Abstract
The processing power of smartphones supports steganographic algorithms that were considered to be too computationally intensive for handheld devices. Several steganography apps are now available on mobile phones to support covert communications using digital photographs.
This chapter focuses on two key questions: How effectively can a steganography app be reverse engineered? How can this knowledge help improve the detection of steganographic images and other related files? Two Android steganography apps, PixelKnot and Da Vinci Secret Image, are analyzed. Experiments demonstrate that they are constructed in very different ways and provide different levels of security for hiding messages. The results of detecting steganography files, including images generated by the apps, using three software packages are presented. The results point to an urgent need for further research on reverse engineering steganography apps and detecting images produced by these apps.
Keywords
Download to read the full chapter text
Chapter PDF
References
P. Alvarez, Using extended file information (EXIF) file headers in digital evidence analysis, International Journal of Digital Evidence, vol. 2(3), 2004.
Android Developers, UI Automator (developer.android.com/training/testing/ui-automator.html), 2018.
Android Open Source Project, Dalvik Bytecode (source.android.com/devices/tech/dalvik/dalvik-bytecode), 2018.
Center for Statistics and Applications in Forensic Evidence, StegoDB: An Image Dataset for Benchmarking Steganalysis Algorithms, Final Technical Report, Iowa State University, Ames, Iowa, 2017.
A. Cheddad, J. Condell, K. Curran and P. McKevitt, Digital image steganography: Survey and analysis of current methods, Signal Processing, vol. 90(3), pp. 727–752, 2010.
F. Djebbar, B. Ayad, K. Abed Meraim and H. Hamam, Comparative study of digital audio steganography techniques, EURASIP Journal on Audio, Speech and Music Processing, vol. 2012, article no. 25, 2012.
F5-Steganography Project, F5 Steganography in Java (code.google.com/archive/p/f5-steganography), 2017.
J. Fridrich and J. Kodovsky, Rich models for steganalysis of digital images, IEEE Transactions on Information Forensics and Security, vol. 7(3), pp. 868–882, 2012.
B. Gruver, Smali Home (github.com/JesusFreke/smali/wiki), 2017.
Guardian Project, Pixelknot: Hidden Messages (guardianproject.info/apps/pixelknot), 2017.
Herodotus, The Histories, A. Burn (Ed.) and A. de Selincourt (Translator), Penguin Books, Harmondsworth, United Kingdom, 1954.
F. Huang, J. Huang and Y. Shi, New channel selection rule for JPEG steganography, IEEE Transactions on Information Forensics and Security, vol. 7(4), pp. 1181–1191, 2012.
JD Project, Java Decompiler – Yet Anther Fast Java Decompiler (jd.benow.ca), 2015.
N. Johnson and S. Jajodia, Exploring steganography: Seeing the unseen, IEEE Computer, vol. 31(2), pp. 26–34, 1998.
I. Lee and W. Tsai, A new approach to covert communications via PDF files, Signal Processing, vol. 90(2), pp. 557–565, 2010.
S. Lyu and H. Farid, Steganalysis using higher-order image statistics, IEEE Transactions on Information Forensics and Security, vol. 1(1), pp. 111–119, 2006.
W. Mazurczyk, P. Szaga and K. Szczypiorski, Using transcoding for hidden communications in IP telephony, Multimedia Tools and Applications, vol. 70(3), pp. 2139–2165, 2014.
B. Pan, dex2jar (github.com/pxb1988/dex2jard), 2018.
N. Provos, Outguess (www.outguess.org), 2017.
N. Provos, StegDetect (github.com/abeluck/stegdetect), 2017.
RADJAB, Da Vinci Secret Image (play.google.com/store/apps/details?id=jubatus.android.davinci), 2012.
M. Sadek, A. Khalifa and M. Mostafa, Video steganography: A comprehensive review, Multimedia Tools and Applications, vol. 74(17), pp. 7063–7094, 2015.
Sky Juice Software, Data Stash, Singapore (www.skyjuicesoftware.com/software/ds_info.html), 2017.
C. Tumbleson and R. Winsniewski, Apktool: A Tool for Reverse Engineering Android APK Files, version 2.2.0, 2016.
Twisted Pear Productions, Camouflage (camouflage.unfiction.com), 2018.
D. Upham, Steganographic Algorithm Jsteg (zooid.org/paul/crypto/jsteg), 1993.
A. Westfeld, F5 – A steganographic algorithm, in Information Hiding, I. Moskowitz (Ed.), Springer-Verlag, Berlin Heidelberg, Germany, pp. 289–302, 2001.
WetStone Technologies, StegoHunt, Cortland, New York (www.wetstonetech.com/product/stegohunt), 2018.
Wikibin, Jpegx (www.nerdlogic.org/jpegx/old/jpgx.html), 2017.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 IFIP International Federation for Information Processing
About this paper
Cite this paper
Chen, W., Wang, Y., Guan, Y., Newman, J., Lin, L., Reinders, S. (2018). Forensic Analysis of Android Steganography Apps. In: Peterson, G., Shenoi, S. (eds) Advances in Digital Forensics XIV. DigitalForensics 2018. IFIP Advances in Information and Communication Technology, vol 532. Springer, Cham. https://doi.org/10.1007/978-3-319-99277-8_16
Download citation
DOI: https://doi.org/10.1007/978-3-319-99277-8_16
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-99276-1
Online ISBN: 978-3-319-99277-8
eBook Packages: Computer ScienceComputer Science (R0)