View
214
Download
0
Embed Size (px)
Citation preview
Le’go My Stego Le’go My Stego (StegoFS) (StegoFS)
Steganography Steganography in the post Web 2.0 Worldin the post Web 2.0 World
ororLeveraging Public Media as a Stego FilesystemLeveraging Public Media as a Stego Filesystem
James Shewmaker © 2008James Shewmaker © 2008DEFCON 0x10DEFCON 0x10
Today’s AgendaToday’s Agenda
Today’s AgendaToday’s AgendaBackground: Classical StegoBackground: Classical StegoDigital Stego TechniquesDigital Stego TechniquesExtending Stego conceptsExtending Stego concepts
Surviving ConversionSurviving ConversionPostmortem Conversion DetectionPostmortem Conversion Detection
StegoFS: Applying Stego to Web 2.0 StegoFS: Applying Stego to Web 2.0 resourcesresources
Beyond StegoFSBeyond StegoFS
Classic StegoClassic Stego
Old School Spy vs. SpyOld School Spy vs. SpyClassified Ads / MicrodotsClassified Ads / Microdots
Digital Stego – Digital Stego – When used, usually in media filesWhen used, usually in media filesAny sample can have its Least Significant Any sample can have its Least Significant
Bit (LSB) tweaked, resulting in minor Bit (LSB) tweaked, resulting in minor disruptionsdisruptions
As long as the tweaking is defined, it can As long as the tweaking is defined, it can be decoded reliably (assuming no corrupt be decoded reliably (assuming no corrupt bits)bits)
Classic Digital StegoClassic Digital Stego
Classic Digital StegoClassic Digital Stego Manipulating that Least Significant BitManipulating that Least Significant Bit Using unused space in a host fileUsing unused space in a host file
ExamplesExamples Digital audio – fairly subtleDigital audio – fairly subtle
Even magnitude == zeroEven magnitude == zero Odd magnitude == oneOdd magnitude == one
Digital image – also fairly subtleDigital image – also fairly subtle Even LSB of a pixel == zeroEven LSB of a pixel == zero Odd LSB of a pixel == oneOdd LSB of a pixel == one
Distributed StegoDistributed Stego
Many video sites convert to FLV or MP4VMany video sites convert to FLV or MP4V Take your favorite viral marketing videoTake your favorite viral marketing video
Encode to MP4V before you uploadEncode to MP4V before you upload Store data with stego using each frame/tag/boxStore data with stego using each frame/tag/box
(GIF/PNG/JPEG, etc.)(GIF/PNG/JPEG, etc.) Store parity bit with each audio sampleStore parity bit with each audio sample
Classic/Simple stego is not quite robust enough Classic/Simple stego is not quite robust enough to survive video conversionsto survive video conversions High redundancy might survive conversionHigh redundancy might survive conversion If we pick our codec well, it might survive unmolestedIf we pick our codec well, it might survive unmolested
Who needs binary hosts anyway?Who needs binary hosts anyway?
Whitespace in public blog commentsWhitespace in public blog comments Seed arbitrary blog with keywords, then ask Google to Seed arbitrary blog with keywords, then ask Google to
find the blogfind the blog \x20 between words == zero\x20 between words == zero \x20\x20 between words == one\x20\x20 between words == one
Mispelt blog commentsMispelt blog comments the == zerothe == zero teh == oneteh == one
These techniques are compressible and subtle These techniques are compressible and subtle to likely be overlooked when classic stego to likely be overlooked when classic stego detection tools are useddetection tools are used
Creating a Stego FilesystemCreating a Stego Filesystem
Previous slides could be used for data or Previous slides could be used for data or metadatametadata
Pick a method to encode a structure, ie:Pick a method to encode a structure, ie: Blog comments as metadata (dually-linked list)Blog comments as metadata (dually-linked list)
URL to previous metadata commentURL to previous metadata comment URL to datablockURL to datablock URL to next metadata commentURL to next metadata comment
Store datablock in video frame/tag/box (up to one bit Store datablock in video frame/tag/box (up to one bit per pixel)per pixel)
Store an extra parity bit for the datablock in the audio Store an extra parity bit for the datablock in the audio samplesample
How the data survives conversionHow the data survives conversion
Small errors from conversion Small errors from conversion detected/corrected with FEC techniques to detected/corrected with FEC techniques to survive conversionsurvive conversion
RAID 10 the metadataRAID 10 the metadataThat is to say mirrored sets of RAID 5That is to say mirrored sets of RAID 5
If LSB bits are lost in a single If LSB bits are lost in a single frame/tag/box-we can recoverframe/tag/box-we can recover
If the conversion taints a portion of the If the conversion taints a portion of the frame/tag/box-we can recover frame/tag/box-we can recover
Forward error correction (FEC)Forward error correction (FEC)
Techniques on preserving dataTechniques on preserving dataGoogle/Wikipedia for more backgroundGoogle/Wikipedia for more background
Hamming codeHamming codeReed-SolomonReed-SolomonViterbiViterbi
The StegoFS example here illustrates The StegoFS example here illustrates redundancy and fault tolerance via redundancy and fault tolerance via Hamming code techniquesHamming code techniques
Even Hamming code exampleEven Hamming code example Every power of 2 is a parity bit (4 extra bits)Every power of 2 is a parity bit (4 extra bits) For example, store \xFF, blanks are parityFor example, store \xFF, blanks are parity
__1_ 111_ 1111__1_ 111_ 1111 11stst bit checks 1, skips 1, then bit checks 1, skips 1, then repeats,5 ones is odd so we getrepeats,5 ones is odd so we get
1_1_ 111_ 11111_1_ 111_ 1111 22ndnd bit checks 2 bits, skip 2… bit checks 2 bits, skip 2… (2,3,6,7,10,11),5 ones so we get(2,3,6,7,10,11),5 ones so we get
111_ 111_ 1111111_ 111_ 1111 (4,5,6,7,12), 4 ones so we get(4,5,6,7,12), 4 ones so we get 1110 111_ 11111110 111_ 1111 1110 1110 1111 1110 1110 1111 –Final encoded –Final encoded
Fixing a bad bitFixing a bad bit
1110 1110 1111 1110 1110 1111 –Final Encoded–Final Encoded1110 1110 1011 1110 1110 1011 –Damaged–Damaged ^ ^ ^ ^ -Lies!-Lies! 2 + 8 =10 2 + 8 =10 -bit 10 is bad!-bit 10 is bad!1110 1110 1111 1110 1110 1111 -Corrected!-Corrected!This will detect 2 bit errors, but correcting This will detect 2 bit errors, but correcting
more than 1 error requires wrapping all of more than 1 error requires wrapping all of this with more checksthis with more checks
Hold on for a secondHold on for a second
What do we have so far?What do we have so far?We can hide data inside of other dataWe can hide data inside of other dataWe can store 8 bits of data and use 4 bits to We can store 8 bits of data and use 4 bits to
detect and correctdetect and correct If we do this for every sample (pixel), it is If we do this for every sample (pixel), it is
easier to detecteasier to detectMany near duplicate colorsMany near duplicate colorsCompressibility changesCompressibility changes
Use sparse encoding techniquesUse sparse encoding techniques
Not Just for StegoNot Just for Stego
What use is sparsely encoded data?What use is sparsely encoded data?Covert storageCovert storage
Classic-Just stash you bits inside of other dataClassic-Just stash you bits inside of other dataCovert metadataCovert metadata
Stash data about your covertly stashed dataStash data about your covertly stashed dataCovert communications channelCovert communications channel
Use the stashed data as a signal Use the stashed data as a signal For example, is a decoding algorithm or keyFor example, is a decoding algorithm or key
WatermarkingWatermarkingStash a serial number to track the host dataStash a serial number to track the host data
OK, so now what?OK, so now what?
Making a frame survive conversion isn’t Making a frame survive conversion isn’t everythingeverything
What happens when video is resampled?What happens when video is resampled?This entire frame might be skipped or This entire frame might be skipped or
merged with the next framemerged with the next frameBut we can use another parity code across But we can use another parity code across
framesframesBy adding this extra dimension, we can By adding this extra dimension, we can
survive dropped framessurvive dropped frames
Adding redundant datablocksAdding redundant datablocks
Easy to mirror the datablock for three Easy to mirror the datablock for three continuous framescontinuous frames If one frame is dropped, no problemIf one frame is dropped, no problem If two frames are merged, no problemIf two frames are merged, no problemJust need to be able to identify a datablockJust need to be able to identify a datablock
Might be merged with copies of itself (same five Might be merged with copies of itself (same five frames)frames)
Might be merged with next datablockMight be merged with next datablock
Patterns affect compressibilityPatterns affect compressibility
Encoding datablocks with Hamming code Encoding datablocks with Hamming code not too obviousnot too obvious
Mirroring three frames is more obviousMirroring three frames is more obviousSo what we have so far has obvious patternsSo what we have so far has obvious patterns
XOR or RAID 5 the frames?XOR or RAID 5 the frames?Still survives frame dropsStill survives frame dropsArguably less obviousArguably less obvious
If we mirror the first two “Hamming'd” If we mirror the first two “Hamming'd” bytes, we can add an XOR’d version of the bytes, we can add an XOR’d version of the bytebyte
For next “Hamming'd” byte, we could do For next “Hamming'd” byte, we could do the same or add the XOR’d version from the same or add the XOR’d version from the previousthe previous
Using three frames to encode xFFUsing three frames to encode xFF
Obligatory example - WritingObligatory example - Writing Create hamming coded byteCreate hamming coded byte
convert -size 12x1 xc:"#FFFFFF50" -fill black convert -size 12x1 xc:"#FFFFFF50" -fill black -draw "point 3,0 point 7,0" draw2.png-draw "point 3,0 point 7,0" draw2.png
Create watermark (redundant copies of coded byte)Create watermark (redundant copies of coded byte)montage -geometry +0+0 draw2.png draw2.png montage -geometry +0+0 draw2.png draw2.png draw2.png draw3.pngdraw2.png draw3.png
Add 50% transparency to backgroundAdd 50% transparency to backgroundcomposite -dissolve 50 -tile draw3.png composite -dissolve 50 -tile draw3.png temphost.png draw4.pngtemphost.png draw4.png
Encode the watermark into the videoEncode the watermark into the videoffmpeg -i "clean.flv" -acodec copy -vhook ".\ffmpeg -i "clean.flv" -acodec copy -vhook ".\vhook\imlib2.dll -i draw4.png" -y coded.mpegvhook\imlib2.dll -i draw4.png" -y coded.mpeg
Obligatory example - ReadingObligatory example - Reading Strip out frames as PNG filesStrip out frames as PNG files
ffmpeg -i download.flv -vcodec png -vframes 1 -an ffmpeg -i download.flv -vcodec png -vframes 1 -an -f rawvideo -s 320x240 down_%d.png-f rawvideo -s 320x240 down_%d.png
Extract watermark from each PNGExtract watermark from each PNGconvert -crop 36x1 down_%d.png mark_%d.pngconvert -crop 36x1 down_%d.png mark_%d.png
Merge all frames into oneMerge all frames into one#fancy scripted composite commands#fancy scripted composite commands
Check color for each pixel to see if it is closer to 0 or 1Check color for each pixel to see if it is closer to 0 or 1#more fancy scripting for estimated average values #more fancy scripting for estimated average values #yet more fancy scripting for parity checks#yet more fancy scripting for parity checks
So what do we have now?So what do we have now?
Each frame is stored as an image Each frame is stored as an image Each frame is encoding one bit per pixel Each frame is encoding one bit per pixel
by choosing either even or odd by choosing either even or odd Increases near-duplicate colors if we apply Increases near-duplicate colors if we apply
blindly-becomes easy to detectblindly-becomes easy to detectChances are, we loose near duplicate colors Chances are, we loose near duplicate colors
during MP4V to MP4V conversionduring MP4V to MP4V conversionLargely prevented by choosing colors well Largely prevented by choosing colors well
(say only encode green pixels)(say only encode green pixels)
So what do we have now? (2)So what do we have now? (2)
Each frame contains encoded bytes Each frame contains encoded bytes The next frame encodes the same bytes in The next frame encodes the same bytes in
the same waythe same wayMaybe conversion destroys patternsMaybe conversion destroys patterns
Start XOR'ing the bytes between framesStart XOR'ing the bytes between framesMove the bytes elsewhere in the imageMove the bytes elsewhere in the imageAdd more parity bits to each byteAdd more parity bits to each byteEach “Hamming'd” byte corrects bitsEach “Hamming'd” byte corrects bitsEach frame provides byte redundancyEach frame provides byte redundancy
Revealing an ExampleRevealing an Example
http://youtube.com/watch?v=djhWj19aWAAhttp://youtube.com/watch?v=djhWj19aWAAEncoded xFF in upper left of videoEncoded xFF in upper left of videoThree times for redundancyThree times for redundancyEven Hamming codeEven Hamming code50% transparency = 1, black = 050% transparency = 1, black = 0Notice how on bright frames compression Notice how on bright frames compression
totally destroys the black bitstotally destroys the black bits If we average the frames, we surviveIf we average the frames, we survive
Realizing StegoFSRealizing StegoFS
These structures could hold anythingThese structures could hold anythingPut the structures in arbitrary placesPut the structures in arbitrary places
Some sites mirrorSome sites mirrorSome thieves plagiarizeSome thieves plagiarize
StegoFS could be an easy interface to put StegoFS could be an easy interface to put blocks covertly in video/audio/images/textblocks covertly in video/audio/images/text
Could ask Google to find itCould ask Google to find it ““Drive Maintenance” – repair any Drive Maintenance” – repair any
necessary pieces necessary pieces
Alpha ImplementationAlpha Implementation
You’ve seen gmailfs—same idea You’ve seen gmailfs—same idea Originally written in Perl with FLV Originally written in Perl with FLV Rewritten using Python (py-fusefs, Rewritten using Python (py-fusefs,
imagmagick, ffmpeg) imagmagick, ffmpeg) POC only, not extremely clever and no POC only, not extremely clever and no
intention of maintainingintention of maintainingOnly uses youtube.comOnly uses youtube.comPlanning to release by Sep. 2008 at Planning to release by Sep. 2008 at
http://bluenotch.com/resources/http://bluenotch.com/resources/
Bonus RoundBonus Round We have only talked about LSB stego, what We have only talked about LSB stego, what
about using a relationship to encode bits?about using a relationship to encode bits? Can we build a pattern out of key frames? (key Can we build a pattern out of key frames? (key
frames used to seek)frames used to seek) Two close keyframes = zero, two sparse = oneTwo close keyframes = zero, two sparse = one
Video metadata or matte layerVideo metadata or matte layer Store more stegoStore more stego Store a hash/signature to identify datablock and/or Store a hash/signature to identify datablock and/or
datablock tampering datablock tampering Leverage existing watermarksLeverage existing watermarks
Say, use stego represented as an approximation of Say, use stego represented as an approximation of the youtube logo watermarkthe youtube logo watermark
Double Bonus RoundDouble Bonus Round
StegoFS metadata could be stored as StegoFS metadata could be stored as stego as wellstego as well
Can extend stego/covert tricksCan extend stego/covert tricksSpoof a packet for an expected replySpoof a packet for an expected reply
Repeat as often as needed (refresh ala DRAM)Repeat as often as needed (refresh ala DRAM)
Haven't really touched audio yetHaven't really touched audio yetOld-timey film streaks actually barcodesOld-timey film streaks actually barcodes
Some tricks to minimize impactSome tricks to minimize impactYoutube's audio compression foiled with carrierYoutube's audio compression foiled with carrier
Que the ParanoiaQue the Paranoia
In testing, it became obvious that the fault In testing, it became obvious that the fault tolerance built into StegoFS revealed patternstolerance built into StegoFS revealed patterns
That is, I could tell _how_ the file was mangled, That is, I could tell _how_ the file was mangled, and could often rebuild itand could often rebuild it
How do you know that your videos are not How do you know that your videos are not already watermarked?already watermarked?
*They* might be able to see where you got if *They* might be able to see where you got if from, but more importantly _how_ from, but more importantly _how_
Relationships are becoming less safeRelationships are becoming less safe It's getting easier, not harderIt's getting easier, not harder
ConclusionsConclusions
Techniques themselves are not newTechniques themselves are not newJust applied in new ways to new mediaJust applied in new ways to new media
Metadata is the new data againMetadata is the new data againRelationships are most importantRelationships are most importantWe need more places to put our dataWe need more places to put our dataRelationships can be represented inside what Relationships can be represented inside what
they describethey describePrivacy concerns-is this already there?Privacy concerns-is this already there?Exercise hacking beyond designExercise hacking beyond design
Say, extend it to quantum computing?Say, extend it to quantum computing?
References / For More InfoReferences / For More Info
StegoFS - http://bluenotch.com/resources/StegoFS - http://bluenotch.com/resources/FLV- http://www.adobe.com/devnet/flv/ FLV- http://www.adobe.com/devnet/flv/ Hamming code- Hamming code-
http://en.wikipedia.org/wiki/Hamming_codehttp://en.wikipedia.org/wiki/Hamming_code#General_algorithm #General_algorithm
Virtualdub filter to encode in AVI- Virtualdub filter to encode in AVI- http://compression.ru/video/stego_video/inhttp://compression.ru/video/stego_video/index_en.htmldex_en.html