Detecting Hidden Information in Images: A

Detecting Hidden Information in Images: A Comparative Study Yanming Di, Huan Liu, Avinash Ramineni, and Arunabha Sen Department of Computer Science and Engineering Arizona State University, Tempe, AZ 85287 yanming.di, huan.liu, avinash.ramineni, arunabha.sen @asu.edu


Abstract During the process of information hiding in a cover image, LSB-based steganographic techniques like JSteg change the statistical properties of the cover image. Accordingly, such information hiding techniques are vulnerable to statistical attack. The understanding of steganalysis methods and their effects can help in designing methods and algorithms preserving data privacy. In this paper, we compare some steganalysis methods for attacking LSB-based steganographic techniques (logistic regression, the tree-based method C4.5, and a popular method Stegdetect). Experimental results show that the first two methods, especially the logistic regression method, are able to detect hidden information with high accuracy. We also study the relationship between the number of attributes (the frequencies of quantized DCT coefficients) and the performance of a classifier.

1. Introduction The last few years have seen a significant rise in interest among the computer security researchers in the science of steganography. Steganography [8, 9] is the art of hiding and transmitting data through apparently innocuous carriers in an effort to conceal the existence of the secret data. The term steganography in Greek means covered writing whereas cryptography means secret writing. Steganography is different from cryptography in that while the goal of a cryptographic system is to conceal the content of the messages, the goal of information hiding or steganography is to conceal their existence. Steganography in essence camouflages a message to hide its existence and make it seem invisible thus concealing the fact that a message is being carried altogether. Steganography provides a plausible deniability to the secret communication which cryptography 

Yanming Di can also be reached at yanming [email protected].



does not provide. Covert information is not necessarily secure and secure information is not necessarily covert. The goal of cryptography is the secure transfer of the secret message where as the goal of steganography is to make sure the transfer of a secret message is undetectable. The understanding of steganalysis methods and their effects can help in designing methods and algorithms preserving data privacy. With the increase of the digital content (and distribution of multimedia data) on the Internet, steganography has become a topic of growing interest. A number of programs for embedding hidden messages in images and audio files are available [18]. Most of these steganographic methods modify the redundant bits in the cover medium (carrier) to hide the secret messages. Redundant bits are those bits that can be modified without degrading the quality of the cover medium. Replacing these redundant bits with message bits creates stego medium. The modification of the redundant bits can change the statistical properties of the cover medium. As a result statistical analysis may reveal the presence of hidden content. Detecting the steganographic content is called steganalysis [7]. It is defined as the art and science of breaking the security of steganographic systems. As the goal of steganography is to conceal the existence of a secret message, a successful attack on a steganographic system consists of detecting that a certain file contains hidden information in it. Detection of steganographic modifications in an image can be made possible by testing its statistical properties. If the statistical properties deviate from a given norm it can be identified as a stego image. In this paper we present two new methods for steganalysis. We try to attack the steganographic tool JSteg and attempt to break it with higher accuracy. There have been many attempts at breaking JSteg but the accuracy is not really high. In this paper we present two novel methods of breaking JSteg which can further be extended to other tools like JPhide and Outguess [18]. The rest of the paper is organized as follows. Section 2 introduces JSteg steganographic method, the idea of the sta-

tistical attack, and some related work. Section 3 presents two new methods for attacking LSB-based steganographic methods. We also discuss how the knowledge of the distribution of the DCT coefficients can help in building our models. Section 4 reports results of our experiments of comparing the two new methods with the popular program Stegdetect [16]. Section 5 shows that careful model selection is needed to achieve high accuracy when using data mining and statistical methods for steganalysis. Section 6 concludes the paper.

2. Histogram Analysis The JPEG image format [15] uses a discrete cosine transblock of source imform (DCT) to transform each age pixels into DCT coefficients. The DCT coefficients of an block of image pixels are given by

 



  





  

     ! #"%& $ & $   /.  ')(+* ,-(!* 0-132 5467  8 :9 0-132 ;43 where

and

 #?AB C@ D  4 for EGFH  for JIKFL

NMPOQF  RL)LRL/ TSU=L

V 

 XWY

[Z 1 ]\+^J"  

  L V >

if the message bits are equally distributed, modifying the least significant bits will reduce the difference in frequency of the PoVs, which would otherwise be unequal with very high probability. This equalization can be detected by appropriate statistical tests. Based on this idea, Provos and Honeyman [16] carried out an extensive analysis of JPEG images using the steganalytic software Stegdetect. Stegdetect is based on Chi-square test. It is able to detect messages hidden in a JPEG image using steganography software such as JSteg, JPHide or OutGuess 0.13. However the Chi-square test used in [16] does not produce results with very high accuracy. In this paper, we will demonstrate that the histogram information can be used more efficiently by using logistic regression or a decision tree method, C4.5 [17]. Similar work in this area is reported by Berg et al. [1], Farid [4] and Zhang and Ping [22]. Berg et al. [1] used statistical learning methods in steganalysis. The attributes used in their learning procedure are unconditional entropy, conditional entropies and transition probabilities. Farid [4] built higher order statistical models of the images using a type of wavelet decomposition. Zhang and Ping [22] proposed an attack on the JSteg method based on a different Chi-square test. [5] is a very good survey on the state of art of the steganalysis.

3





3. Classification Methods

3

The coefficients are then quantized using a -element quantization table by the following operations:

The least-significant bits (LSB) of those quantized DCT coefficients can be used to embed hidden messages. JSteg hides data in JPEG image files by changing the LSB bits of the quantized DCT coefficients. It replaces the LSB bits of the quantized DCT coefficients with secret message bits. Other similar steganography methods include JPHide and OutGuess 0.13. Steganographic techniques like JSteg that modify the LSB bits can be detected by analyzing the frequencies of the quantized DCT coefficient values. Modifying the least significant bits transforms one value into another that differs only by 1. These pairs of values are called PoVs in [19]. They introduced a powerful statistical attack that can be applied to any steganographic technique in which a fixed set of PoVs are flipped into each other during the process of embedding message bits. The insight of their statistical attack is based on the observation that

To distinguish between the images with and without hidden data can naturally be viewed as a classification problem. We refer to the classes as stego and normal. We use a set of images as the training data to construct classifiers. When a classification algorithm is run on a data set (stego and normal images), it needs to find a boundary between the two classes and create a model. Given a set of images, the model learned can be used to predict the class to which each image belongs to. Here we propose to apply two classification methods to detecting hidden messages in JPEG images, the logistic regression method and the tree-based method C4.5. We discuss next the attributes to be used in the statistical models.

3.1. Predicting Variables As discussed earlier, LSB-based steganography techniques such as JSteg insert information into images by replacing the LSB of the quantized DCT coefficients with the secret text. This changes the frequency of the quantized DCT coefficient values. Therefore, the frequencies of quantized DCT coefficient values are natural candidates for predicting variables to be used in the statistical models. However, for JPEG images, the DCT coefficients can have a



F

4





3.2. Logistic Regression Logistic models are widely used in statistical applications where binary responses (two classes) occur. In our case, an image is either stego or normal. We can assume that the probability  of an image being stego is a function of some image characteristics (a vector). For example, can be the frequencies of the quantized DCT coefficient values. In the case of two classes, the logistic model has a very simple form. The probability function  is modeled by

Z]





Z] Z  7  7  7%.R.). 7+!    *     Z   where  ’s are the components of the vector . The model  parameters  ’s are usually estimated   '  by maximum likelihood. Note that the function func ' is a monotone %' $ tion and as such its inverse function '& !#" )' $ guarantees Z# !(" that the values of  are between 0 and 1. More details on logistic regression can be found in [6]. We use the S-PLUS [2] function glm [12] to estimate the probability function  . As mentioned in the previ-

Z]

1400 200

400

600

h -2

800

1000

1200

3 3 3 3 2 2 3 32 3 3 3 2 2 2 3 11 1 2 1 1 1 2 2 3 33 3 1 12 3 1 3 22 1 33 3 2 2 3 3332 2 32 2 1 11 23 1 3333 21 2 1 2 3 3 1 1 3 33 3333333 3 2 3 1 2 3 33 333 3 33 32 2 2 1 1 2 2 3 33 33 3333 33 3333 33 222 2 1 2 12 1 33 333 3 3322 222 1 2 1 1 3 333 333 32 1 2 22212 221 1 3 3 33 33 23 222222221 222 22 33 3 3 333 3 11111 1 1 22222 3 3 333 3 22 2122111111 11 333 3 333 33 2 222 212 2 1 1 3 3333333 1 1111 1 1 1 33 3 22 22 3 33 3 33 2 2 1 1 1 11 11 1 2222222 2111 1 333 333 3 332 2 1 211 11 3 3333333 333 22 22222 2221 2 1 11 1 1 333 3 223 222 2 1 22221 2 2211 1 3333 3 22 22 222222112 2 2 1 1 21 1111 111 12 111 33 322 2 2222 222 21112 1 1 1 1 1 3 3 1 1 11 1 1 1 1 1 1111 1 111 11 2 222 1 33 1 1 2 1 2 1 2 1 222 1 1111 1 1 1 1 2 222222221 1 11 12 1 111 1 1 3 1 1 1 11 1 1 111 11 1 1 21 1 1

0

wide range of values. Using the frequencies of all these values to build a model is not practical. More importantly, using more variables than needed may introduce several problems. For a regression model, it may lead to ill-conditioned matrices and unstable estimate of the model parameters. In general, adding attributes that are not really important into a statistical model is like adding noise to the model, thereby degrading the performance of the model. Therefore careful model selection is very important. Research shows for normal images, the distribution of the DCT coefficients can be approximately modeled as a Laplacian or a generalized Gaussian distribution [3, 14, 10]. These models on the distribution of the DCT coefficients suggest that the frequencies of DCT coefficients with small values are more unevenly distributed. For example, the difference between the frequency of value and value is generally greater than that between value and value . So the DCT coefficient values with small magnitude are more sensitive to information inserted using a JSteg-like method. (See Figure 2 in [16] for histograms of the DCT coefficients before and after messages are inserted into a JPEG image using JSteg-like method). We use
 to denote the frequency of the DCT coefficient with value  , i.e., the number of DCT coefficients that take the value  . In this study, we use the central six frequencies
 ,
 ,
 ,
  ,
 and
 to build our models. We do not use the frequencies of the values and , since the JSteg method does not modify DCT coefficients with these values. Our experiments demonstrate (results presented in Section 5) that the use of more variables does not improve the performance of the models.

0

1000

2000

3000

h -1

4

Figure 1. The frequencies of the quantized DCT coefficients having values  and  . Black dots are for the normal JPEG images; Symbols 1, 2 and 3 are for stego images with 20, 100 and 200 bytes hidden messages respectively.

X



ous subsection, we use the frequencies
 ,
 ,
 ,
  ,
 and
* as predicting variables. Addition of more variables increases the complexity of the model but does not necessarily guarantee higher accuracy. In fact, we show in Section 5, in some instances, accuracy can actually deteriorate. We include only linear terms of the variables in the model. This is based on the following argument. Take the pair
 and
 for example. A plot of these pairs is shown in Figure 1. The plot suggests that in a normal JPEG image, the frequency of the DCT coefficients having a  value is almost always higher than the ones with a value  . This is true because the distribution of each individual DCT coefficients tends to have a mode in the center (see [3, 14, 10] for modeling of the DCT coefficients). If we have a very large image with large number of DCT coefficients, this trend should also hold for other coefficient value pairs. However, for small size images, occasionally this trend may not be seen. As the image sizes in our experi#+ + ments was rather small, , we chose the frequencies
 ,
 ,
 ,
  ,
and
as predicting varialbes in the statistical models, because the trend seem to be correct in this case. This important piece of extra information is not utilized by any known steganalysis method. An implication of this observation is that linear logistic models should work well in detecting JSteg-like steganographic techniques. The above discussion also suggests that the methods presented in this paper should work better for larger images. Compared with a Chi-square test, logistic regression is

X 4

4 
4 

more refined. Logistic regression has many advantages,

0.5 0.4 0.1

0.2

3. It is flexible. We can adjust one simple parameter in the model to meet different accuracy needs.

0.3

error rates

Z]

2. It is easy to interpret. We can actually derive a closed form expression for the probability function  .

0.6

1. It is fast. Logistic regression is implemented efficiently in almost all the professional statistical package, such as SPLUS and SAS.

0.0

3.3. Tree based Method

logistic

Tree based methods can also be used. We present a tree based model, C4.5 [17], to fit a tree structure to the training data. C4.5 builds classification models called decision trees from the training data. Each internal node in the tree specifies a binary test on a single attribute, using thresholds on numeric attributes. If as a result of tests conducted at internal nodes, an image ends up in a leaf node where majority of the images are stego, it is classified as a stego image; otherwise it is classified as a normal image. The tree is constructed by the following procedure: 1. Choose the best attribute for splitting the data into 2 groups at the root node. 2. Determine a splitting point by maximizing some specified criterion (say, information gain). 3. Recursively carry out the first two steps until information gained by the process cannot be improved any further. Information gained by splits can be used as the criterion for determining the attributes and the splitting points. Once the tree is constructed it can be used for classifying the test data. Tree based methods can be more flexible than logistic regression. It makes less assumptions about the data, so can be generalized to other situations more easily. One disadvantage of the tree based method is that the decision regions for classifications are constrained to be hyper-rectangles with boundaries constrained to be parallel to the input variable axes. As in the case of logistic model, the training data in this case also consist of the frequencies of quantized DCT coefficient values
 ,
 ,
 ,
 ,
 and
* of images, as attributes or predicting variables. We use the data mining tool WEKA [20] to run the C4.5 algorithm on the training data.

4. Experiments and Results We have a data set of 180 normal JPEG images. The images are downloaded from the Internet. All the images

tree

stegdetect logistic

tree

stegdetect logistic

tree

stegdetect

Figure 2. Boxplots of the error rates. The left three bars are error rates for experiment 1, the middle three are for experiment 2, and the right three are for experiment 3. Smaller values are better.

4+ 
#4 +   FF

43F

4FF

have been cropped to in size. We used the JSteg method to insert bytes, bytes, and bytes of text messages into the images. The JPEG image sizes range from to kilobytes. According to the author of JSteg, the maximum size of the message that can be inserted in
a cover image is approximately of the size of the image file. For some image files, this limit is only 200 bytes. The secret message used in our experiments for insertion in cover images was taken from Gutenberg’s Etext of Shakespeare’s First Folio. We use 10-fold validation to compare the three steganalysis methods, the logistic regression, the tree-based method C4.5, and the Stegdetect method. In each of our experiments, we take the original 180 JPEG images, and one , group of 180 images with embedded text messages. and bytes of texts were embedded in cover images in our experiments 1, 2 and 3 respectively. The 10-fold validation results are summarized in Tables 1, 2, 3, and Figure 2. From the results, we can see that the logistic regression method performs better than the other two methods in all three experiments. The tree-based method C4.5 performs better than the Stegdetect method in experiment 1. The performance of the latter two methods is similar in experiment 2. While in experiment 3 both methods fail to perform better than random guess. The performance of the logistic regression method is noteworthy. When byte messages are embedded in the images, the mean error rate is  for this method. This implies even when only bytes of message is embedded, the logistic regression method is able to perform better than

4

F

F

 F=F

43FF

4F

43F

43F

FL 3

Table 1. Error rates for the logistic regression, the tree-based method C4.5 and the Stegdetect method in experiment 1 (in the stego images, 200 bytes of text message is embedded using JSteg). Mean and standard deviation of the error rates are shown in the bottom of the table. run 1 2 3 4 5 6 7 8 9 10 mean stdev

logistic 0.000000 0.000000 0.027778 0.000000 0.000000 0.000000 0.027778 0.000000 0.000000 0.000000 0.005556 0.011712

tree 0.055556 0.055556 0.083333 0.055556 0.000000 0.027778 0.194444 0.027778 0.027778 0.027778 0.055556 0.053990

stegdetect 0.194444 0.305556 0.111111 0.250000 0.111111 0.194444 0.166667 0.222222 0.111111 0.277778 0.194444 0.070516

Table 2. Error rates for the logistic regression, the tree-based method C4.5 and the Stegdetect method in experiment 2 (in the stego images, 100 bytes text message is embedded using JSteg). Mean and standard deviation of the error rates for each method are shown in the bottom of the table. run 1 2 3 4 5 6 7 8 9 10 mean stdev

logistic 0.055556 0.083333 0.111111 0.055556 0.055556 0.000000 0.083333 0.055556 0.083333 0.000000 0.058333 0.035741

tree 0.227778 0.202222 0.202222 0.138889 0.222222 0.194444 0.444444 0.166667 0.305556 0.083333 0.218778 0.098394

stegdetect 0.194444 0.250000 0.166667 0.250000 0.194444 0.138889 0.250000 0.222222 0.250000 0.333333 0.225000 0.054700

Table 3. Error rates for the logistic regression, the tree-based method C4.5 and the Stegdetect method in experiment 3 (in the stego images, 20 bytes text message is embedded using JSteg). Mean and standard deviation of the error rates for each method are shown in the bottom of the table. run 1 2 3 4 5 6 7 8 9 10 mean stdev

logistic 0.388889 0.305556 0.444444 0.500000 0.388889 0.388889 0.333333 0.416667 0.444444 0.333333 0.394444 0.059720

tree 0.527778 0.555556 0.555556 0.611111 0.527778 0.583333 0.416667 0.583333 0.507778 0.611111 0.548000 0.057986

stegdetect 0.555556 0.527778 0.472222 0.416667 0.444444 0.305556 0.638889 0.555556 0.500000 0.555556 0.497222 0.093008

random guess whereas the other two methods perform no better than random guess. In the tree-based method the boundaries of the decision regions are constrained to be parallel to the input variable axes. However, it may be observed in Figure 1, the true boundary in terms of the attributes of the normal and the stego images is not parallel to the input variable axes. For this reason the performance of the treebased method is not as good as that of logistic regression. Our chosen methods do not rely on the knowledge of the locations where the information is hidden. As such they can be effectively utilized to break similar LSB-based methods that use random bit selection, e.g., OutGuess 0.13.

5. On the number of predicting variables We indicated in Section 3 that the use of excessive variables may not lead to better results. We illustrate this phenomenon with the help of results from our experiments. In Figure 3, we present the results of our experiments where a varying number of predicting variables (2, 4, 6,...,20) were used instead of just 6 (
 ,
 ,
 ,
 ,
 and
* ). The estimation error rates for logistic regression method using 2, 4, 6, ..., 20 variables (10-fold cross validation) are summarized in Figure 3. The figure indicates that using only the center two frequencies
 and
 , it may not be possible to capture all the information in the data. Increasing the number of variables to or improves the accuracy. However, the use of more than variables does





Error rates 0.25 0.50

2

4

6

8

10

12

14

16

18

20

14

16

18

20

14

16

18

20

Number of variables used

Error rates 0.0 0.20

(a)

2

4

6

8

10

12

Number of variables used

Error rates 0.0 0.04

(b)

2

4

6

8

10

12

Number of variables used (c)

Figure 3. Comparison of logistic models with different number of predicting variables. The sizes of hidden messages in the stego images are 20, 100 and 200 bytes in figures (a), (b) and (c) respectively.

not improve the accuracy but causes slightly larger variance in the estimation error rates. We observe similar trends in the tree-based methods. In our experiments, therefore, we use a model with predicting variables. More sophisticated feature selection algorithms can be found in the literature [6, 11, 13, 21]. We intend to explore if applying these feature selection algorithms can lead to further performance improvement.



6. Conclusion LSB-based steganographic techniques like JSteg change the statistical properties of the cover image when it embeds secret message in the image. Accordingly, such methods are vulnerable to statistical attack. Previous methods such as Stegdetect are based on Chi-square test. The accuracy of Stegdetect can be improved. When the size of the hidden message is small, it performs no better than random guess. In this paper we have proposed two new steganalysis methods based on the logistic regression and the tree-based method C4.5 for attacking LSB-based steganographic techniques. We conducted experiments to evaluate the performance of the two data mining techniques and compared them with the performance of the well known method Stegdetect. The experiments demonstrated that the performance of the logistic regression based technique is very impressive. When large amount of information is hidden, it can detect with very high accuracy. Even when the amount of hidden information is very small, it performs better than random guess.

The tree-based method C4.5 outperforms Stegdetect in the experiment where a relatively large amount of information is hidden. However, it does not perform well when the amount of hidden information is small. We suggest that one reason for C4.5 not performing as well as the logistic regression is that it tends to produce boundaries that are parallel to the input variable axes, which in this case may not be appropriate. We also pointed out that the number of attributes used in classification can be related to a classifier’s performance. Many present steganalysis methods do not consider this as a serious problem. Hence they tend to use all attributes that are related. However using more variables than needed does not necessarily lead to good performance and may even significantly degrade the performance of a statistical learning model. When selecting the predicting variables for our model, we take the distribution of the DCT coefficients into consideration. The understanding of steganalysis methods and their effects can help in designing methods and algorithms preserving data privacy. Our experiments were carried out to break methods like JSteg that are employed to hide information. Our methods do not rely on the placement of the hidden information. Therefore they can be used without any modification on LSB based steganographic techniques that use random bit selection.

7. Acknowledgements The authors would like to thank Sidi Goutam and Amit Mandvikar for their help in this project. The authors also wish to thank the reviewers for their helpful comments in the preparation of this manuscript.

References [1] G. Berg, I. Davidson, M.-Y. Duan, and G. Paul. Searching for hidden messages: automatic detection of steganography. In 15th AAAI Innovative Applications of Artifical Intelligence (IAAI) Conference 2003, 2003. [2] J. M. Chambers and T. Hastie, editors. Statistical models in S. London: Chapman & Hall, 1991. [3] R. J. Clarke. Transform Coding of Images. London: Academic Press, 1985. [4] H. Farid. Detecting hidden messages using higher-order statistical models. In International Conference on Image Processing (ICIP), Rochester, NY, 2002, 2002. [5] J. Fridrich and M. Goljan. Practical steganalysis of digital images - state of the art. In Proc. SPIE Photonics West, Vol. 4675, Electronic Imaging 2002, Security and Watermarking of Multimedia Contents, San Jose, California, January, 2002, pp. 1-13., 2002. [6] T. Hastie, R. Tibshirani, and J. H. Friedman. The elements of statistical learning: data mining, inference, and predic-

[7]

[8] [9]

[10]

[11]

[12] [13] [14]

[15]

[16] [17] [18] [19] [20]

[21]

[22]

tion: with 200 full-color illustrations. New York: SpringerVerlag, 2001. N. F. Johnson and S. Jajodia. Steganalysis of images created using current steganography software. In D. Aucsmith, editor, Information Hiding: Second International Workshop, volume 1525 of Lecture Notes in Computer Science, pages 273–289. Springer-Verlag, Berlin, Germany, 1998. D. Kahn. The Codebreakers – The Story of Secret Writing. Scribner, New York, New York, U.S.A., 1996. D. Kahn. The history of steganography. In R. J. Anderson, editor, Information Hiding, First International Workshop, volume 1174 of Lecture Notes in Computer Science, pages 1–5. Springer-Verlag, Berlin, Germany, 1996. E. Y. Lam and J. W. Goodman. A mathematical analysis of the DCT coefficient distributions for images. IEEE Transactions on Image Processing, 9(10):1661–1666, 2000. H. Liu and H. Motoda. Feature Selection for Knowledge Discovery & Data Mining. Boston: Kluwer Academic Publishers, 1998. P. McCullagh and J. A. Nelder. Generalized linear models (Second edition). London: Chapman & Hall, 1989. A. Miller. Subset Selection in Regression. Chapman & Hall/CRC, 2 edition, 2002. F. M¨uller. Distribution shape of two-dimensional DCT coefficients of natural images. ELECTRONICS LETTERS, 29(22):1935–1936, 1993. W. B. Pennebaker and J. L. Mitchell. JPEG Still Image Data Compression Standard. Van Nostrand Reinhold, New York, NY, USA, 1993. N. Provos and P. Honeyman. Detecting steganography content on the Internet. Technical report, CITI, 2001. J. R. Quinlan. C4.5: Programs for Machine Learning. Morgan Kaufmann, 1993. Steganography software. www.stegoarchive.com, 19972003. A. Westfeld and A. Pfitzmann. Attacks on steganography systesms, 1999. I. Witten and E. Frank. Data Mining - Practical Machine Learning Tools and Techniques with JAVA Implementations. Morgan Kaufmann Publishers, 2000. L. Yu and H. Liu. Feature selection for high-dimensional data: A fast correlation-based filter solution. In T. Fawcett and N. Mishra, editors, Proceedings of the 20th International Conference on Machine Learning (ICML-03), August 21-24, 2003, pages 856–863, Washington, D.C., 2003. Morgan Kaufmann. T. Zhang and X. Ping. A fast and effective steganalytic technique against JSteg-like algorithms. In ACM Symposium on Applied Computing, March 9 to 12, 2003, Florida, USA, 2003.