Abstract
Steganography software detection is one of effective approaches for steganography forensics using software analysis. In this paper a method of LSB replacement steganography software detection is proposed. Firstly three typical implementations of LSB replacement algorithms are analyzed and Finite Automatons description of them are presented. Secondly the control flow automatons are constructed for softwares to be detected. Finally, the model checking method for identifying LSB replacement steganography software is adopted. Experimental results show that the proposed method can reliably detect LSB replacement steganography softwares of different versions and those that are reimplemented relatively.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Steganography tools (2009), http://www.jjtc.com/Security/stegtools.htm
Moon, K.K.B.-R.: Malware Detection based on Dependency Graph using Hybrid Genetic Algorithm. In: Proceedings of GECCO 2010, Oregon, P-orland, pp. 1211–1218 (2010)
Walenstein, A., Mathur, R., Chouchane, M.R., Lakhotia, A.: Normalizing Metamorphic Malware Using Term Rewriting. In: Proceedings of the Sixth IEEE International Workshop on Source Code Analysis and Manipulation (SCAM 2006), Philadelphia, USA, pp. 75–84 (2006)
Schmall, M.: Classification and identification of malicious code based on heuristic techniques utilizing meta-languages. Ph.D. thesis, University of Hamburg (2003)
Schultz, M.G., Eskin, E., Zadok, E., Stolfo, S.J.: Data Mining Methods for Detection of New Malicious Executables. In: Proc. of the IEEE Symposium on Security and Privacy, pp. 38–49. IEEE Press, Oakland (2001)
Myles, G., Collberg, C.: K-gram Based Software Birthmarks. In: Proceeding of ACM Symposium on Applied Computing, pp. 314–318. ACM (2005)
Tamada, H., Okamoto, K.: Dynamic Software Birthmarks to Detect the Theft of Windows Applications. In: Proceedings of the International Symposium on Future Software Technology (2004)
Schuler, D., Dallmeier, V., Lindig, C.: A Dynamic Birthmark for Java. In: Proceedings of the 22nd IEEE/ACM International Conference on Automated Software Engineering, pp. 274–283 (2007)
Zhou, X., Sun, X., Sun, G., Yang, Y.: A Combined Static and Dynamic Software Birthmark Based on Component Dependence Graph. In: Proceedings of International Conference on Intelligent Information Hiding and Multimedia Signal Prcessing, pp. 1416–1421 (2008)
Muñoz, A.: StegSecret (2007), http://stegsecret.sourceforge.net
Zheng, D., Liu, F., Yang, C., Luo, X.: Identify Information Hiding Software Based on Software Birthmarking. In: International Conference on Infomation Security and Artificial Intelligence, vol. 3, pp. 530–534 (2010)
Zheng, Y., Liu, F., Yang, C., Luo, X.: Identification of stganography software Based on Core Insructions Tempate Matching. In: Proceedings of IEEE International Conference on Multimedia Information Networking and Security 2011, Special Session, vol. 1, pp. 494–498 (2011)
Fridrich, J., Kodovský, J.: Steganalysis of LSB Replacement Using Parity-Aware Features. In: Kirchner, M., Ghosal, D. (eds.) IH 2012. LNCS, vol. 7692, pp. 31–45. Springer, Heidelberg (2013)
Christodorescu, M., Jha, S.: Static Analysis of Executablesto Detect Malicious Patterns. In: Proc. 12th Usenix Security Symp., pp. 169–186 (2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Zhao, Z., Liu, F., Luo, X., Xie, X., Yu, L. (2013). LSB Replacement Steganography Software Detection Based on Model Checking. In: Shi, Y.Q., Kim, HJ., Pérez-González, F. (eds) The International Workshop on Digital Forensics and Watermarking 2012. IWDW 2012. Lecture Notes in Computer Science, vol 7809. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-40099-5_6
Download citation
DOI: https://doi.org/10.1007/978-3-642-40099-5_6
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-40098-8
Online ISBN: 978-3-642-40099-5
eBook Packages: Computer ScienceComputer Science (R0)