Skip to content

Algorithm mismatch in spatial steganalysis

Conference/Workshop:
IS&T International Symposium on Electronic Imaging, Media Watermarking, Security, and Forensics 2019
Published: 2019
Primary Author: Stephanie Reinders
Secondary Authors: Li Lin, Yong Guan, Min Wu, Jennifer Newman
Research Area: Digital

The number and availability of stegonographic embedding algorithms continues to grow. Many traditional blind steganalysis frameworks require training examples from every embedding algorithm, but collecting, storing and processing representative examples of each algorithm can quickly become untenable. Our motivation for this paper is to create a straight-forward, nondata-intensive framework for blind steganalysis that only requires examples of cover images and a single embedding algorithm for training. Our blind steganalysis framework addresses the case of algorithm mismatch, where a classifier is trained on one algorithm and tested on another, with four spatial embedding algorithms: LSB matching, MiPOD, S-UNIWARD and WOW.

We use RAW image data from the BOSSbase database and and data collected from six iPhone devices. Ensemble Classifiers with Spatial Rich Model features are trained on a single embedding algorithm and tested on each of the four algorithms. Classifiers trained on MiPOD, S-UNIWARD and WOW data achieve decent error rates when testing on all four algorithms. Most notably, an Ensemble Classifier with an adjusted decision threshold trained on LSB matching data achieves decent detection results on MiPOD, S-UNIWARD and WOW data.

Related Resources

A Response to the Threat of Stegware

A Response to the Threat of Stegware

Stegware refers to software, programs or apps that allow insertion of malware into a digital file, such as an image or video, using steganography techniques. Although it has been in…
A Forensic Analysis of Joker-Enabled Android Malware Apps

A Forensic Analysis of Joker-Enabled Android Malware Apps

This project aims at developing a set of automated Android Malware vetting tools to discover all the malicious behaviors of Android Malwares in the forms of files in the local…
LogExtractor: Extracting Digital Evidence from Android Log Messages via String and Taint Analysis

LogExtractor: Extracting Digital Evidence from Android Log Messages via String and Taint Analysis

Mobile devices are increasingly involved in crimes. Therefore, digital evidence on mobile devices plays a more and more important role in crime investigations. Existing studies have designed tools to identify and/or…
Forensic Analysis on Joker Family Android Malware

Forensic Analysis on Joker Family Android Malware

Android is the most popular operating system among mobile devices and the malware targeted explicitly for Android is rapidly growing and spreading across the mobile ecosystem. In this paper, we…