What are the techniques of Steganalysis?

Information SecuritySafe & SecurityData Structure

Steganalysis is the technology that tries to defeat steganography by detecting the hidden data and extracting or destroying it. Steganalysis is the procedure of detecting steganography by viewing at variances between bit patterns and unusually high file sizes. It is the art of finding and rendering meaningless covert messages.

The main objective of steganalysis is to recognize suspected data streams, determine whether or not they have hidden messages encoded into them, and, if applicable, recover the hidden data.

Steganalysis generally begins with several suspect data streams but uncertainty whether any of these include hidden message.

The steganalyst starts by decreasing the group of suspect data streams to a subset of most likely altered data streams. This is generally completed with statistical analysis using advanced statistics techniques.

There are various techniques of steganalysis which are as follows −

Unusual patterns − Unusual patterns in a stego image are incredulous. For instance, there are some disk analysis service that can filter hidden data in unused division in storage devices.

Filters can also be used to recognize TCP/IP packets that include hidden or invalid information in the packet headers. TCP/IP packets can be used to transport data across the Internet have unutilized or reserved area in the packet headers.

Visual detection − Analyzing repetitive patterns can reveal the recognition of a steganography tool or hidden data. It can be examined these patterns as the method is to analyze the initial cover image with the stego image and detectable differences. This is known as known-carrier attack.

By comparing several images it is possible that patterns appear as signatures to a steganography tool. There are another visual clue to the presence of hidden data is padding or cropping of an image.

With some stego tools if an image does not suitable into a fixed size it is cropped or padded with black spaces. There can also be a difference in the file size among the stego-image and the cover image.

Another indicator is a large increase or decrease in the number of specific colors, or colors in a palette which enhance incrementally instead of randomly.

Tools to detect Steganography − The disabling or elimination of hidden data in images is based on the image processing approach. For instance, with LSB methods of inserting information, simply compressing the image using lossy compression is adequate to disable or delete the hidden message.

There are several available steganographic detection tools including Encase by Guidance Software Inc., ILook Investigator by Electronic Crimes Program, Washington DC, several MD5 hashing service, etc.

There are several image steganography tools use least significant bit (LSB) modification to hide data. In low resolution images with 8 bit color, the modification of LSB can generate a noticeable change in the color palette creating it possible to identify hidden content.

Updated on 14-Mar-2022 07:09:48