Degree Type

Thesis

Date of Award

2020

Degree Name

Doctor of Philosophy

Department

Electrical and Computer Engineering

Major

Computer Engineering

First Advisor

Jennifer Newman

Abstract

Steganography is gaining popularity in recent years due to its strength in covert communication and information hiding. Image steganography apps in particular, has been steadily growing thanks to the processing power of modern smartphones that makes steganography easy to use for regular users. Although steganography is not malicious by nature, it can be a dangerous tool when used for illicit purposes such as malware, industrial espionage, or terrorist communications. Therefore it is important for digital forensics practitioners to have tools that can detect real world steganography apps and the stego images produced by such apps. However, large gap exists between academic research and practical forensics applications as existing research in steganography and malware detection has not paid attention to real world steganography apps.

In this work, we aim to fill the gap by studying real world Android stego apps and developing detection methods against them. Through a preliminary study, we find that it is feasible to reverse engineer real world stego apps and use the knowledge to improve existing stego detection methods. We conduct a large scale study on the existing Android stego apps available on Google Play Store, Github, and F-Droid repositories, and discover unique embedding characteristics and algorithms that are not seen in existing academic research. Using our stego app collection, we create the first mobile stego image benchmark database which greatly improves the effectiveness of existing machine learning steganalysis methods. We propose a signature-based stego image detection method which can be highly efficient and effective in utilizing the knowledge gained from reverse engineering Android stego apps. Lastly, we develop a behavior-based stego app detection framework that can effectively detect stego apps that implement common embedding algorithms.

DOI

https://doi.org/10.31274/etd-20210114-28

Copyright Owner

Wenhao Chen

Language

en

File Format

application/pdf

File Size

106 pages

Available for download on Tuesday, January 25, 2022

Share

COinS