hide messages in texts. The methods include feature, word shift, and line shift coding (Lin & Tsai, 2008).
Least Significant Bit Insertion
Least significant bit (LSB) insertion is the most common and straightforward method of securing information. The method entails attaching a message to a cover file. The primary disadvantage of LSB is that it is susceptible to even a minor image change. Changing an image may have significant repercussions on the concealed message.
The least significant bit (LSB) insertion technique uses a steganographic application that packages LSB insertion to ensure that it is hard for a third party to detect a concealed message. According to Luo (2010), the application uses EZStego tools to organize the palette and minimize the chances of arranging colors that differ so much close to one another. The EZStego tools are used mainly in gray-scale images. The method works fine in images with associated colors.
Apart from EZStego tools, LSB technique also uses the S-Tools. The S-Tools are different from the EZStego tools as the former require drastic palette changes (Luo, 2010). For the 24-bit images, altering the least significant bit of the pixels may result in new colors. The S-Tools facilitates minimization of the number of colors without affecting the quality of an image. Therefore, the S-Tools guarantee that changes in LSB do not affect the color values.
Masking and Filtering
Papapanagiotou, Kellinis, Marias, and Georgiadis (2007) allege that masking and filtering technique is useful in gray-scale and 24-bit images. The technique conceals messages by “marking an image in a manner similar to paper watermarks” (Papapanagiotou et al., 2007, p. 591). Watermarking systems are more incorporated into the picture.
Therefore, the system ensures that the quality of an image is not lost due to lossy compressions. Unlike traditional steganography that hides information, the masking and filtering technique conceals messages by extending the information and assuming a characteristic of the cover image.
Masking is more versatile than the least significant bit (LSB) insertion in terms of cropping, image processing, and compression. The masking and filtering technique entrenches information in crucial areas such that the concealed communication is more important to the cover image than just hiding it in the “noise” areas.
Transform Techniques
The transform techniques “embed the message by modulating coefficients in transform domain like discrete cosine transform (DCT) used in Joint Photographic Experts Group (JPEG)” (Qiao, Retraint, Cogranne, & Zitzmann, 2015, p. 15). The transform techniques help to retain the quality of an image after lossy compression or image processing. One of the transform techniques that are common in information security is Jpeg-Jsteg.
Qiao et al. (2015) argue that Jpeg-Jsteg “creates a JPEG stego-image from the input of a message to be hidden and lossless cover image” (p. 18). The autonomous JPEG group holds that the existing Joint Photographic Experts Group’s (JPEG’s) software has been altered to work with 1-bit steganography in JPEG File Interchange Format (JFIF) output files.
The files comprise lossy and nonlossy segments. The software uses a JPEG algorithm to coalesce the concealing images and message leading to the formation of JPEG stego-images. The DCT helps to compress the JPEG images. Apart from the discrete cosine transform, the communicating parties can use Wavelet Transform and Discrete Fourier Transform to process images (Qiao et al., 2015).
The techniques change other features of an image like brightness. The hidden information is distributed throughout the cover image using patchwork and other techniques. Wang, Wu, Tsai, and Hwang (2008) allege “Patchwork uses redundant pattern encoding or spread spectrum methods to scatter hidden information throughout the cover images” (p. 154).
These methods help to maintain the security of the hidden message during image transformation process like rotation or cropping. Besides, they conceal a message more comprehensively than through simple masking. Other transform techniques encrypt and distribute the hidden data all over an image.
Distributing the secret information makes it look like noise. Hence, it is hard for a third party to detect the message. Such techniques use a stego-key to secure information. Consequently, even if a third party manages to extract some bits of a concealed message, they can hardly decipher it without the stego-key and the algorithm. A good example of this steganographic technique is the White Noise Storm technique (Wang et al., 2008).
The method relies on frequency hopping and distribution range technology that spreads the data all through the image. Despite the ongoing developments in information security, steganography cannot substitute for cryptography. Instead, it ought to work as an addition to encryption (Wang et al., 2008).
Line Shift Coding
Line shift coding technique entails “moving various lines inside the document up or down by a small fraction according to the codebook” (Liu & Tsai, 2007, p. 27). The affected lines are hard to detect since the alteration is too diminutive. However, one can identify the lines using a computer by measuring the gaps between individual lines.
Line shift coding uses differential encoding techniques to hide information. The method ensures that the lines bordering the one being shifted remain untouched. The direction of the change is used to represent a single bit. When an entire document is put together, it is easy to entrench multiple bits, and thus be in a position to conceal a large data.
Word Shift Coding
According to Shirali-Shahreza and Shirali-Shahreza (2006), the principles of word shift coding technique are similar to those of the line shift coding. However, for the word shift procedure, the words are moved instead of lines. Additionally, the words are moved to the left or right but not up or down.
The word shift technique is also referred to as the justification of the document. The codebook instructs the encoder on the words to move as well as the direction of the movement. Again, the moved words are identified by measuring the gaps between individual words. Both the right and left shifts are assigned different bits.
Feature Coding
Feature coding technique is slightly different from word shift and line shift coding skills. The feature coding method uses a parser to evaluate a document. The parser generates a unique codebook for individual documents. Satir and Isik (2012) claim that the parser selects all the characteristics that it deems might help to conceal a message.
Feature coding technique uses different features to enforce security (Satir & Isik, 2012). They include the dots on top of individual letters like “i” and “j” and the height of certain letters. Besides, feature coding technique may be used together with line shift and word shift techniques to enhance security and augment the quantity of information that can be concealed.
Benefits of Steganography
The main advantage of steganography is that it is easy to relay a message clandestinely without the knowledge of a third party. Steganography allows parties to a communication to hide different types of files over any communication medium in a way that it is hard for unauthorized persons to detect or read the concealed data.
Such capabilities have numerous effects, both positive and negative, on the contemporary world. For instance, people can use steganography to relay sensitive and confidential information, therefore safeguarding their privacy (Castiglione, De Santis, & Soriente, 2007). Additionally, an organization may use steganography to preserve copyrighted property.
The present level of competition in the corporate world calls for the protection of business strategies. For an organization that uses the internet to communicate with employees, it might be hard to secure information from unauthorized persons. Nevertheless, the use of steganography can go a long way towards ensuring that employees share organizational policies in a safe manner.
Sumathi, Santanam and Umamaheswari (2014) claim that steganography can facilitate information warfare. A government may use steganography to relay sensitive information without the knowledge of the enemies in the event of a war. For instance, government spies may use steganography to inform their soldiers about the strategies that an enemy intends to use, therefore facilitating preemptive attacks.
Limitations of Steganography
Steganography has numerous limitations. One of the limitations is that the process involves momentous overhead to conceal a limited amount of data. One requires a lengthy text to hide a short text message (Rengarajan, Jiaohua, & Balaguru, 2012). Besides, it is hard to hide audio or image files in text records because of their sizes. The size of the medium used to conceal a message is a major limitation.
The principles of steganography dictate that a message must be hidden without changing the integrity of the medium used to protect the communication (Rengarajan et al., 2012). However, it is hard to conceal data without affecting the quality or nature of the concealing object. Another limitation of steganography is that it is prone to attacks (Rengarajan et al., 2012).
Once hackers detect a steganographic system, it becomes ineffective. Consequently, steganography does not guarantee the security of a message that is in transit. Thus, it is difficult for institutions or government agencies to transmit sensitive or classified information through steganography.
Rengarajan et al. (2012) allege that steganography acts as a suitable avenue for terrorists to perpetrate heinous acts or spread propaganda. The dynamic nature of the contemporary electronic networks makes it easy for terrorists to send messages without being detected. Today, people create new websites and discard them after use (Saha & Sharma, 2011). Besides, novel auctions are mushrooming on a daily basis.
All these offer tremendous opportunities for terrorists to create steganographic contents. According to Saha and Sharma (2011), a majority of the steganography detection mechanisms are numerical. They focus on the files that look suspicious. Thus, the terrorists take advantage of this loophole to perpetuate crimes.
The fact that paintings, photographs, graphics, and drawings have varied image features makes it hard for the existing detection techniques to identify the files that look suspicious (Sallee, 2005). Besides, criminals have identified new methods of circumventing detection. Today, criminals use distraction or diversion techniques to evade detection (Saha & Sharma, 2011).
The methods entail adding inconsequential data inside a single file. The inconsequential data serves numerous purposes. The criminals ensure that the data corresponds to a particular statistical profile. Thus, when a file is scrutinized, the detection software detects the insignificant data. Hence, the authorities do not discover the actual message.
Conclusion
Institutions and government agencies have been using steganography to relay classified information for security purposes. The growth in technology and the advent of the internet have resulted in tremendous changes in steganography. People no longer use steganography to send classified and concealed messages only.
Presently, numerous steganographic tools are accessible to the public. As long as people have access to the internet, they can use the available steganographic tools. Unlike in the past where people concealed information in the bellies of animals or tattooed it on scalps, technology has made it easy to embed a message in a text, image or even an audio file.
Indeed, people can transmit concealed data over a long distance without fearing that it might fall into the wrong hands. The growth of steganography has not come without merits and demerits. It has enabled people and organizations to safeguard copyrighted properties. Furthermore, government agencies can relay classified information without being detected.
The major drawback of steganography is that terrorists can use it to communicate and spread propaganda. The growth of technology has opened room for criminals to come up with diversion and distraction mechanisms. Therefore, they can evade the detection mechanisms that are put in place with ease.
The public should know that steganography is not the safest method of sending confidential information. Rather than relying on steganography alone, people should use it together with other security techniques like cryptography.
References
Castiglione, A., De Santis, A., & Soriente, C. (2007). Taking advantages of a disadvantage: Digital forensics and steganography using document metadata. Journal of Systems and Software, 80(5), 750-764.
Cheddad, A., Condell, J., Curran, K., & Kevitt, P. (2010). Digital image steganography: Survey and analysis of current methods. Signal Processing, 90(3), 727-752.
Cheong, S., Ling, H., & Teh, P. (2014). Secure encrypted steganography graphical password scheme for near field communication smartphone access control system. Expert Systems with Applications, 41(7), 3561-3568.
Chiew, K., & Pieprzyk, J. (2010). Binary image steganographic techniques classification based on multi-class steganalysis. Information Security, Practice and Experience, 6047(1), 341-358.
Fridrich, J., Goljan, M., & Hogea, D. (2012). New methodology for breaking steganographic techniques for JPEGs. Security and Watermarking of Multimedia Contents, 143(1), 83-97.
Hamid, N., Yahya, A., Ahmad, R., & Al-Qershi, O. (2012). Image steganography techniques: An Overview. International Journal of Computer Science and Security, 6(3), 168-187.
Hernandez-Castro, J., Blasco-Lopez, I., Estevez-Tapiador, J., & Ribagorda-Garnacho, A. (2006). Steganography in games: A general methodology and its application to the game of Go. Computers & Security, 25(1), 64-71.
Hmood, A., Jalab, H., Kasirun, Z., Zaidan, A., & Zaidan, B. (2010). On the capacity and security of steganography approaches: An overview. Journal of Applied Sciences, 10(16), 1825-1833.
Lin, C., & Tsai, W. (2008). Secret image sharing with steganography and authentication. Journal of Systems and Software, 73(3), 405-414.
Liu, T., & Tsai, W. (2007). A new steganographic method for data hiding in Microsoft Word documents by a change tracking technique. Information Forensic and Security, 2(1), 24-30.
Luo, W. (2010). Edge adaptive image steganography based on LSB matching revisited. Information Forensics and Security, 5(2), 201-214.
Papapanagiotou, K., Kellinis, E., Marias, G., & Georgiadis, P. (2007). Alternatives for multimedia messaging system steganography. Computational Intelligence and Security, 4(2), 589-596.
Qiao, T., Retraint, F., Cogranne, R., & Zitzmann, C. (2015). Steganalysis of JSteg algorithm using hypothesis testing theory. Journal of Information Security, 13(1), 14-23.
Rengarajan, A., Jiaohua, Q., & Balaguru, R. (2012). Random image steganography and steganalysis: Present status and future directions. Information Technology Journal, 11(5), 566-576.
Saha, B., & Sharma, S. (2011). Steganographic techniques for data hiding using digital images. Defence Science Journal, 62(1), 34-46.
Sallee, P. (2005). Model-based methods for steganography and steganalysis. International Journal of Image and Graphics, 5(1), 167-175.
Satir, E., & Isik, H. (2012). A compression-based text steganography method. Journal of Systems and Software, 85(10), 2385-2394.
Shirali-Shahreza, H., & Shirali-Shahreza, M. (2006). A new approach to Persian/Arabic text steganography. Computer and Information Science, 1(3), 310-315.
Sumathi, C., Santanam, T., & Umamaheswari, G. (2014). A study of various steganographic techniques used for information hiding. International Journal of Computer Science & Engineering Survey, 4(6), 745-761.
Wang, C., Wu, N., Tsai, C., & Hwang, M. (2008). A high-quality steganographic method with pixel-value differencing and modulus function. Journal of Systems and Software, 81(1), 150-158.