Other Research Areas

Digital Forensics

Digital forensics involves the scientific study of digital media to identify, assess, recover, analyze and/or establish facts and opinions about the information. The field of information forensics falls within electrical and computer engineering and computer and information science research domains. The field, in part, emerged from the traditional steganography and covert communications research communities.

Steganography

Steganography is the process of hiding a secret message inside another message that masks the secret message. Steganography is often described in the context of the “Prisoner’s Problem.” Here, Alice and Bob are in prison. They can communicate to one another through the prison warden. They would like to communicate an escape plan. However, if the warden finds out they will be placed in solitary confinement. Therefore they intend to mask their secret escape plan in innocent-looking messages. They could do this by writing letters to one another whereby the real message is embedded in select locations. For example, the first, second or even last letter of each word contains the secret message. Given the proliferation of multimedia, more recently steganography has been applied to digital images and video. Video information provides an unprecedented bandwidth in which to hide content. Moreover, the hidden information in the digital media will undergo the same transformations as the media itself providing a platform in which to derive forensics evidence of data processing for tamper-assessment and authentication.

Steganography has been used historically. Consider the following real-life World War I Press Cables (from Washington DC to Germany). Can you find any hidden information in either one?

PRESIDENT’S EMBARGO RULING SHOULD HAVE IMMEDIATE NOTICE. GRAVE SITUATION AFFECTING INTERNATIONAL LAW. STATEMENT FORESHADOWS RUIN OF MANY NEUTRALS. YELLOW JOURNALS UNIFYING NATIONAL EXCITEMENT IMMENSELY.	APPARENTLY NEUTRAL’S PROTEST IS THOROUGHLY DISCOUNTED AND IGNORED. ISMAN HARD HIT. BLOCKADE ISSUE AFFECTS PRETEXT FOR EMBARGO ON BYPRODUCTS, EJECTING SUETS AND VEGETABLE OILS.
(Click here to see hidden information.) Take the first letter of each word: “Pershing Sales from NY June 1.”	(Click here to see hidden information.) Take the second letter of each word: “Pershing Sales from NY June 1.”

Steganalysis

The purpose of steganalysis is to detect the presence of steganography within innocuous-looking media such as digital images or video. Steganalysis is an art of covert signal detection in which the signal in question has been embedded within another, often more prominent, signal using steganography. In the classical Prisoner’s Problem, the warden would take the role of a steganalyst. A steganalyst may be passive (in which only the presence or characteristics of a hidden message is to be detected) or active (in which, the warden can not only look to detect steganography, but make modifications to the innocent-looking message — e.g., replace words with synonyms — to reduce the likelihood of successful steganography).

Passive stegananalysis within digital images and video often makes use of statistical information and pattern recognition approaches to identify hidden information. Active steganalysis makes use of signal processing approaches that modify the content imperceptibly and may make use of mathematical models of human psychology.

Covert Communications

Covert communications is communications through an unintended and/or unauthorized communications path. Typically, use of the covert communication channel violates one or more security policies. There are several classes of covert communications: computer-oriented, such that vulnerabilities in software and operating systems are leveraged, network-enabled, which exploits format the structure of protocols and algorithms for networked communications, and media-based in which information is hidden by taking advantage of the limited range of human perception.

Typical characteristics of covert communications include that the associated communication links are not designed for data exchange, the process employs entities not intended to be data-carrying objects for information transfer, and they are facilitated via system resources shared by source and destination parties. There are typically two classical types of covert channels: timing channels and storage channels. In covert timing channels, the start-time or duration of a process is used to communicate information to recipient parties who can observe such resources. In covert storage channels, modulation of storage resources such as disk space and media files to embed information later retrieved by recipient parties.

Research

Our research in digital forensics spans may areas including digital video steganalysis, tamper-assessment and authentication, covert communications and image steganography/data hiding.

Related Publications

Julien Jainsky; Deepa Kundur

Towards Preventative Steganalysis in Wireless Visual Sensor Networks Journal Article

International Journal on Multimedia Technology, 2 (3), pp. 55-61, 2013.

BibTeX | Links:

Julien Sebastien Jainsky

Defenses Against Covert-Communications in Multimedia and Sensor Networks PhD Thesis

Texas A&M University, 2012.

Abstract | BibTeX

@phdthesis{JaiPhDThesis12,
title = {Defenses Against Covert-Communications in Multimedia and Sensor Networks},
author = {Julien Sebastien Jainsky},
year = {2012},
date = {2012-12-01},
address = {College Station, TX},
school = {Texas A&M University},
abstract = {Steganography and covert-communications represent a great and real threat today more than ever due to the evolution of modern communications. This doctoral work proposes defenses against such covert-communication techniques in two threatening but underdeveloped domains. Indeed, this work focuses on the novel problem of visual sensor network steganalysis but also proposes one of the first solutions against video steganography. The first part of the thesis looks at covert-communications in videos. The contribution of this study resides in the combination of image processing using motion vector interpolation and non-traditional detection theory to obtain better results in identifying the presence of embedded messages in videos compared to what existing still-image steganalytic solutions would offer. The proposed algorithm called MoViSteg utilizes the specifics of video, as a whole and not as a series of images, to decide on the occurrence of steganography. Contrary to other solutions, MoViSteg is a video-specific algorithm, and not a repetitive still-image steganalysis, and allows for detection of embedding in partially corrupted sequences.

This thesis also lays the foundation for the novel study of visual sensor network steganalysis. We develop three different steganalytic solutions to the problem of covert communications in visual sensor networks. Because of the inadequacy of the existing steganalytic solutions present in the current research literature, we introduce the novel concept of preventative steganalysis, which aims at discouraging potential steganographic attacks. We propose a set of solutions with active and passive warden scenarii using the material made available by the network. To quantify the efficiency of
the preventative steganalysis, a new measure for evaluating the risk of steganography is proposed: the embedding potential which relies on the uncertainty of the image’s pixel values prone to corruption.},
type = {Ph.D. Thesis},
keywords = {},
pubstate = {published},
tppubtype = {phdthesis}
}

J.S. Jainsky; D. Kundur

“Visual Sensor Network Processing and Preventative Steganalysis," in Visual Information Processing in Wireless Sensor Networks Book Chapter

L.-M. Ang; K.P. Seng (Ed.): pp. 340-357, IGI Global, 2011, ISBN: 9781613501535.

BibTeX | Links:

J. S. Jainsky; D. Kundur

Preventative Steganalysis in Wireless Visual Sensor Networks: Challenges and Solutions Inproceedings

Proc. IEEE International Conference on Multimedia and Expo (ICME), pp. 1692-1695, Barcelona, Spain, 2011.

BibTeX | Links:

C. Fei; R. Kwong; D. Kundur

Secure Semi-Fragile Watermarking for Image Authentication Inproceedings

Proc. First IEEE International Workshop on Information Forensics and Security (WIFS), pp. 141-145, London, UK, 2009.

BibTeX | Links:

J. S. Jainsky; D. Kundur; D. R. Halverson

Towards Digital Video Steganalysis using Asymptotic Memoryless Detection Inproceedings

Proc. ACM Multimedia and Security (MMSec) Workshop, pp. 161-168, Dallas, Texas, 2007.

BibTeX | Links:

U. Budhia; D. Kundur; T. Zourntos

Digital Video Steganalysis Exploiting Statistical Visibility in the Temporal Domain Journal Article

IEEE Transactions on Information Forensics and Security, 1 (4), pp. 502-516, 2006.

BibTeX | Links:

Udit Budhia

Steganalysis of Video Sequences using Collusion Sensitivity

2005.

Abstract | BibTeX

Raghav Dube

Denial of Service Attacks: Path Reconstruction for IP Traceback using Adjusted Probabilistic Packet Marking

2004.

Abstract | BibTeX

U. Budhia; D. Kundur

Digital Video Steganalysis Exploiting Collusion Sensitivity Inproceedings

Edward M. Carapezza (Ed.): Proc. SPIE Sensors, Command, Control, Communications, and Intelligence (C3I) Technologies for Homeland Security and Homeland Defense, pp. 210-221, Orlando, Florida, 2004.

BibTeX | Links:

Y. Zhao; P. Campisi; D. Kundur

Dual Domain Watermarking for Authentication and Compression of Cultural Heritage Images Journal Article

IEEE Transactions on Image Processing, 13 (3), pp. 430-448, 2004.

BibTeX | Links:

D. Kundur; Y. Zhao; P. Campisi

A Steganographic Framework for Dual Authentication and Compression of High Resolution Imagery Inproceedings

Proc. IEEE International Symposium on Circuits and Systems (ISCAS), pp. 1-4, Vancouver, Canada, 2004.

BibTeX | Links:

Yang Zhao

Dual Domain Semi-Fragile Watermarking for Image Authentication

2003.

Abstract | BibTeX

D. Kundur; K. Ahsan

Practical Internet Steganography: Data Hiding in IP Inproceedings

Proc. Texas Workshop on Security of Information Systems, College Station, Texas, 2003.

BibTeX | Links:

K. Ahsan; D. Kundur

Practical Data Hiding in TCP/IP Inproceedings

Proc. Workshop on Multimedia Security at ACM Multimedia '02, Juan Les Pins, France, 2002.

BibTeX | Links:

Kamran Ahsan

Covert Channel Analysis and Data Hiding in TCP/IP

2002.

Abstract | BibTeX

P. Campisi; D. Kundur; D. Hatzinakos; A. Neri

Hiding Based Compression for Improved Color Image Coding Inproceedings

E. J. Delp III; P. W. Wong (Ed.): Proc. SPIE Security and Watermarking of Multimedia Contents IV, pp. 230-239, San Jose, California, 2002.

BibTeX | Links:

D. Kundur

Implications for High Capacity Data Hiding in the Presence of Lossy Compression Inproceedings

Proc. IEEE International Conference on Information Technology: Coding and Computing (ITCC), pp. 16-21, Las Vegas, Nevada, 2000.

BibTeX | Links:

D. Kundur; D. Hatzinakos

Digital Watermarking for Telltale Tamper-Proofing and Authentication Journal Article

Proceedings of the IEEE Special Issue on Identification and Protection of Multimedia Information, 87 (7), pp. 1167-1180, 1999.

BibTeX | Links:

D. Kundur; D. Hatzinakos

Towards a Telltale Watermarking Technique for Tamper-Proofing Inproceedings

Proc. IEEE International Conference on Image Processing (ICIP), pp. 409-413, 1998.

BibTeX | Links: