Download

File

Chen_iastate_0097E_19232.pdf (2.07 MB)

Date

2020-12

Authors

Chen, Wenhao

Major Professor

Advisor

Newman, Jennifer

Guan, Yong

Kamal, Ahmed

Le, Wei

Qiao, Daji

Committee Member

Journal Title

Journal ISSN

Volume Title

Publisher

Abstract

Steganography is gaining popularity in recent years due to its strength in covert communication and information hiding. Image steganography apps in particular, has been steadily growing thanks to the processing power of modern smartphones that makes steganography easy to use for regular users. Although steganography is not malicious by nature, it can be a dangerous tool when used for illicit purposes such as malware, industrial espionage, or terrorist communications. Therefore it is important for digital forensics practitioners to have tools that can detect real world steganography apps and the stego images produced by such apps. However, large gap exists between academic research and practical forensics applications as existing research in steganography and malware detection has not paid attention to real world steganography apps. In this work, we aim to fill the gap by studying real world Android stego apps and developing detection methods against them. Through a preliminary study, we find that it is feasible to reverse engineer real world stego apps and use the knowledge to improve existing stego detection methods. We conduct a large scale study on the existing Android stego apps available on Google Play Store, Github, and F-Droid repositories, and discover unique embedding characteristics and algorithms that are not seen in existing academic research. Using our stego app collection, we create the first mobile stego image benchmark database which greatly improves the effectiveness of existing machine learning steganalysis methods. We propose a signature-based stego image detection method which can be highly efficient and effective in utilizing the knowledge gained from reverse engineering Android stego apps. Lastly, we develop a behavior-based stego app detection framework that can effectively detect stego apps that implement common embedding algorithms.

Series Number

Journal Issue

Is Version Of

Versions

Series

Academic or Administrative Unit

Department of Electrical and Computer Engineering

Type

dissertation

Comments

Rights Statement

Copyright

Funding

Subject Categories

Computer engineering

Keywords

Android, digital forensics, steganalysis, steganography

DOI

Permanent Link

https://dr.lib.iastate.edu/handle/20.500.12876/PrMBXNXz

Supplemental Resources

Source

Collections

Theses and Dissertations