Tackling Android Stego Apps in the Wild

Digital image forensics is a young but maturing field, encompassing key areas such as camera identification, detection of forged images, and steganalysis. However, large gaps exist between academic results and applications used by practicing forensic analysts. To move academic discoveries closer to real-world implementations, it is important to use data that represent “in the wild” scenarios. For detection of stego images created from steganography apps, images generated from those apps are ideal to use. In this paper, we present our work to perform steg detection on images from mobile apps using two different approaches: “signature” detection, and machine learning methods. A principal challenge of the ML task is to create a great many of stego images from different apps with certain embedding rates. One of our main contributions is a procedure for generating a large image database by using Android emulators and reverse engineering techniques, the first time ever done. We develop algorithms and tools for signature detection on stego apps, and provide solutions to issues encountered when creating ML classifiers.