| ¡¡ | Chinese Journal of Computers Full Text |
| Title | Extracting Attack to LSB Steganography in Spatial Domain |
| Authors | ZHANG Wei-Ming1),2) LI Shi-Qu1) LIU Jiu-Fen1) |
| Address | 1) (Department of Information Research, Information Engineering Institute, Zhengzhou 450002) 2) (School of Communication and Information Engineering, Shanghai University, Shanghai 200072) |
| Year | 2007 |
| Issue | No.9(1625¡ª1631) |
| Abstract & Background | Abstract Many steganalysis techniques have been developed to detect the existence of hidden information. However, there are few approaches about how to extract the hidden information, i.e., extracting attack to steganography. For key-dependent steganography, extracting attack is equivalent to recovering the stego key. By combining detecting techniques in steganalysis and correlation attack in cryptanalysis, the authors propose a new method to recover the stego key of LSB steganography in spatial domain of images. Theoretic analysis is made for this method, which establishes that its complexity is mainly determined by the number of samples and the attack will fail when the embedding rate r tends to 0 or 1. The authors introduce an estimator for the minimum number of samples n based on a mixture Gaussian model. The experiments on the stego software "Hide and Seek 4.1" show that the proposed method can recover the stego key and extract the hidden message. If the length of messages L is not known, the attack can success for 5.3% keywords steganography; steganalysis; extracting attack; correlation attack; mixture distribution background This work is supported by the National Natural Science Foundation of China under grant No.60473022. The purpose of this project is to construct theoretic and technical bases for applications of steganalysis, which is important for developing surveillance system of images with hidden information on networks. Steganography is an important branch of information hiding, and it is about how to send secret message covertly. The attack on steganography, i.e. steganalysis, mainly considers detecting the existence of hidden message. There have been many reliable detecting methods for a variety of steganographic algorithms. How to extract the hidden message is a more difficult problem, which we call "extracting attacking", and is also referred as to forensic steganalysis because it is useful for forensic analysis. However, to the best of our knowledge, there are few literatures about extracting attack. In fact, steganalysis is a systemic work, which consists of several steps: (1) identification of suspicious objects, (2) determining the steganographic method or software in use, (3) searching for the stego key and extracting the embedded bit-stream, (4) deciphering the bit-stream if it is cipher-text. Step4 is cryptanalysis. The purpose of the authors¡¯ project is to solve the problems in Step1~3, and they have done many work on the Step1 and Step2, including some detecting methods on image steganography in spatial and DCT domain and a detecting system on stego software. Step3 is just the extracting attack which is the most difficult part in the project. The authors have constructed an information theoretic model for extracting attack. This paper proposes a new solution for Step3. The main idea is that recovering stego key is a special kind of cryptanalysis and it can be converted into a traditional cryptanalytic problem. Particularly, by combining detecting techniques in steganalysis and correlation attack in cryptanalysis, the authors propose a method to recover the stego key of LSB steganography in spatial domain of images. With this method, the message hidden by the stego software "Hide and Seek 4.1" is extracted successfully. |