This document contains a presentation on honeypots and steganography. It includes sections on honeypots that define them, discuss their history and classification, and describe their applications and advantages/disadvantages. It also includes sections on steganography that define it, discuss techniques like LSB insertion, and describe applications. The presentation provides an overview of honeypots and steganography for educational purposes.
3. page 312/10/07 Presentation
CONTENTS
Introduction
History
What is Honeypot?
Classification
Applications
Advantages and Disadvantages
Conclusion
References
4. page 412/10/07 Presentation
Introduction
The primary goal of computer security is to defend
computers against attacks launched by malicious users.
A relatively recent innovation in intrusion detection
technology is the honeypot.
The systems can only react to or prevent attacks but they
cannot give us information about the attacker, the tools used
or even the methods employed. Hence, Honeypots are a novel
approach to network security and security research
Honeypots are closely monitored decoys that are employed in
a network to study the trail of hackers and to alert network
administrators of a possible intrusion.
5. page 512/10/07 Presentation
The concept of Honeypots was first described by Clifford Stoll
in 1990.
It began with two publications, “The Cuckoos Egg” and “An
Evening with Breford”.
The first honeypot was released in 1997 called the Deceptive
Toolkit.
In 1998 the first commercial honeypot called Cybercop Sting
was released.
In 2002 the honeypot was used all over the world.
In the year 2005 The Philippine Honeypot Project was started to
promote computer safety over in the Philippines.
History
6. page 612/10/07 Presentation
A HONEYPOT is an information system resource whose value
lies in unauthorized or illicit use of that resource
Honeypots and firewalls work in reverse direction to each other
as the honeypots allow all traffic to come in but blocks all
outgoing traffic. Most honeypots are installed inside network
firewalls and is a means of monitoring and tracking hackers.
Honeypots are a unique tool to learn about the tactics of
hackers.
Honeypots are decoy systems that are designed to lure a
potential attacker away from critical systems.
What is a Honeypot?
7. page 712/10/07 Presentation
Goals of the Honey pot system
The virtual system should look as real as possible, it
should attract unwanted intruders to connect to the virtual
machine for study. It must include files, directories and
information that will catch the eye of the hacker.
The virtual system should be watched to see that it isn’t
used for a massive attack on other systems.
8. page 812/10/07 Presentation
Purpose
The two main reasons why honeypots are deployed are
1.To learn how intruders probe and attempt to gain access to
your systems and gain insight into attack methodologies to
better protect real production systems.
2. To gather forensic information required to aid in the
apprehension.
11. page 1112/10/07 Presentation
Classification of HoneyPots
Honeypots can be classified according to two criteria:
According to their Implementation Environment
According to their Level of Interaction.
13. page 1312/10/07 Presentation
Production Honeypots: …..
Used to protect organizations in real production
operating environments.
Specifically the three layers of prevention, detection, and
response.
14. page 1412/10/07 Presentation
Research Honeypots: …..
These Honeypots are not implemented with the
objective of protecting networks.
Studying all sorts of attack patterns and threats.
Used to gather information about the intruders’ actions.
15. page 1512/10/07 Presentation
Level of Interaction …...
The term “Level of Interaction” defines the range of
attack possibilities that a Honeypot allows an attacker to
have.
classified on the bases of their levels:-
1. HoneyD (Low-Interaction)
2. Honey net (High-Interaction)
16. page 1612/10/07 Presentation
Low-Interaction Honeypots
Low-interaction honeypots are typically the easiest
honeypots to install, configure, deploy, maintain.
Nepenthes
Honeyd
Honeytrap
Web Applications
17. page 1712/10/07 Presentation
High-interaction Honeypots
Honeynets is a collection of honeypots are combined to
create a single honeynet.
High-interaction honeypots provide an attacker with a real
operating system where nothing is emulated or restricted.
It controls an attacker at the network level.
22. page 2212/10/07 Presentation
Contents
What is Steganography?
History Of Steganography
Physical And Digital techniques
Steganography v/s Cryptography
Basic Steganography Model
Types Of Steganography
Applications
Advantages v/s Disadvantages
Conclusion
References
23. page 2312/10/07 Presentation
History
Steganography was traced from 440 BC
Demaratus sent a warning about a forthcoming attack to
Greece by writing it directly on the wooden backing of a
wax tablet
Ancient Chinese wrote messages on fine silk
During Second World War a technique was developed to
shrink photographically a page of text into a dot less than
one millimeter in diameter.
24. page 2412/10/07 Presentation
What is Steganography?
What is Steganography?
Steganography is the art and science of writing hidden
messages in such a way that no one, apart from the sender
and intended recipient, suspects the existence of the
message.
“Steganography means hiding one piece of data within
another”.
25. page 2512/10/07 Presentation
Example
Since everyone can read, encoding text
in neutral sentences is doubtfully effective
Since Everyone Can Read, Encoding Text
In Neutral Sentences Is Doubtfully Effective
‘Secret inside’
26. page 2612/10/07 Presentation
Physical Techniques
Hidden messages within wax tablets
Hidden messages on messenger's body
Hidden messages on paper written in secret inks
Messages written on envelopes in the area covered
by postage stamps.
Invisible ink
Character marking
Pin punctures
Typewriter correction ribbon
27. page 2712/10/07 Presentation
Digital Techniques
Concealing messages within the lowest bits
of noisy images or sound files.
Modifying the echo of a sound file (Echo
Steganography)
Including data in ignored sections of a file, such as
after the logical end of the carrier file.
28. page 2812/10/07 Presentation
Steganography V/s Cryptography
Steganography Cryptography
Unknown message passing Known message passing
Steganography prevents discovery of the
very existence of communication
Encryption prevents an unauthorized party
from discovering the contents of a
communication
Little known technology Common technology
Technology still being develop for certain
formats
Most of algorithm known by all
Once detected message is known
Strong current algorithm are resistant to
attacks ,larger expensive computing power
is required for cracking
Steganography does not alter the structure
of the secret message
Cryptography alter the structure of the
secret message
30. page 3012/10/07 Presentation
Text Steganography
Text steganography can be applied in the digital makeup
format such as PDF, digital watermark or information
hiding
Example: TextHide hides the information in the manner
of text overwriting and words’ selection.
31. page 3112/10/07 Presentation
Text Steganography Methods
Text Steganography in Markup Languages[HTML]
Text Steganography in Specific characters in words
Line shifting Method
Word shifting
Feature coding
32. page 3212/10/07 Presentation
Examples of Text Steganography
An example of a message containing cipher text by German
Spy in World War II:
“Apparently neutral's protest is thoroughly discounted
And ignored. Isman hard hit. Blockade issue affects
Pretext for embargo on by products, ejecting
suets and Vegetable oils. ”
Pershing sails from NY June 1.
34. page 3412/10/07 Presentation
Transform Domain Technique
Transform domain techniques embed messages in the
intensity of the pixels directly.
In this technique images are first transformed and then the
message is embedded in the image
This techniques encompass bit-wise methods that apply
bit insertion and noise manipulation.
Steganography in the transform domain involves the
manipulation of algorithms and image transforms.
35. page 3512/10/07 Presentation
LSB [Least Significant bit] Method
Least significant bit (LSB) insertion is a common, simple
approach to embedding information in a cover image
The least significant bit (8th bit) is changed to a bit of the
secret message
When using a 24-bit image, a bit of each of the red, green
and blue colour components can be used, since they are
each represented by a byte.
In its simplest form, LSB makes use of BMP images,
since they use lossless compression
36. page 3612/10/07 Presentation
Example Of LSB Method
A grid for 3 pixels of a 24-bit image can be as follows:
(00101101 00011100 11011100)
(10100110 11000100 00001100)
(11010010 10101101 01100011)
When the number 200, which binary representation is
11001000, is embedded into the least significant bits of this
part of the image, the resulting grid is as follows:
(00101101 00011101 11011100)
(10100110 11000101 00001100)
(11010010 10101100 01100011)
38. page 3812/10/07 Presentation
Audio Steganography
Embedding secret messages into digital sound is known
as audio Steganography.
Audio Steganography methods can embed messages in
WAV, AU, and even MP3 sound files.
39. page 3912/10/07 Presentation
LSB Technique Method
The message 'HEY' is encoded in a
16-bit sample using the LSB
method.
Here the secret information is
‘HEY’ and the cover file is audio
file. HEY is to be embedded inside
the audio file.
First the secret information ‘HEY’
and the audio file are converted into
bit stream.
The least significant column of the
audio file is replaced by the bit
stream of secret information ‘HEY’.
The resulting file after embedding
secret information ‘HEY’ is called
Stego-file.
40. page 4012/10/07 Presentation
It is used in the way of hiding not the information but the
password to reach that information.
Difficult to detect. Only receiver can detect.
Can be applied differently in digital image, audio and
video file.
It can be done faster with the large number of softwares.
Advantages
41. page 4112/10/07 Presentation
Disadvantages
Huge number of data, huge file size, so someone can
suspect about it.
If this technique is gone in the wrong hands like hackers,
terrorist, criminals then this can be very much dangerous
for all.
43. page 4312/10/07 Presentation
Conclusion
• Honey pots are an extremely effective tool for observing
hackers movements as well as preparing the system for
future attacks.
• Steganography in our current digital age can be attributed
to both the desire of individuals to hide information
46. page 4612/10/07 Presentation
In today’s world the art of sending & displaying the
hidden information especially in public places, has
received more attention.
In this paper we propose a new form of steganography,
on-line hiding of information on the output screens of the
instrument. This method can be used for announcing a
secret message in public place.
Private marking system using symmetric key
steganography technique and LSB technique is used here
for hiding the secret information.
Abstract
47. page 4712/10/07 Presentation
Introduction
The main goal of steganography is to hide information in
the other cover media so that other person will not notice
the presence of the information.
Steganography is the art of inconspicuously hiding data
within data.
48. page 4812/10/07 Presentation
Requirements of hiding information digitally
a)The integrity of the hidden information after it has been
embedded inside the stego object must be correct.
b)The stego object must remain unchanged or almost
unchanged to the naked eye.
c) Finally, we always assume that the attacker knows that
there is hidden information inside the stego object.
50. page 5012/10/07 Presentation
Types of steganography
Steganography can be split into two types :
a)Fragile: This steganography involves embedding
information into a file which is destroyed if the file is
modified.
b)Robust: Robust marking aims to embed information into a
file which cannot easily be destroyed.
52. page 5212/10/07 Presentation
Algorithm for embedding the secret message
a) Read the image from the source.
b) Divide the image into [R x C] smaller blocks .Where R
& C are the first & second bytes of the key respectively
c) Each smaller block is a combination of many pixels of
different values.
d) The LSBs of the pixel are changed depending on the
pattern bits and the secret message bits.
e) The pattern bits are considered in sequence form its
MSB.
f) If the pattern bit is 0, then the first LSB of the pixel is
changed
53. page 5312/10/07 Presentation
g) If the pattern bit is 1, then the second LSB of the pixel is
changed accordingly.
h) A single bit of the secret message is distributed through
out the block. This is done to have enough information so
that correct information can be retrived after decoding
i) Similarly the other bits are inserted in the remaining
blocks.
j) If the length of the secret message is large , then it can
be divided and stored in two or three frames.
k) The information is extracted.
54. page 5412/10/07 Presentation
Performance Measures
a) The integrity of the hidden information should not
change after embedding.
b) The stego object must remain almost unchanged to the
naked eye.
c) There should be accuracy in the extracted data
55. page 5512/10/07 Presentation
RESULTS
In Online transmission of the hidden data, there are 3
systems are used
System 1 : To create and send the normal billboard data
System 2 : To hide the secret message .
System 3 : To display any data coming from system 2.
56.
57.
58. page 5812/10/07 Presentation
CONCLUSION
Steganography is more widely used in computing.
For a system to be considered robust it should have the
following properties:
a) The quality of the media should not noticeably degrade
upon addition of a secret data.
b) Secret data should be undetectable without secret
knowledge, typically the key.
c) If multiple data are present they should not interfere with
each other.
d) The secret data should survive attacks that don’t degrade
the perceived quality of the work.
59. page 5912/10/07 Presentation
References
[1] Mohammad Shirali-Shahreza , “A new method for real
time steganography”, ICSP 2006 Proceedings of IEEE .
[2] Yuk Ying Chung, fang Fei Xu , “Development of video
watermarking for MPEG2 video” City university of Hong
Kong ,IEEE 2006.
[3] C. Lu, J. Chen and K. Fan, "Real-time Frame-Dependent
Video Watermarking in VLC Domain", Signal Processing :
Image Communication 20, 2005.