KIRAS Security Research

2010

StegIT

The goal of this project is the design of a hardware solution, allowing the mobile usage of steganography through support of a dedicated hardware device or through a mobile device like a smart phone.

Steganography is the science of hidden information exchange, i.e. secret information is transmitted or stored in such a way that a third party is unable to detect the actual secret data. Therefore steganography can be a mighty and dangerous tool for criminals but it also has its positive fields of application, like Digital Rights Management and the improvement of privacy and secrecy of secret data. Due to the rise of Internet telephony (VoIP) and smart phones, an increased usage of steganography can be expected for the future.
From 2009 to 2010 the previous research project, “StegIT-2”, ran at the FH St. Pölten and its results build the base of this planned project. It resulted in new steganographic algorithms, allowing the embedding of secret data in real-time (important for Internet telephony) and into stored audio files. Based on the evaluated algorithms prevention techniques have been developed. That way a comprehensive prevention of steganography has been implemented which can be used independently from the actual steganographic algorithm.
During the first and second phase of this project the prevention techniques will be expanded to do an actual analysis. This is achieved through the use of steganalysis which was not addressed in the previous research project. Steganalysis denotes the analysis of a cover medium (e.g. audio data) to make an assumption about the possibility of a performed embedding, i.e. if the medium has been modified by a steganographic embedding algorithm. Following the analysis, a comprehensive security evaluation of the best algorithm from “StegIT-2” will be done, especially focussing on possible, security-relevant parameter settings. In the next step this distinguished algorithm will be improved in its implementation, based on the steganalysis results as well as the security evaluation. This project phase on the one hand aims at actual improvements of the algorithm implementation. On the other hand suitable parameter settings for an enhanced efficiency and security shall also be found.
The goal of the third project phase is the design of a hardware solution, allowing the mobile usage of steganography through support of a dedicated hardware device or through a mobile device like a smart phone.

Project leader:
Fachhochschule St. Pölten GmbH, Institut für IT Sicherheitsforschung
Univ.-Doz. D.I. Dr. Ernst Piller, ernst.piller@fhstp.ac.at

Project partner:
Bundesministerium für Landesverteidigung, Bgdr. Mag. Klemens Hofmeister, Leitung F&E, mgp.forschung@bmlv.gv.at
Bundesministerium für Inneres, Mag. Leopold Löschl, Bundeskriminalamt, leopold.loeschl@bmi.gv.at
PDTS GmbH, Dr. Franz Schodl, franz.schodl@pdts.at

Contact:
Fachhochschule St. Pölten GmbH, Institut für IT Sicherheitsforschung
Matthias Corvinus-Straße 15, 3100 St. Pölten
Univ.-Doz. D.I. Dr. Ernst Piller, Tel.: +43 2742 313 228 – 636
E-Mail: ernst.piller@fhstp.ac.at
Web: www.fhstp.ac.at

print