A Response to the Threat of Stegware

Thumbnail Image
Supplemental Files
Date
2021-02-01
Authors
Martin, Abby
Lin, Li
Chen, Wenhao
Pierre, Seth
Guan, Yong
Newman, Jennifer
Major Professor
Advisor
Committee Member
Journal Title
Journal ISSN
Volume Title
Publisher
Authors
Research Projects
Organizational Units
Organizational Unit
Center for Statistics and Applications in Forensic Evidence
The Center for Statistics and Applications in Forensic Evidence (CSAFE) carries out research on the scientific foundations of forensic methods, develops novel statistical methods and transfers knowledge and technological innovations to the forensic science community. We collaborate with more than 80 researchers and across six universities to drive solutions to support our forensic community partners with accessible tools, open-source databases and educational opportunities.
Organizational Unit
Electrical and Computer Engineering

The Department of Electrical and Computer Engineering (ECpE) contains two focuses. The focus on Electrical Engineering teaches students in the fields of control systems, electromagnetics and non-destructive evaluation, microelectronics, electric power & energy systems, and the like. The Computer Engineering focus teaches in the fields of software systems, embedded systems, networking, information security, computer architecture, etc.

History
The Department of Electrical Engineering was formed in 1909 from the division of the Department of Physics and Electrical Engineering. In 1985 its name changed to Department of Electrical Engineering and Computer Engineering. In 1995 it became the Department of Electrical and Computer Engineering.

Dates of Existence
1909-present

Historical Names

  • Department of Electrical Engineering (1909-1985)
  • Department of Electrical Engineering and Computer Engineering (1985-1995)

Related Units

Organizational Unit
Mathematics
Welcome to the exciting world of mathematics at Iowa State University. From cracking codes to modeling the spread of diseases, our program offers something for everyone. With a wide range of courses and research opportunities, you will have the chance to delve deep into the world of mathematics and discover your own unique talents and interests. Whether you dream of working for a top tech company, teaching at a prestigious university, or pursuing cutting-edge research, join us and discover the limitless potential of mathematics at Iowa State University!
Journal Issue
Is Version Of
Versions
Series
Abstract

Stegware refers to software, programs or apps that allow insertion of malware into a digital file, such as an image or video, using steganography techniques. Although it has been in action for around 15 years, “steganography” and “stegware” have recently just attracted the attention of law enforcement agencies as the use of stegware appears to be rising [1]. This technique has been used for international economic espionage [2], tracking of photos shared by users on social media platforms [3], and industrial and governmental espionage by hacker groups using PNG images to hide malicious code [4]. The war between the stegware and steganalysis tools is a typical cat-and-mouse game. Although many up-todate steganalysis tools claim their abilities to prevent steganography by utilizing the most advanced detection algorithms from the academic worlds, such as [5], these tools focus mainly on one or two embedding algorithms and lack support to detect a wide range of stego objects. The capability of these current tools to prevent a stegware attack has never been tested. In this research, we collect more than 70 stego apps and image steganography software and 10 of the most popular steganalysis tools. We propose a strategy to defend real-world attacks from stegware by combining functions from on-line steganalysis tools and algorithms from recent academic discoveries. We believe this will significantly increase the chance of identifying the threat from stegware by identifying files that have the potential to contain malicious code. Our team is working to develop a prototype of such a comprehensive steganalysis tool that provides user-friendly software for non-experts such digital evidence practitioners. We also summarized the characteristics of the code for many stego apps by reverse engineering and program analysis. The coding characteristics reflect their core embedding algorithms and encryption techniques, allowing us to classify the intent of the app as stegware even before installing it on a mobile phone. Our automatic tool to analyze app code can detect most Android stego apps that implement common spatial domain and frequency domain embedding algorithms with more than 95% accuracy. To our knowledge, this is the first study to evaluate the performance of most recent steganalysis tools in detecting a large set of stegware. The results will provide valuable guidance to the forensic communities to develop more powerful steg analyzers

Comments

Posted with permission of CSAFE.

Description
Keywords
Citation
DOI
Source
Copyright
Fri Jan 01 00:00:00 UTC 2021