key: cord-0058751-482sg5sk
authors: Gabriel, Arome Junior; Adetunmbi, Adebayo Olusola; Obaila, Preye
title: A Two-Layer Image-Steganography System for Covert Communication Over Enterprise Network
date: 2020-08-24
journal: Computational Science and Its Applications - ICCSA 2020
DOI: 10.1007/978-3-030-58817-5_34
sha: 23620961bf9c972185c58c386a1c99938e3acfe6
doc_id: 58751
cord_uid: 482sg5sk

Computers find application in virtually all aspect of human existence, especially in today’s modern world. Although this comes with a lot of benefits, it also comes with a number of undesirable consequences. Chief among these consequences is the rising concerns for security of information and even loss of privacy. Steganography, an Information hiding technique could be a fitting solution to these security issues. This paper presents an improved Steganography technique for ensuring the security of the widely spread and used internet materials or information that are shared globally with risk of vulnerability of attack. In this current research work, Elliptic Curve Cryptography (ECC) and Discrete Cosine Transform (DCT) Steganography were combined together to achieve effective security in the proposed system. A given plain text or secret message is first converted to a cipher text using ECC. The resultant encrypted text is then hidden under a cover-image using DCT-based image steganography technique to produce a final output called stego-image. To the Human Visual System (HVS), the stego-image remains the same as the original cover image. This ensures that the hidden secret message gets delivered to the target recipient without any suspicion. Standard metrics such as Peak Signal to Noise Ratio (PSNR) and Mean Square Error (MSE), as well as average computation time, were used to evaluate the performance of the proposed steganography system. The results indicate better performance compared to the conventional steganography systems. Thus the proposed system is a 2-level steganography system effective for storing sensitive data and even for securely transferring information over an open/enterprise network.

The world has in recent times witnessed an explosive upsurge in technological advancement. Indeed, in today's electronic or modern world, computers and other forms of information technology finds application in so many, if not all aspects of human lives as reported in literature [1] [2] [3] [4] [5] [6] [7] [8] [9] [10] . It must be said that computers and their networks are here to stay, and they offer a wide range of benefits for users. All these come with several other concerns among which is security (privacy, confidentiality, integrity, non-repudiation and authentication) of information and/or individuals. In today's electronic world, access and exchange of all kinds of information ranging from text, audio, video and even images, is quite easy via the Internet [10] . The serious concern however, is that, sharing information over enterprise or open networks exposes such information to all sorts of internet-based attacks [9] . There is a serious need to have a mechanism for ensuring that the protection of sensitive/secret information is guaranteed. Data hiding (information hiding) which plays an important role in information security over the internet can be a viable solution to this problem. Data hiding involves embedding secret data subtly in a cover-media by marginally adjusting the elements of the cover-media. Cryptography method does not conceal the presence of information but rather, it changes a text to a cipher-text which is more like gibberish that cannot be understood. In contrast, steganography deals with hiding the mere existence of a secret communication [11] . So a steganographic system embeds secret information or messages in a text, audio, video or image file so that its existence is not detected by unauthorized persons.

The organization of the rest of this paper is such that, a review of related research works is presented in Sect. 2. In Sect. 3, a vivid discussion on the design of the proposed 2-layer steganography system is presented. Section 4 presents the discussion of experiments' results or findings. Finally, the conclusion of the paper is presented in Sect. 5.

Quite a number of related works can be found online in other repositories. A summary of the most related ones is presented in this section.

In [12] , the authors presented a research on text-based steganography. They used as cover-media, texts written in Malayalam local language. This cover-media was used for hiding secret messages towards ensuring enhanced information secrecy or security. Their research made use of use of two matrices for indexing the alphabets in the common language. These matrices were laden with the alphabet letter and their indices in increasing order. A method for Unicode extraction was designed towards finding the Malayalam text that is corresponding to a given English text. The indexes were selected diagonally. However, the limitation of their work lies in the fact that the hidden word is subject to breach from a cryptanalyst.

In [13] , a steganography scheme based on adaptive circular queue image steganography plus RSA cryptosystem is proposed. The objectives was to use both cryptography and steganography to achieve the security of information. For the text to be encrypted RSA cryptography was used, while the resultant cipher-text is embedded in a randomly chosen grey image using a circular queue Least Significant Bit (LSB) steganography technique. RSA is characterized by a very slow key generation procedure. Besides, there is considerable difficulty in the choice of either large prime numbers or small prime numbers.

A research that adopted Genetic Algorithm and cryptography for the development of an image steganography architecture was carried out in [14] . The objective was to develop a secure communication mechanism using a combination of Advanced Encryption Standard (AES) cryptography scheme and a Genetic Algorithm-LSB steganography scheme. A given secret message or text was encrypted AES and then the resultant cipher-text is embedded in a selected cover-image using the steganography scheme. The AES scheme used however presents a limitation in that, there is problem of how to securely exchange the encryption key between a sender and a receiver. Besides, the LSB method can result in much alteration or distortion of the cover-image. This leads to easy detection or attack from attackers. Indeed, since the genetic algorithm competed for space, it is most likely for every information to compete just for a single pixel space which will make the stego different from the cover image.

In [15] , a steganography graphical password scheme is proposed for Near Field Communication (NFC) smartphone access control system. The objectives was to create a novel and secured NFC ESGP smartphones security system to ensure convenient and secure use of these smartphone by their owners, as a key access to control systems. They extended the boundary of the capabilities of the technology via the creation of a new and secured NFC ESGP smartphones security system. The combination of both the NFC and the ESGP was in order to achieve higher security compared to the existing one. The work was however exclusively meant for smartphone users only.

The authors in [16] studied the embedding efficiency of LSB steganography technique in spatial and transform domains. Their major goal was to embed a large secret message in a given image using different LSB techniques such as ± embedding, F5 algorithm with or without matrix embedding. The LSB technique was combined with matrix embedding and F5 algorithm which is applied on both spatial and frequency domain of a given image. If LSB occurs on distortion, it can easily be altered, and wasted by more filtering, compression or a smaller than the original format or size transformation, which gave a very serious limitation to the work.

While working towards improving the properties of images with embedded secrets as well as eliminating the tendency of huge computational complexity in steganography systems, the papers in [17] used particle swarm optimisation algorithm as well as AVX instructions available in modern CPUs. These allow for parallel operations that are vital in image steganography.

An Optical Character Recognition (OCR) based Steganography technique where, messages, in their feature forms, are embedded in a cover image was proposed in [18] . Character level features were extracted from images which contain the textual messages, and embedded in the cover image, thus strengthening the data hiding objective of steganography. They reported impressive results.

In the study titled "Image Steganography and Steganalysis based on LSB", as reported in [19] , Olomo et al. in [19] proposed a new LSB steganography method towards improving on the 1-byte least significance method. The results they presented showed remarkable performance of their model. This work however considered images, and requires some extension to be able to handle audio files as cover media.

An important angle to research in steganography is the audio steganography which uses audio files as cover media for hiding the existence of secret messages. Some authors have carried out studies in audio steganography. For instance, a survey of audio steganography methods for transmitting data securely was carried out in [20] . The authors posited that LSB is the simplest steganography method, but that when it comes to robustness against attacks, spread spectrum method offers more. Another research effort in the direction of audio steganography is that reported in [21] . The authors developed an efficient audio steganography system that has increased robustness against attack. Their proposed system is reportedly able to embed text messages in both MP3 and MP4 audio file formats, with remarkable effectiveness. As a drawback, audio steganography systems seem to have far more complexities, hence incur more computational overheads than simple-image based ones.

The need for more robust information security systems, especially those that are capable of providing resistance to common classical and quantum attacks has led other researchers to proposing the idea of combining post quantum cryptography with steganography. Such systems were reported in the research papers in [6, 9] . A Quantum image Least Significant Qubit information hiding algorithm that uses a novel enhanced quantum representation (the NEQR) was presented in [22] . The authors demonstrated the algorithm hides the message in the frequency spectrum of an image thereby improving the security of the message.

In order to handle the shortcomings observed in the existing works and provide an improved solution, this current research work (paper) proposes a steganography model that will be used to hide a text (information)'M' in an image, in a way that, to the HVS, no visible difference between the cover-image (i.e. image without information) and stego-image (i.e. image with information) will be noticed. The proposed system is made of two (2) modules -The Cryptography (ECC) as well as the Steganography (using DCT on images) modules.

The ECC module makes use of prime Elliptic curve cryptography to provide for a high level of security with smaller key size compared to RSA cryptographic scheme that work based on the difficulty of solving Integer Factorisation Problem. In elliptic curve mathematics operations are carried out on the coordinate points of an elliptic curve using the formula in Eq. 1.

The general expression can then be simplified to yield;

when a 2 ¼ a 3 ¼ 0, x ranges from 0 to arbitrary selected number-1,while A and B are integer constants.

The encryption procedure is formalised as in Eq. 3 and 4:

where E 1 and E 2 are cipher points which transform to a code table where the cipher text will be derived from. The communication is done between two parties. a is the first party's private key_1, b is second party's private key_1, ϒ stands for a point selected on the elliptic curve, A 1 is the first party general public key_1, A 2 is the first party specific public key, B is the second party private key_2, B 1 is the second party general public key_1, A B is first party public key for the second party,B A is the second party specific public key for the first party, c is an agreed point on the elliptic curve. The decryption process makes use of the Eq. (5)

where M is the plain message after decryption Discrete Cosine Transform offers a way for hiding large amount of data. It provides high security, a good invisibility and prevents loss of secret message. In DCT the choice of replaceable pixels is based on whether a given pixel has DCT coefficient below threshold are considered as potential pixels. The threshold value here is taken as zero. Hence, the pixels with DCT coefficient value below zero are used for data hiding. The general formula for DCT is:

For Embedding, a cover-image is chosen. Then, the DCT coefficient of carrier image is determined. Then traverse through each pixel in the cover-image to the end of the secret image. If the DCT coefficient value is below a stipulated threshold then, replace LSB(s) with MBS(s) of pixels in secret image. Insert 1 at the location in the key matrix, to retrieve the information back get the stego image, traverse through each pixel in the stego image till end. Check the key matrix for the location if it is 1, then extract LSBs from stego image otherwise move on to next pixel get estimate of secret image (Fig. 1) .

The developed system was implemented using MATLAB (R2017a version) programming language on Windows 10 Operating System platform with hardware configuration of 4 GB RAM, 2.0 GHz processor speed and 500 GB of hard disk.

In this research three different images were used as cover images, but any other image can also be used. These images are used to hide different ranges of secret text. To test the result, different sizes of the secret text files (37 KB, 122 KB, 140 KB, 143 KB, and 918 KB) were gotten and then hidden under an image and the quality of the image is tested using PSNR and also a steganalysis software to determine if the image can easily be detected by hackers. The images used for testing are presented in Fig. 2 : 

The proposed/developed system was evaluated based on the following metrics; Peak Signal-to-Noise (PSNR), and Mean Square Error (MSE). These metrics are further highlighted as follows;

A Peak Signal-to-Noise Ratio (PSNR) and Mean Square Error (MSE) The Peak Signal-to-Noise Ratio (PSNR) is the metric that was used to access the quality of the resultant stego-image. If the PSNR value is greater than the Mean Square Error (MSE) value then the image has a very good quality. Otherwise, the resultant stego-image is regarded as not of good quality, which implies that the steganography system that produced that stego-image is inefficient.

Results obtained from our experiment shows that the PSNR obtained in all cases have higher values when compared to the corresponding MSE values. This indicates that the proposed system yields good stego-images ( Table 1 ).

The mathematical formula or relations used is for computing the Peak Signal-to-Noise Ratio (PSNR) and the Mean Square Error (MSE) is as defined in Eqs. 7 and 8; 

B Steganalysis Testing Ben 4D steganalysis software was used to carry out the system performance evaluation with respect to its resistance to steganalysis. Three different cover-images (see Fig. 2 ) were checked to determine the maximum size of test secret file they can contain/embed conveniently before their level of distortion becomes visible to the HSV. These images were also passed through the Ben4D software to determine their maximum embedding capacity just before a steganalysis software is able to detect such distortions. Table 2 shows the highest KB of test secret file each cover-image can take before distortions becomes detectable. Results as shown in Table 2 reveals that, image_1 starts experiencing a little decrease in its luminance component when a large size of 917 KB test file was hidden under it.

Anyone who is interested in hiding a larger text file will be ready to take some form of trade-off time. This sub-section shows the effect of the LZW compression algorithm on some of our ciphertexts, as well as the computation time of the newly developed steganography system versus the existing RSA_DCT based steganography system. The chart shown in Fig. 3 illustrates the impact of the LZW compression algorithm on the ciphertexts generated by the encryption sub-system of our proposed system. The algorithm obviously reduced the sizes of ciphertexts. The implication is that, the compression allows for more room in the selected cover-image, for the storage or embedding of more secret information. Another implication is that, the size of the resultant output is greatly reduced compared to what is obtainable if compression was not involved. This means that the proposed system is also suitable for resource constrained environments like those obtainable in Internet of Things (IoT).

A performance comparison of the newly developed DCT_ECC based system versus the existing traditional RSA based solutions in terms of the entire computation time was carried out, and the results are as presented in the diagram in Fig. 4 . The computation time here refers to the time it takes to encrypt given secret message or data and embed the resultant cipher-text in a chosen cover-image.

These times it takes (in milliseconds), to encrypt and embed a given secret information (text) in a chosen cover-image to yield a stego-image, were recorded and plotted to yield the chart in Fig. 4 . It can be clearly deduced that newly developed system 

Although a number of techniques for securing information whether in store or while being exchanged exist, there is a serious need for improvement, as individuals with malicious intents are growing in skills at circumventing existing security solutions. Steganography, an information hiding technique is effective for secure/covet communication, while not even arousing the suspicion of attackers.

In this paper, an improved image-based steganography system that uses Discrete Cosine Transform (DCT), Elliptic Curve Cryptography (ECC) and Lempel-Ziv techniques was developed. Results shows that this system has high capacity for hiding secret messages in cover images. This will enable confidential communications between entities even across enterprise networks. Due to the ECC used, small sized cipher texts are produced after encryption, as against what is obtainable when RSA crypto-system is used for encryption. This counts for robustness on the part of our technique.

Furthermore, the Lempel-Ziv algorithm also helps with compression. This reduces the eventual size of the cipher-text further before embedding same in a selected coverimage.

The performance analysis of the developed system as shown by the output of the Ben4D steganalysis software as well as the PSNR and MSE standard metrics, reveals the robustness of the proposed system for security of information whether in store or in transit across enterprise communication networks. 

Modelling of risk management procedures for cybercrime control systems

A Data Encryption Standard (DES) based web services security architecture

Analysis of algorithms in Long Term Evolution (LTE) network

Modelling the employees' activities of public service sector using production rules

Neural network-based health personnel monitoring system

Post-quantum crystography system for secure electronic voting, open computer science

Development of a fuzzy logic based rainfall prediction model

Cloud application security using hybrid encryption

Post-quantum crystography; a combination of post-quantum cryptography and steganography

Post-quantum crystography based security framework for cloud computing

A high capacity text steganography scheme based on LZW compression and colour coding

A method for text steganography using malayalam text

Adaptive circular queue image steganography with RSA cryptosystem

A proposed novel architecture for information hiding in image steganography by using genetic algorithm and cryptography

Encrypted steganography graphical password scheme for near field communication smartphone access control system

Relating the embedding efficiency of LSB steganography

JPEG steganography with particle swarm optimization accelerated by AVX. Special Issue Paper

LSB based steganography with OCR: an intelligent amalgamation

Image steganography and steganalysis based on Least Significant Bit (LSB)

Audio steganography used for secure data transmission

Embedding text in audio steganography system using advanced encryption standard and spread spectrum

Least Significant Qubit (LSQb) information hiding algorithm for quantum for quantum image

The work has been able to develop a robust 2-layer steganography system that would be very useful in securing and sharing large amount of sensitive data or information without arousing suspicion.