Team Number: 022
School Name: Bosque School
Area of Science: Computer Science
Project Title: "Waiter! There's a message in my soup!"
On July 17, 2002, Salon.com published an article stating that the USA TODAY article was far-fetched, as eBay was contacted neither by the author of the article nor by the FBI. Following the article, eBay was searched, but no such hidden messages were found. The Salon.com article also said, however, that just because such files remain undetected, doesn't mean that they don't exist; perhaps the terrorists' steganography technology is greater than our detection technology. As such, the fear of terrorist steganography is quite valid; it is nearly impossible to detect, often encrypted, and steganography tools are very easy to obtain via the Internet. So what is to be done about the threat of terror groups using steganography?
The solution to this problem is to create a computer program that is capable of detecting and decoding an image that has been hidden steganographically -- a process known as steganalysis. Unfortunately, such a project is very expensive and time consuming. Another problem is that such messages are often encoded with cryptography, making deciphering the message much harder. Because of the impracticality of this method, our project focuses on the problem from a different angle. The aim of our project is to write a computer program that can scrub an image of the hidden information without degrading its visible quality. This is a better approach because it removes the necessity of detecting the information within the file beforehand. When our program wipes the file, it will effectively destroy the hidden file, also eliminating the need to decrypt it. This, too, has some negative aspects -- such as making the hidden information irretrievable by those who would decrypt it -- but the advantages of ruining such attempts at covert communication far outweigh the drawbacks.
Progress to Date:
Since the Glorieta Kick-off Conference, we have been continuing to research our topic -- steganography, steganalysis, watermarks, etc. -- and have chosen an image type to study. Initially, we had chosen to use BMP image types, but we decided to use the GIF file type because it's very popular on the Internet and is much simpler to manipulate. We have also obtained access to the New Mexico Tech Computer Science Steganography Database, a database of various images that have things hidden in them by steganographic means. Additionally, we have chosen a steganography program to use with our program, because different steganography programs may encode messages differently. The program, The Third Eye, is a freeware steganography program that can be downloaded from the Internet. We first wrote a program that compares the RGB values in the pixels of two apparently identical images. The second program, the more complex of the two, is capable of clearing infected bits from an image based on the bits chosen by an algorithm. This program has a basic algorithm that predicts where steganographically-changed bits will occur. This program currently works for unencrypted data. The visible quality following the cleaning of the images is negligible. Our next step is to refine the algorithm to use steganalysis making it capable of clearing bits more intelligently, based on certain factors.
We expect to have a program that will sort through a series of pictures, predict the existence of hidden data, and delete the data from the picture without degrading the image quality. The program will act like a virus scanner for pictures, automatically deleting hidden information as it is found. This process will completely remove the need to detect steganography beforehand, significantly cutting the processing time. Additionally, we will expand our program to work for file formats as well as for different steganography programs.
Johnson, Neil F., Zoran Duric, and Sushil Jajodia. Information Hiding, Steganography and Watermarking- Attacks and Countermeasures. Boston: Kluwer Academic Publishers, 2001.
Kallen, Ian, and Eric Perlman. "Common Internet File Formats." 19 Dec. 1995. 21 Sep. 2002. http://www.matisse.net/files/formats.html
Kuhn, Markus. "Steganography." 3 Jul. 1995. IKS. 21 Sep. 2002. http://www.iks-jena.de/mitarb/lutz/security/stegano.html
Manjoo, Farhad. "The Case of the Missing Code." 17 Jul. 2002. Salon.com. 21 Sep. 2002. http://www.salon.com/tech/feature/2002/07/17/steganography/
McCullagh, Declan. "Bin Laden: Steganography Master?" 7 Feb. 2001. Wired News. 21 Sep. 2002. http://www.wired.com/news/politics/0,1283,41658,00.html
Petitcolas, Fabien A. P. "The Information Hiding Homepage: Digital Watermarking & Steganography." 17 Jun. 2002. 21 Sep. 2002. http://www.cl.cam.ac.uk/~fapp2/steganography/
Provos, Niels. "Steganography Press Information." Center for Information Technology Integration. 4 Jan. 2002. U of Michigan. 21 Sep. 2002. http://www.citi.umich.edu/u/provos/stego/faq.html
Stafan Katzenbeisser, Fabien A. P. Pettitcolas, eds. Information Hiding Techniques for Steganography and Digital Watermarking. Massachusetts: Artech House, 2000.
"Steganography: The Science of Hiding Information." Detroit Now Internet Advisor. 20 Jun. 2002. WJR, Detroit. 21 Sep. 2002. http://www.internetadvisor.net/week6-20-02.html
Wayner, Peter. Disappearing Cryptography, Information Hiding: Stenganography & Watermarking 2nd ed. San Diego: Morgan Kaufmann Publisher, 2000.