Hui SONG,Xiang-wei KONG,Xin-gang YOU

2005-01-01

Tien Tzu Hsueh Pao/Acta Electronica Sinica

Abstract:Steganographic security is very important in information hiding. However, existing models of information hiding have many shortcomings in this field. Informed by redundancy of data space, this paper proposed a new method, called Coding Transition Diagram (CTD), to evaluate the security of the coding model of steganography. The method, which combines coding model and transition matrix, measures the security of coding models using statistics in data space. Based on the method, we introduced four rules to improve the security of coding model and proofed the existence of the coding model which fulfills the four rules in DCT space.

Chuanpeng Guo,Wei Yang,Liusheng Huang,Hongbing Zhan,Ying Tan

2020-01-01

Abstract:Current research on information hiding technology is constantly developing towards the diversification of carriers and the complexity of algorithms. But research on how to effectively combine diverse carriers and steganography algorithms to construct high-security, large-capacity and high-robust parallel algorithms is not sufficient. To deal with this challenge, we present a multi-dimensional information hiding model in the presence of a steganayst and give a formal definition of the model. Furthermore, we define in detail behavioral constraints of each participant in the model, and clarify the capabilities and possible risks of each participant in multi-dimensional information hiding communication. Finally, based on information theory and attacker detection theory, the quantitative evaluation of the security of multidimensional information hiding model is given. All in all, the model clearly describes the principle of multi-dimensional information hiding. At the same time, it can provide a certain theoretical basis for designing a specific multi-dimensional algorithm.

Hui Tian,Ke Zhou,Yongfeng Huang,Dan Feng,Jin Liu

DOI: https://doi.org/10.1109/icycs.2008.394

2008-01-01

Abstract:Steganography, as one of alternative techniques for secure communications, has drawn more and more attentions. This paper presents a covert communication model based on least significant bits (LSB) steganography in Voice over IP (VoIP). The model aims at providing nice security of secret messages and real-time performance that is vital for VoIP. Therefore, we employ a simple encryption of secret messages before embedding them. This encryption strikes a good balance between adequate short-term protection for secret messages and low latency for VoIP. Furthermore, we design a structure of embedded messages. It can provide flexible length and avoid effectually both extraction attack and deceptive attack. We evaluate the model with ITU-T G.729a as the codec of the cover speech in StegTalk, our platform for study on covert communications theory in VoIP. In this case, the proposed model can provide two optional covert transmission speeds, i.e. 0.8 kb/s and 2.6 kb/s, where the maximum payload ratio is 99.98%. The experimental results show that our method has negligible effects on speech quality and well meets the real-time requirement of VoIP.

Peng ZHOU,Yong-feng HUANG

DOI: https://doi.org/10.16208/j.issn1000-7024.2015.02.003

2015-01-01

Abstract:A steganographic model using HOOK mechanism to achieve instant communication speech stream for hiding carrier was presented.Two“HOOK”were hung in the sender,and the speech stream was collected as hiding carrier for real-time em-bedding and extracting,thus the interactive covert communication was realized.The Google talk software currently used was se-lected as the research obj ect,and the steganographic method based on iSAC codec used in Gtalk was focused on.Hiding algo-rithm based on LPC parameters was established.Experimental results show that the proposed model can be applied to instant communication software that being commonly used,and extends the application range of information hiding based on VoIP.The LPC parameters hiding algorithm has a good hiding rate and better practicability.

Hui Tian,Ke Zhou,Hong Jiang,Jin Liu,Yongfeng Huang,Dan Feng

DOI: https://doi.org/10.1109/icc.2009.5198737

2009-01-01

Abstract:Differing from applying steganography on storage cover media, steganography on voice over IP (VoIP) must often delicately balance between providing adequate security and maintaining low latency for real-time services. This paper presents a novel real-time steganography model for VoIP that aims at providing good security for secret messages without sacrificing real-time performance. We achieve this goal by employing the well-known least-significant-bits (LSB) substitution approach to provide a reasonable tradeoff between the adequate information hiding requirement (good security and sufficient capacity) and the low latency requirement for VoIP. Further, we incorporate the M-sequence technique to eliminate the correlation among secret messages to resist the statistical detection based on the fact that the distribution of the LSBs in the stego-speech is not uniform and to provide a short-term security protection of secret messages. To accurately recover secret messages at the receiver side, we design a synchronization mechanism based on the RSA key agreement and the synchronized sequence transmission using techniques of the protocol steganography, which can effectively enhance the flexibility of the covert communication system and be extended to other steganography schemes based on real-time systems. We evaluate the effectiveness of our model with ITU-T G.729a as the codec of the cover speech in StegTalk, a covert communication system based on VoIP. The experimental results demonstrate that our technique provides good security and transparency for transmitting secret messages while adequately meeting the real-time requirement of VoIP.

YongFeng Huang,ShanYu Tang

DOI: https://doi.org/10.1007/s11431-015-5955-4

2015-01-01

Science China Technological Sciences

Abstract:This paper presents a new spatial steganography model for covert communications over voice over internet protocol(Vo IP), providing a solution to the issue of increasing the capacity of covert Vo IP channels without compromising the imperceptibility of the channels. Drawing from Orthogonal Modulation Theory in communications, the model introduced two concepts, orthogonal data hiding features and data hiding vectors, to covert Vo IP communications. By taking into account the variation characteristics of Vo IP audio streams in the time domain, a hiding vector negotiation mechanism was suggested to achieve dynamic self-adaptive steganography in media streams. Experimental results on Vo IP steganography show that the proposed steganographic method effectively depicted the spatial and temporal characteristics of Vo IP audio streams, and enhanced robustness against detection of steganalysis tools, thereby improving the security of covert Vo IP communications.

Huang Yongfeng,Xiao Bo,Xiao Honghua

DOI: https://doi.org/10.1109/iih-msp.2008.174

2008-01-01

Abstract:With the development of Internet and multimedia technology, the information exchanged through Internet not only must be real-time, but also requires security and integrity. In this paper, a SIP (Session Initiation Protocol) UA (User Agent) that can dynamically embed some secret message into the speech carrier with good efficiency is implemented. The principle of the secret communication based on steganography technology over VoIP is introduced, and a new architecture of the software used to transmit the hidden information is proposed. Especially, we adopt a relatively new steganography algorithm, which is referred to as LSB matching method. In addition, an approach for avoiding the loss of secret data based on Redundant Audio Data is presented. Finally, we analyzed the performance of the implemented software.

Pengcheng Zhou,Zhengyang Fang,Zhongliang Yang,Zhili Zhou,Linna Zhou

2024-11-20

Abstract:In recent years, there has been an increasing number of information hiding techniques based on network streaming media, focusing on how to covertly and efficiently embed secret information into real-time transmitted network media signals to achieve concealed communication. The misuse of these techniques can lead to significant security risks, such as the spread of malicious code, commands, and viruses. Current steganalysis methods for network voice streams face two major challenges: efficient detection under low embedding rates and short duration conditions. These challenges arise because, with low embedding rates (e.g., as low as 10%) and short transmission durations (e.g., only 0.1 second), detection models struggle to acquire sufficiently rich sample features, making effective steganalysis difficult. To address these challenges, this paper introduces a Dual-View VoIP Steganalysis Framework (DVSF). The framework first randomly obfuscates parts of the native steganographic descriptors in VoIP stream segments, making the steganographic features of hard-to-detect samples more pronounced and easier to learn. It then captures fine-grained local features related to steganography, building on the global features of VoIP. Specially constructed VoIP segment triplets further adjust the feature distances within the model. Ultimately, this method effectively address the detection difficulty in VoIP. Extensive experiments demonstrate that our method significantly improves the accuracy of streaming voice steganalysis in these challenging detection scenarios, surpassing existing state-of-the-art methods and offering superior near-real-time performance.

Cryptography and Security,Machine Learning

Yong Feng Huang,Shanyu Tang,Wanxia Yang

2013-01-01

Abstract:Steganography in streaming media differs from steganography in images or audio files because of the continuous embedding process and the necessary synchronization of sender and receiver due to packet loss in streaming media. The conventional theoretical model for image steganography is not appropriate for explaining the security scenarios for streaming media based stegosystems. In this paper, we propose a new information-theoretical model with two pseudo-random sequences imitating the continuous embedding and synchronization characteristics of streaming media based stegosystems. We also discuss the statistical properties of Voice over Internet Protocol (VoIP) speech streams through theoretical analysis and experimental testing. The experimental results show the bit stream consisting of fixed codebook parameters in speech frames is similar in statistical characteristics to a white-noise sequence. The relative entropy between the VoIP speech stream and the embedded secret message has been found to be zero. This leads us to conclude that the proposed streaming media based stegosystem is secure against statistical detection; in other words, the statistical measures cannot detect the existence of the secret message embedded in VoIP speech streams.

Zhongliang Yang,Hao Yang,Ching-Chun Chang,Yongfeng Huang,Chin-Chen Chang

DOI: https://doi.org/10.1016/j.knosys.2021.107561

IF: 8.139

2022-01-01

Knowledge-Based Systems

Abstract:In recent years, covert communication technologies based on Voice over Internet Protocol (VoIP) have received more and more attention, which meanwhile poses a significant threat to the security of cyberspace. In this paper, we are chiefly concerned with improving the accuracy and efficiency of detection of covert communications, and we propose a real-time VoIP steganalysis model to tackle these issues. Multi-channel convolutional sliding windows (CSW) are developed to analyze the correlations between a given frame and its neighboring frames in a VoIP signal. Within each sliding window, we employ two feature extraction channels to extract correlation features from the input signal. Each channel is constructed of multiple convolutional layers having a large number of convolution kernels. The extracted features are then fed to a forward fully connected network for feature fusion. By analyzing the statistical distribution of these features, the discriminator will determine whether the input speech signal contains covert information or not. We designed several experiments to test the proposed model’s detection performance under various conditions, including different embedding rates, different speech lengths, etc. Experimental results show that the proposed model can efficiently and accurately detect steganographic voice streams, especially in the case of low embedding rates. In addition, further experiments demonstrate that the proposed model can attain nearly real-time detection of VoIP speech signals and achieve state-of-the-art performance.

Shanyu Tang,Qing Chen,Wei Zhang,Yongfeng Huang

DOI: https://doi.org/10.1002/sec.1183

IF: 1.968

2015-01-01

Security and Communication Networks

Abstract:Low bit-rate speech codec offers so many advantages over other codecs that it has become increasingly popular in audio communications such as mobile and Voice over Internet Protocol (VoIP) communications, and thus, researching steganography in low bit-rate speech codec is of important significance. In this study, we proposed a universal VoIP steganography model for low bit-rate speech codec that uses the PESQ deterioration rate and the decoding error to automatically choose a data-embedding algorithm for each VoIP bitstream, which enables ones to achieve covert communications using a low bit-rate speech codec efficiently and securely. Because no or little attention has been paid to steganography in Internet Speech Audio Codec, it was chosen as the test codec to verify the effectiveness, security, and practicability of the proposed steganography model. The experimental results show that, with the proposed steganography model, it achieved the average PESQ deterioration rate of 4.04% (less than 5%, indicating strong imperceptibility) and a high data-hiding capacity up to 12bits/frame (400bits/s, three times larger than other methods), and the proposed steganography model could effectively resist the latest steganalysis. Copyright (c) 2015 John Wiley & Sons, Ltd.

Cheng Zhang

DOI: https://doi.org/10.1145/3664647.3685646

2024-01-01

Abstract:Quantization index modulation (QIM) based VoIP steganography can conceal secret information in VoIP streams. Malicious users could use this technology to conduct illegal activities, threatening network and public security. Hence, practical steganalysis models that could detect QIM-based VoIP steganography are urged to be developed. In recent years, deep learning (DL) models have been investigated for this task, and exciting outcomes have been achieved. However, existing models are far from practical. Two major challenges are required to be addressed. First, there is still significant room for improvement in detection accuracy. Second, studies that balance the detection accuracy and response time are still insufficient. In this context, our main research topic fits in the QIM-based VoIP steganalysis theme, which aims to detect QIM-based steganography in VoIP streams in a fast and accurate manner.

Hui Tian,Ke Zhou,Hong Jiang,Yongfeng Huang,Jin Liu,Dan Feng

DOI: https://doi.org/10.1109/iscas.2009.5118414

2009-01-01

Abstract:This paper presents an adaptive steganography scheme for Voice over IP (VoIP). Differing from existing steganography techniques for VoIP, this scheme enhances the embedding transparency by taking into account the similarity between least significant bits (LSBs) and embedded messages. Moreover, we introduce the notion of partial similarity value (PSV). By properly setting the threshold PSV, we can adaptively balance the embedding transparency and capacity. We evaluate the effectiveness of this scheme with G.729a as the codec of the cover speech in StegTalk, a covert communication system based on VoIP. The experimental results demonstrate that our technique provides better performance than the traditional method.

Rui Miao,Yongfeng Huang

DOI: https://doi.org/10.1109/icc.2011.5962657

2011-01-01

Abstract:An effective covert communication system can be achieved based on steganography in stream media such as VoIP (Voice over IP), and the LSB-based (Least-Significant-Bit) methods are the most popular strategies. However, LSB embedding in the flat regions of the speech could inevitably bring about the perceptible distortion leading to the degradation of speech quality. Besides, LSB methods are vulnerable for manifold corresponding steganalysis like RS detection. This paper presents an adaptive steganography scheme that selects lower embedding bit rate in the flat segments, while the sharp segments can camouflage more secret message. Further, synchronous overflow judgment and the tradeoff between hiding requirement and speech quality are also taken into account to construct a practical covert communication system on G.711 VoIP. Extensive experiments showed that the proposed adaptive scheme outperformed the LSB and could evade RS steganalysis. This proposed scheme is efficient, simple and can be used in real-time VoIP network with high hiding capacity.

Weiming Zhang,Shiqu Li

DOI: https://doi.org/10.1007/978-3-540-24852-1_14

2004-01-01

Abstract:Different security measurements for a steganographic system, i.e. security (detectability), robustness and secrecy (difficulty of extraction) I are discussed in this paper. We propose a new measurement for the security of stegosystems using variational distance which can upper bound the advantage for passive attackers. It is proved that the hiding capacity, which is also the measurement for robustness, is limited by security. We think the extracting attack essentially is a kind of cryptanalysis and define the secrecy of stegosystems as an analogue of secrecy of cryptosystems. The relations of secrecy with capacity and security are analyzed in the terms of unicity distance. And it is shown that there is a tradeoff between secrecy and capacity while there is some kind of consistency between secrecy and security.

Y. Huang,S. Tang,C. Bao,Y. J. Yip

DOI: https://doi.org/10.1049/iet-ifs.2010.0032

2011-01-01

IET Information Security

Abstract:A network covert channel is a passage along which information leaks across the network in violation of security policy in a completely undetectable manner. This study reveals our findings in analysing the principle of G. 723.1 codec that there are 'unused' bits in G. 723.1 encoded audio frames, which can be used to embed secret messages. A novel steganalysis method that employs the second detection and regression analysis is suggested in this study. The proposed method can not only detect the hidden message embedded in a compressed voice over Internet protocol (VoIP) speech, but also accurately estimate the embedded message length. The method is based on the second statistics, that is, doing a second steganography (embedding information in a sampled speech at an embedding rate followed by embedding another information at a different level of data embedding) in order to estimate the hidden message length. Experimental results have proven the effectiveness of the steganalysis method for detecting the covert channel in the compressed VoIP speech.

Zhen Yang,Huaizhou Tao,Yongfeng Huang,Wanxia Yang

DOI: https://doi.org/10.2991/citcs.2012.267

2012-01-01

Abstract:Based on the three-layer model theory for steganography communication system, this paper designs a new steganography transmission protocol, to achieve a more effective frame structure, more reliable transmitting mechanism. Both text message dialogue and file transmission communication based on the proposed method are reliable while the performance is also corresponding improvement. The experimental results has proved theoretical prediction that the proposed protocol is able to achieve reliable and efficient steganography on VoIP network. Key Wordsprotocol, variable length coding, steganography, VoIP, Information hiding

Yao Shen,Liusheng Huang,Xiaorong Lu,Wei Yang

DOI: https://doi.org/10.1002/sec.1081

IF: 1.968

2015-01-01

Security and Communication Networks

Abstract:Covert channels are malicious conversations disguised in legitimate network communications, allowing information leak to the unauthorized or unknown receiver. Various network steganographic schemes that modify the header fields of transmission control protocol/Internet protocol (TCP/IP) have been proposed in recent years. People before conducted detection research based on the surface content of the header field and did not take into account the differences between the behavior characters of covert channels and the inherent behavior regularities of the header fields. Up to date, there is little comprehensive research on the steganalysis against the storage covert channels. In this paper, we focus on the detection of storage covert channels and introduce a novel comprehensive detection method based on the protocol behaviors. The protocol behavior characters are utilized to evaluate the regularities or correlations of header fields between adjacent packets according to the conventional use. First, the behavior features of the header fields in TCP/IP are extracted; a support vector machine is then applied to the behavior feature sets for discovering the existence of covert channels. Some recognized covert channel tools are detected in our detection experiment. Experimental results and discussion show that our detection method is of effectiveness. Copyright (c) 2014 John Wiley & Sons, Ltd.

Wojciech Mazurczyk,Luca Caviglione

DOI: https://doi.org/10.1109/comst.2014.2350994

2015-01-01

Abstract:By offering sophisticated services and centralizing a huge volume of personal data, modern smartphones changed the way we socialize, entertain and work. To this aim, they rely upon complex hardware/software frameworks leading to a number of vulnerabilities, attacks and hazards to profile individuals or gather sensitive information. However, the majority of works evaluating the security degree of smartphones neglects steganography, which can be mainly used to: i) exfiltrate confidential data via camouflage methods, and ii) conceal valuable or personal information into innocent looking carriers. Therefore, this paper surveys the state of the art of steganographic techniques for smartphones, with emphasis on methods developed over the period 2005 to the second quarter of 2014. The different approaches are grouped according to the portion of the device used to hide information, leading to three different covert channels, i.e., local, object and network. Also, it reviews the relevant approaches used to detect and mitigate steganographic attacks or threats. Lastly, it showcases the most popular software applications to embed secret data into carriers, as well as possible future directions.

computer science, information systems,telecommunications