Understand Steganalysis is the process of discovering the existence of the hidden information within a cover medium. Steganalysis is the reverse process of steganography. It is one of the attacks on information security in which an attacker, called steganalyst, tries to detect the hidden messages embedded in images, text, audio, and video carrier mediums using steganography. It determines the encoded hidden message, and if possible, it recovers that message. It can detect the message by looking at variances between bit patterns and unusually large file sizes.
Steganalysis contains two aspects: the detection and distortion of messages. In the detection phase, the analyst observes the relationships between the steganography tools, stego-media, cover, and message. In the distortion phase, the analyst either manipulates the stego-media to extract the embedded message or removes it altogether. The first step in steganalysis is to discover a suspicious image that may be harboring a message. This is an attack on the hidden information.
Related Product : Computer Hacking Forensic Investigator | CHFI
There are two other types of attack against steganography: message and chosen-message attacks. In the former, the steganalyst has a known hidden message in the corresponding stego-image. The steganalyst determines patterns that arise from hiding the message and detecting this message. The steganalyst creates a message using a known stego tool and analyzes the differences in patterns. In a chosen-message attack, the attacker creates steganography media using the known message and steganography tool (or algorithm).
Cover images disclose more visual clues than stego-images. It is necessary to analyze the stegoimages to identify the concealed information. The gap between cover image and stego-image file size is the simplest signature. Many signatures are evident using some of the color schemes of the cover image.
Once detected, an attacker can destroy a stego-image or modify the hidden messages. It is very important to understand the overall structure of the technology and methods to detect the hidden information for uncovering the activities.
Steganalysis Methods/Attacks on Steganography
Steganographic attacks work according to the type of information available to perform steganalysis. This information may include the hidden message, carrier (cover) medium, stegoobject, steganography tools, or algorithms used to hide information. Thus, steganalysis is classified into six types: stego-only, known-stego, known-message, known-cover, chosen-message, and chosen-stego.
- Stego-only attack: In a stego-only attack, the steganalyst or the attacker does not have access to any information except the stego-medium or stego-object. In this attack, the staganalyst needs to try every possible steganography algorithms and related attacks to recover the hidden information.
- Known-stego attack: This attack allows attacker to know the steganographic algorithm as well as original and stego-object. The attacker can extract the hidden information with the information at hand.
- Known-message attack: The known-message attack presumes that the message and the stego-medium are available. Using this attack, one can detect the technique used to hide the message.
- Known-cover attack: Attackers use the known-cover attack when they have knowledge of both the stego-object and the original cover-medium. This will enable a comparison between both the mediums in order to detect the changes in the format of the medium and find the hidden message.
- Chosen-message attack: The steganalyst uses known message to generate a stego-object by using some steganography tool in order to find the steganography algorithm used to hide the information. The goal in this attack is to determine patterns in the stego-object that may point to the use of specific steganography tools or algorithms.
- Chosen-stego attack: The chosen-stego attack takes place when the steganalyst knows both the stego-object and steganographic tool or algorithm used to hide the message.
Also Read : Anti-Forensics Techniques: Steganography
Questions related to this topic
- How would you detect the presence of steganography?
- What are the three types of active attacks?
- What are different types of security attacks?
- What are the challenges of Steganalysis?
This Blog Article is posted by
Infosavvy, 2nd Floor, Sai Niketan, Chandavalkar Road Opp. Gora Gandhi Hotel, Above Jumbo King, beside Speakwell Institute, Borivali West, Mumbai, Maharashtra 400092
Contact us – www.info-savvy.com