Skip to main content
SpringerLink
Log in

LSB Replacement Steganography Software Detection Based on Model Checking

  • Conference paper
The International Workshop on Digital Forensics and Watermarking 2012 (IWDW 2012)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7809))

Included in the following conference series:

Abstract

Steganography software detection is one of effective approaches for steganography forensics using software analysis. In this paper a method of LSB replacement steganography software detection is proposed. Firstly three typical implementations of LSB replacement algorithms are analyzed and Finite Automatons description of them are presented. Secondly the control flow automatons are constructed for softwares to be detected. Finally, the model checking method for identifying LSB replacement steganography software is adopted. Experimental results show that the proposed method can reliably detect LSB replacement steganography softwares of different versions and those that are reimplemented relatively.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Steganography tools (2009), http://www.jjtc.com/Security/stegtools.htm

  2. Moon, K.K.B.-R.: Malware Detection based on Dependency Graph using Hybrid Genetic Algorithm. In: Proceedings of GECCO 2010, Oregon, P-orland, pp. 1211–1218 (2010)

    Google Scholar 

  3. Walenstein, A., Mathur, R., Chouchane, M.R., Lakhotia, A.: Normalizing Metamorphic Malware Using Term Rewriting. In: Proceedings of the Sixth IEEE International Workshop on Source Code Analysis and Manipulation (SCAM 2006), Philadelphia, USA, pp. 75–84 (2006)

    Google Scholar 

  4. Schmall, M.: Classification and identification of malicious code based on heuristic techniques utilizing meta-languages. Ph.D. thesis, University of Hamburg (2003)

    Google Scholar 

  5. Schultz, M.G., Eskin, E., Zadok, E., Stolfo, S.J.: Data Mining Methods for Detection of New Malicious Executables. In: Proc. of the IEEE Symposium on Security and Privacy, pp. 38–49. IEEE Press, Oakland (2001)

    Google Scholar 

  6. Myles, G., Collberg, C.: K-gram Based Software Birthmarks. In: Proceeding of ACM Symposium on Applied Computing, pp. 314–318. ACM (2005)

    Google Scholar 

  7. Tamada, H., Okamoto, K.: Dynamic Software Birthmarks to Detect the Theft of Windows Applications. In: Proceedings of the International Symposium on Future Software Technology (2004)

    Google Scholar 

  8. Schuler, D., Dallmeier, V., Lindig, C.: A Dynamic Birthmark for Java. In: Proceedings of the 22nd IEEE/ACM International Conference on Automated Software Engineering, pp. 274–283 (2007)

    Google Scholar 

  9. Zhou, X., Sun, X., Sun, G., Yang, Y.: A Combined Static and Dynamic Software Birthmark Based on Component Dependence Graph. In: Proceedings of International Conference on Intelligent Information Hiding and Multimedia Signal Prcessing, pp. 1416–1421 (2008)

    Google Scholar 

  10. Muñoz, A.: StegSecret (2007), http://stegsecret.sourceforge.net

  11. Zheng, D., Liu, F., Yang, C., Luo, X.: Identify Information Hiding Software Based on Software Birthmarking. In: International Conference on Infomation Security and Artificial Intelligence, vol. 3, pp. 530–534 (2010)

    Google Scholar 

  12. Zheng, Y., Liu, F., Yang, C., Luo, X.: Identification of stganography software Based on Core Insructions Tempate Matching. In: Proceedings of IEEE International Conference on Multimedia Information Networking and Security 2011, Special Session, vol. 1, pp. 494–498 (2011)

    Google Scholar 

  13. Fridrich, J., Kodovský, J.: Steganalysis of LSB Replacement Using Parity-Aware Features. In: Kirchner, M., Ghosal, D. (eds.) IH 2012. LNCS, vol. 7692, pp. 31–45. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  14. Christodorescu, M., Jha, S.: Static Analysis of Executablesto Detect Malicious Patterns. In: Proc. 12th Usenix Security Symp., pp. 169–186 (2003)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Network Engeering, Zhengzhou Information Science and Technology Institute, Zhengzhou, 450002, China

    Zheng Zhao, Fenlin Liu, Xiangyang Luo & Xin Xie

  2. State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Science, Beijing, 100093, China

    Xiangyang Luo

  3. Department One, The Academy of National Defense Information, 430000, Wuhan, China

    Lu Yu

Authors
  1. Zheng Zhao
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Fenlin Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Xiangyang Luo
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Xin Xie
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Lu Yu
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. New Jersey Institute of Technology, Newark, NJ, USA

    Yun Q. Shi

  2. Multimedia Security Lab, Korea University, 136-701, Seoul, South Korea

    Hyoung-Joong Kim

  3. Signal Theory and Communications Department, University of Vigo, 36310, Vigo, Spain

    Fernando Pérez-González

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Zhao, Z., Liu, F., Luo, X., Xie, X., Yu, L. (2013). LSB Replacement Steganography Software Detection Based on Model Checking. In: Shi, Y.Q., Kim, HJ., Pérez-González, F. (eds) The International Workshop on Digital Forensics and Watermarking 2012. IWDW 2012. Lecture Notes in Computer Science, vol 7809. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-40099-5_6

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-40099-5_6

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-40098-8

  • Online ISBN: 978-3-642-40099-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation