Slashdot Mirror
USAF Wants To Find Steganographic Content
Bud Higgins writes "The U.S. Air Force has posted a Small Business Technology Transfer Program (STTR) solicitation in which they seek proposals for the automated detection of steganographic content. They seek an application that should run both unobtrusively in the background and in a manual mode, and provide the user the capability to scan all email attachments, downloaded materials and accessed files with an appropriate steganalysis algorithm, reporting any abnormal results (i.e. the presence of steganography). I personally don't think that is feasible, but maybe a good programmer can prove me wrong. A link to the solicitation AF04-T008 can be found here. For those who are not familiar with the SBIR/STTR program, it provides up to $850k for 3 years of research." This sounds very similar to what Niels Provos did over a several-year period at University of Michigan's CITI and released under a free license. I hope the USAF doesn't spend too much of my money without considering extending that research.
Those of you paranoid enough will probably chime in with something along the lines of "Yeah, but Echelon probably has something like this built-in already!". Anyway, isn't the point of steganography to hide information in such a way that you *cannot reliably* tell whether the information was there in the first place?
I'm not sure what they're looking for here; perhaps a better steganography algorithm?
Maybe statistical analysis can determine if a given image or other medium is possibly hiding information. But if that information is encrypted, doesn't it look like random data without the key? Without knowing the key or even the cipher used to encrypt it... how can it be shown to actually be information? "That's just random noise/corruption in my images your honor... I dont know what your talking about"
Uh, sure, the "this is supposed to be random noise" trick will work about as long as the average spam-filter-avoidance trick lasts.
"The enemy is sending out an abnormally large amount of random noise data. Must just be having microphone trouble. Nothing to see here."
Roger that.
No +1, cause I've been drinking...
Terrorists can attack freedom, but only Congress can destroy it.
Take off the tinfoil hat, dude. Checking all pics on the net for steganographic info is virtually impossible - just too much info to sort through in a reasonable time frame.
They likley want this to scan documents leaving thier internal network in an attempt to catch people who are sending out sensitive or secret info. To me this looks like the USAF is plugging a leak, not going on the hunt.
Soko
"Depression is merely anger without enthusiasm." - Anonymous
But I had a this little idea. Suppose we "pollute" normal images with random data with say 1% redundancy. What I mean is, whenever you create an image you take some random data and steganographically embed it in the image. Write a gimp plugin or something so that the process is transparent and automatic. Your file only becomes 1% bigger, so its no big deal. Not everyone needs to do this, just sufficiently many people so that the vast majority of the positives of stego detection systems are going to be false positives. As long as the message is encrypted before embedding, it is provably impossible to tell a genuine stego image from a false positive, assuming that the underlying encryption isn't broken. So you get a secure stegosystem with 1% efficiency "for free".
[dons tinfoil hat]
We'd all better soon start doing something like this, given where governments are going.
The "solution" can be implemented with the current laws and regulations, and I think the programmer is only a small part to make this system work. A lot of enforcement authorities have to come together and the current evidence suggests that they will come together. Of course, it is a moot point that by the time they figure this out, people would have learned to hide data in other creative ways - the eternal cat-and-rat game ...
Consider this
If Adobe (and others) could be forced to include in their code methods to detect currencies Slashdot | Photoshop CS Adds Banknote Image Detection, Blocking? and not disclose it till they were caught by some vigilant users, what makes us so smug that other major companies with "closed" software are not already in-bed-with-the-feds ? So, it is conceivable that the automatic detection may be going on and we wouldn't be any wiser.
See the Adobe example of how such "spyware" can be forced to run "unobtrusively."
Major Email providers like Yahoo and Hotmail already provide automatic scanning for virus, AOL is including automatic scanning for spyware, MicroTrend (?) already has Online Virus Scanning of your Hard Drive (!), and so under the threat of the Patriot Act (and it's ilk) many of these companies can be forced to scan everything that goes in and out of their systems.
This is the key. Now the threshold for "abnormal" has been reduced so much (almanac carriers as potential terrorists, CAPPS passenger detection based on names and 15 flights were cancelled last month based on this, anti-war protestors as possible terrorists and hence being tailed by the Feds etc.) that the problem of false alarms no longer dogs the current administration and law enforcement agencies.
This is the crux. When the error threshold is reduced so much that the high rates of error are no longer problematic, then any solution (whether efficient or not) can be implemented. Who cares whether it works well or not. Till now the false alarms were the things that stopped such 1984-ish like scenarios from unfolding. Once you accept high errors, and accept even high collatoral damage as the price of doing "business," you can have a solution to almost anything implemented - whether it deserves to be implemented or not is a whole different issue. But who cares? You got nothing to hide - Right?
To see a world in a grain of sand, and then to step back and see the beach where the sand lies
It is easy to 'steganohide' content in uncompressed noisy files like tiff or wav. But that content gets destroyed by lossfull compression which is mainly used by multimedia formats (jpeg, mpeg, divx, mpg3, ...). If not, it's called a watermark, but (un)fortunately nobody found a watermark algorithm yet which is robust against lossfull codecs and adding some more noise.
So You have to steganohide Your content after compressing. But compressed files have much less noise, and that noise is not random noise but has statistical quirks. If You just hide Your content as white noise and add it to the file - thats detectable, because it changes the statistical behaviour of the file!
Instead You have to write an specific steganografic algorithm for each lossfull compression format You want to hide content in! It has to respect the 'format noise character'. That's what Niels Provos did for pnm and jpeg with outguess.
Most US conservatives would consider it "their money" and the idea that its not "their money" to be a corruption of the principals of private property.
We do have protests over road building, but they are on an environmental or citizen advocacy basis and I do not recall seeing one using property rights as a basis for this.
Many moons ago in college, we were told about a guy who sued the government to find out what was in the DOD or CIA budget, which was presented as kind of a black box. He argued that as a tax payer, he had a right to know where his money was going. The Supreme Court ruled that he had a (latin phrase spelled wrong) "de minimus interest" in the specific budget; in other words, his contribution was too small to be meaningful, thus e had no right. I wonder if the same applied to Gates or someone else who pays more in taxes.
I think there's probably a useful balance between the idea that its the governments money and my money. It's very easy to spend a lot of tax dollars without realizing that many of those dollars come from people's hard-earned paychecks, and that if you keep increasing government spending you're taking more and more away from people. Particularly when its being spent on activities that don't return a tangible benefit to those from whom the money was taken, regardless of the "real" benefit.
The more I pay in taxes (as a homeowner), the more infuriating government spending seems to be. My property taxes (used to fund city and county government) have gone up around 12% per year for the last 3 years. At this rate the property taxes per month will have eclipsed my P&I payments on the house in 12 years. It's hard not to wonder what they're doing with what was at least once my money.
Even random data has to fit in. For example, it used to be the case that the A/D stage of some cheap sound cards was so noisy that the recording from line-in gave you a 16 bit audio sample stream with the bottom 4 bits effectively random(like dithering but much much worse.) However, the noise (while random in nature) was shaped in a particular way, so if you just hide your encrypted secrets in those 4 bits it would be obvious that the "noise" wasn't appropriate.
Jon.
They likley want this to scan documents leaving thier internal network in an attempt to catch people who are sending out sensitive or secret info. To me this looks like the USAF is plugging a leak, not going on the hunt.
That's exactly one of the reasons for the technology. The DoD has an obligation to protect sensitive information. There are a crazy number of hoops that need to be gone through to get unclassified info off of a classified system. They can't have people encoding stuff in pictures of Barney then walking away with it.
I know the usual paranoids are up in arms about the AF doing this, but the same people would flood "The DoD is so stupid" if it were found out that people were abusing the technology to transport classified info.
The idea is to detect the likely presence of stego.. not to decode it, tha's an entirely different thing.
Analyzing a jpg or png to staistically determine if it's "clean" or has a message in it is not all that difficult. Decoding that message is a totally unrelated feat.. more likely reserved for cryptographers.
What if instead of trying to hide something in a specific image for example, you gave the steganographic software a selection of say 100 images and got it to choose which one would be best suitable to hide the data so it was hardest to find. While it might take alot of processing power to do this for a large selection it would make finding allot harder. Oh wait were supposed to be making it easier :P, how about banning all steganographic software and research under the PATRIOT III act and then only criminals will use it? Im not sure what the USAF is trying to get at here, if someone just thought it would be cool to do then fine, but if they are hoping to use it to catch terrorists then its stupid - you cant go through every email, IM, phone call, sms, fax, snail mail, telegram, VoIP call and website in the world looking for something dodgy, even if none of it was encrypted theres just too much!
This comment does not represent the views or opinions of the user.
In these days when the FBI thinks possession of an almanac makes you suspicious...what happens to you if some half-baked experimental steganography-detection program looks at billions of .jpgs, gets to an image you've included in an eBay auction descriptions, and detects some not-quite-decodable signal just above the noise that it interprets "there's definitely something hidden in that image, even though we can't tell what?"
How do you prove that you're innocent?
How do you prove that your image does NOT contain steganography?
Worse yet, suppose you are using steganography--say, a watermark to prevent people from stealing your image. Will the FBI believe what you tell them is the decoded content?
I mean, a few decades ago some nutcase analyzed Shakespeare's First Folio and decided that it was printed in a mixture of two slightly different fonts that constituted a binary code with a message proving that it had been written by Sir Francis Bacon. (No kidding). That proves that it's easy for someone who's looking for steganography to find it, whether it's there or not.
"How to Do Nothing," kids activities, back in print!
There are a crazy number of hoops that need to be gone through to get unclassified info off of a classified system. They can't have people encoding stuff in pictures of Barney then walking away with it.
Step number one is, even if it looks innoculous, don't let it through. Nobody is going to let you email or floppy a picture of Barney out of a classifed system, because there's no reason to, and it might contain classified information. It doesn't matter what the stegnography filter says, it won't go.
Detecting encrypted steganography would be difficult. It would involve statistical analysis of the "unimportant" bits of a known good media sample (be it image, audio, even an executable) and comparing it to the suspect message.
This would involve a tremendous database on the part of the USAF. More importantly, if the people using the steganography had a similar database (and code that could encrypt their hidden text to match the properties of the "known good"s), then the messages would be undetectable.
A better (but more controversial) approach be this: The USAF modifies every picture/audio stream/etc that goes to the outside world. Only the least significant bits (the places where the encrypted message is likely to hide) would be changed -- to gibberish. Then it doesn't matter if the message was stego-ed or not -- it's unreadable now.
Only 2 problems I see with this:
1) Doesn't match what the USAF asked for, which was a way to DETECT stego. I feel that this is OK because the AF's original goal is WAY too broad an d open ended. Stego isn't limited to pictures. It can use music, text, code (using redundancy in certain instructions in the x86 instruction set). In short, there are too many possible channels for something to be stego-ed through.
2) It's an overt measure. If you wanted to let these stego-ed messages get to their intended recipients, and then monitor what Bob the Spy was then doing, you'd be SOL. But still, if this was a known policy, it would be tremendously useful.
Oh, and for those who say "The data is being tampered with! That's inherently wrong!", if the data was so important that it's modification would cause problems, then the original steganography would be automatically detected.
I suppose I could have the software on a USB device that could encrypt the data for me, but since I can't get external email on that system I'd have to carry it out of there with me (maybe on the USB device). If I can do that, I can cary it anywhere so why would I risk sending this info from military computers when I can head to the internet cafe, the library in town or Kinko's?
A lot of military folk live on base and may get internet service provided by the military so they could check messages entering and leaving that way, but not on the base my wife works at. They get their connections 3rd-party and it never passes through military routers first.
From what I've [not] seen of my wife's secure work environment, I'd bet the AirForce would get a lot further with the money in providing additional security training to their "com-nazi's" and improve the physical security of their secret information.
They may already be trying to do some sort of scanning of outgoing attachments, because their Exchange servers seem to fold, spindle, and mutilate about two-thirds of the legitimate attachments my wife tries to send home. Then again, I've never seen a network that was "down" as often as theirs is so it may just be inexperience at the controls. Seriously, you can't take an airman out of bootcamp, send him to a few classes and expect them to be able to manage a complex network running Windows.
"terrorism" and "pedophilia" are the root passwords to the Constitution
It means a lot to them. They have narrowed down the source. Now instead of placing bugs on ten thousand communication lines, they only have to place one.
"Only the small secrets need to be protected. The big ones are kept secret by public incredulity." - Marshall McLuhan
You simply post your message in clear form in the comments of a "highly trollistic" news, and your message will automatically become hidden and indetectable with all the noise surrounding it.
But I want to be able to find the data afterward.
Hell, who needs encryption or steganography.
...
How about hiding messages in good old *SPAM* how much noisier
an environment could one want? Most people find it a pain. But
For example. P - E - N - I - S ** EnLaRgeMeNt pIlz
Could be instructions for a terrorist cell to take out a target.
Thats one good reason for cracking down on this abomination IMHO so perhaps
some good come from all this paranoia.
siggy played guitar
Steg programs need two inputs: an encrypted text to hide (the message), and a random stream of data to hide it in (the "medium"). The only way that the output can be identified as possibly containing a steganographic message is if the statistical properties of the hidden message are in some way distinct from those of the medium.
That implies that an effective steg program would do some analysis of the statistical properties of the medium prior to hiding the message, and would adapt the statistical properties of the encrypted message to blend in. For example, they might make a message hidden in audio look like Boltzmann noise (assuming there were no other pseudo-random artifacts created by the recording equipment and audio encoding scheme).
Only snag I see is that, if several parameters are adjustable, the values of those parameters would also need to be known on the receiving end.
Get your teeth into a small slice: the cake of liberty