Other Research Areas
|
Digital Forensics
Digital forensics involves the scientific study of digital media to identify, assess, recover, analyze and/or establish facts and opinions about the information. The field of information forensics falls within electrical and computer engineering and computer and information science research domains. The field, in part, emerged from the traditional steganography and covert communications research communities.
Steganography
Steganography is the process of hiding a secret message inside another message that masks the secret message. Steganography is often described in the context of the “Prisoner’s Problem.” Here, Alice and Bob are in prison. They can communicate to one another through the prison warden. They would like to communicate an escape plan. However, if the warden finds out they will be placed in solitary confinement. Therefore they intend to mask their secret escape plan in innocent-looking messages. They could do this by writing letters to one another whereby the real message is embedded in select locations. For example, the first, second or even last letter of each word contains the secret message. Given the proliferation of multimedia, more recently steganography has been applied to digital images and video. Video information provides an unprecedented bandwidth in which to hide content. Moreover, the hidden information in the digital media will undergo the same transformations as the media itself providing a platform in which to derive forensics evidence of data processing for tamper-assessment and authentication.
Steganography has been used historically. Consider the following real-life World War I Press Cables (from Washington DC to Germany). Can you find any hidden information in either one?
PRESIDENT’S EMBARGO RULING SHOULD HAVE IMMEDIATE NOTICE. GRAVE SITUATION AFFECTING INTERNATIONAL LAW. STATEMENT FORESHADOWS RUIN OF MANY NEUTRALS. YELLOW JOURNALS UNIFYING NATIONAL EXCITEMENT IMMENSELY. | APPARENTLY NEUTRAL’S PROTEST IS THOROUGHLY DISCOUNTED AND IGNORED. ISMAN HARD HIT. BLOCKADE ISSUE AFFECTS PRETEXT FOR EMBARGO ON BYPRODUCTS, EJECTING SUETS AND VEGETABLE OILS. |
Take the first letter of each word: “Pershing Sales from NY June 1.” |
Take the second letter of each word: “Pershing Sales from NY June 1.” |
Steganalysis
The purpose of steganalysis is to detect the presence of steganography within innocuous-looking media such as digital images or video. Steganalysis is an art of covert signal detection in which the signal in question has been embedded within another, often more prominent, signal using steganography. In the classical Prisoner’s Problem, the warden would take the role of a steganalyst. A steganalyst may be passive (in which only the presence or characteristics of a hidden message is to be detected) or active (in which, the warden can not only look to detect steganography, but make modifications to the innocent-looking message — e.g., replace words with synonyms — to reduce the likelihood of successful steganography).
Passive stegananalysis within digital images and video often makes use of statistical information and pattern recognition approaches to identify hidden information. Active steganalysis makes use of signal processing approaches that modify the content imperceptibly and may make use of mathematical models of human psychology.
Covert Communications
Covert communications is communications through an unintended and/or unauthorized communications path. Typically, use of the covert communication channel violates one or more security policies. There are several classes of covert communications: computer-oriented, such that vulnerabilities in software and operating systems are leveraged, network-enabled, which exploits format the structure of protocols and algorithms for networked communications, and media-based in which information is hidden by taking advantage of the limited range of human perception.
Typical characteristics of covert communications include that the associated communication links are not designed for data exchange, the process employs entities not intended to be data-carrying objects for information transfer, and they are facilitated via system resources shared by source and destination parties. There are typically two classical types of covert channels: timing channels and storage channels. In covert timing channels, the start-time or duration of a process is used to communicate information to recipient parties who can observe such resources. In covert storage channels, modulation of storage resources such as disk space and media files to embed information later retrieved by recipient parties.
Research
Our research in digital forensics spans may areas including digital video steganalysis, tamper-assessment and authentication, covert communications and image steganography/data hiding.
Related Publications
Towards Preventative Steganalysis in Wireless Visual Sensor Networks Journal Article International Journal on Multimedia Technology, 2 (3), pp. 55-61, 2013. |
Defenses Against Covert-Communications in Multimedia and Sensor Networks PhD Thesis Texas A&M University, 2012. |
“Visual Sensor Network Processing and Preventative Steganalysis," in Visual Information Processing in Wireless Sensor Networks Book Chapter L.-M. Ang; K.P. Seng (Ed.): pp. 340-357, IGI Global, 2011, ISBN: 9781613501535. |
Preventative Steganalysis in Wireless Visual Sensor Networks: Challenges and Solutions Inproceedings Proc. IEEE International Conference on Multimedia and Expo (ICME), pp. 1692-1695, Barcelona, Spain, 2011. |
Secure Semi-Fragile Watermarking for Image Authentication Inproceedings Proc. First IEEE International Workshop on Information Forensics and Security (WIFS), pp. 141-145, London, UK, 2009. |
Towards Digital Video Steganalysis using Asymptotic Memoryless Detection Inproceedings Proc. ACM Multimedia and Security (MMSec) Workshop, pp. 161-168, Dallas, Texas, 2007. |
Digital Video Steganalysis Exploiting Statistical Visibility in the Temporal Domain Journal Article IEEE Transactions on Information Forensics and Security, 1 (4), pp. 502-516, 2006. |
Steganalysis of Video Sequences using Collusion Sensitivity 2005. |
Denial of Service Attacks: Path Reconstruction for IP Traceback using Adjusted Probabilistic Packet Marking 2004. |
Digital Video Steganalysis Exploiting Collusion Sensitivity Inproceedings Edward M. Carapezza (Ed.): Proc. SPIE Sensors, Command, Control, Communications, and Intelligence (C3I) Technologies for Homeland Security and Homeland Defense, pp. 210-221, Orlando, Florida, 2004. |
Dual Domain Watermarking for Authentication and Compression of Cultural Heritage Images Journal Article IEEE Transactions on Image Processing, 13 (3), pp. 430-448, 2004. |
A Steganographic Framework for Dual Authentication and Compression of High Resolution Imagery Inproceedings Proc. IEEE International Symposium on Circuits and Systems (ISCAS), pp. 1-4, Vancouver, Canada, 2004. |
Dual Domain Semi-Fragile Watermarking for Image Authentication 2003. |
Practical Internet Steganography: Data Hiding in IP Inproceedings Proc. Texas Workshop on Security of Information Systems, College Station, Texas, 2003. |
Practical Data Hiding in TCP/IP Inproceedings Proc. Workshop on Multimedia Security at ACM Multimedia '02, Juan Les Pins, France, 2002. |
Covert Channel Analysis and Data Hiding in TCP/IP 2002. |
Hiding Based Compression for Improved Color Image Coding Inproceedings E. J. Delp III; P. W. Wong (Ed.): Proc. SPIE Security and Watermarking of Multimedia Contents IV, pp. 230-239, San Jose, California, 2002. |
Implications for High Capacity Data Hiding in the Presence of Lossy Compression Inproceedings Proc. IEEE International Conference on Information Technology: Coding and Computing (ITCC), pp. 16-21, Las Vegas, Nevada, 2000. |
Digital Watermarking for Telltale Tamper-Proofing and Authentication Journal Article Proceedings of the IEEE Special Issue on Identification and Protection of Multimedia Information, 87 (7), pp. 1167-1180, 1999. |
Towards a Telltale Watermarking Technique for Tamper-Proofing Inproceedings Proc. IEEE International Conference on Image Processing (ICIP), pp. 409-413, 1998. |