Forensic Analysis of Android Steganography Apps

  • Wenhao Chen
  • Yangxiao Wang
  • Yong Guan
  • Jennifer NewmanEmail author
  • Li Lin
  • Stephanie Reinders
Conference paper
Part of the IFIP Advances in Information and Communication Technology book series (IFIPAICT, volume 532)


The processing power of smartphones supports steganographic algorithms that were considered to be too computationally intensive for handheld devices. Several steganography apps are now available on mobile phones to support covert communications using digital photographs.

This chapter focuses on two key questions: How effectively can a steganography app be reverse engineered? How can this knowledge help improve the detection of steganographic images and other related files? Two Android steganography apps, PixelKnot and Da Vinci Secret Image, are analyzed. Experiments demonstrate that they are constructed in very different ways and provide different levels of security for hiding messages. The results of detecting steganography files, including images generated by the apps, using three software packages are presented. The results point to an urgent need for further research on reverse engineering steganography apps and detecting images produced by these apps.


Image forensics steganography steganalysis Android apps 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    P. Alvarez, Using extended file information (EXIF) file headers in digital evidence analysis, International Journal of Digital Evidence, vol. 2(3), 2004.Google Scholar
  2. 2.
    Android Developers, UI Automator (, 2018.
  3. 3.
    Android Open Source Project, Dalvik Bytecode (, 2018.
  4. 4.
    Center for Statistics and Applications in Forensic Evidence, StegoDB: An Image Dataset for Benchmarking Steganalysis Algorithms, Final Technical Report, Iowa State University, Ames, Iowa, 2017.Google Scholar
  5. 5.
    A. Cheddad, J. Condell, K. Curran and P. McKevitt, Digital image steganography: Survey and analysis of current methods, Signal Processing, vol. 90(3), pp. 727–752, 2010.Google Scholar
  6. 6.
    F. Djebbar, B. Ayad, K. Abed Meraim and H. Hamam, Comparative study of digital audio steganography techniques, EURASIP Journal on Audio, Speech and Music Processing, vol. 2012, article no. 25, 2012.Google Scholar
  7. 7.
    F5-Steganography Project, F5 Steganography in Java (, 2017.
  8. 8.
    J. Fridrich and J. Kodovsky, Rich models for steganalysis of digital images, IEEE Transactions on Information Forensics and Security, vol. 7(3), pp. 868–882, 2012.Google Scholar
  9. 9.
    B. Gruver, Smali Home (, 2017.
  10. 10.
    Guardian Project, Pixelknot: Hidden Messages (, 2017.
  11. 11.
    Herodotus, The Histories, A. Burn (Ed.) and A. de Selincourt (Translator), Penguin Books, Harmondsworth, United Kingdom, 1954.Google Scholar
  12. 12.
    F. Huang, J. Huang and Y. Shi, New channel selection rule for JPEG steganography, IEEE Transactions on Information Forensics and Security, vol. 7(4), pp. 1181–1191, 2012.Google Scholar
  13. 13.
    JD Project, Java Decompiler – Yet Anther Fast Java Decompiler (, 2015.
  14. 14.
    N. Johnson and S. Jajodia, Exploring steganography: Seeing the unseen, IEEE Computer, vol. 31(2), pp. 26–34, 1998.Google Scholar
  15. 15.
    I. Lee and W. Tsai, A new approach to covert communications via PDF files, Signal Processing, vol. 90(2), pp. 557–565, 2010.Google Scholar
  16. 16.
    S. Lyu and H. Farid, Steganalysis using higher-order image statistics, IEEE Transactions on Information Forensics and Security, vol. 1(1), pp. 111–119, 2006.Google Scholar
  17. 17.
    W. Mazurczyk, P. Szaga and K. Szczypiorski, Using transcoding for hidden communications in IP telephony, Multimedia Tools and Applications, vol. 70(3), pp. 2139–2165, 2014.Google Scholar
  18. 18.
    B. Pan, dex2jar (, 2018.
  19. 19.
    N. Provos, Outguess (, 2017.
  20. 20.
    N. Provos, StegDetect (, 2017.
  21. 21.
  22. 22.
    M. Sadek, A. Khalifa and M. Mostafa, Video steganography: A comprehensive review, Multimedia Tools and Applications, vol. 74(17), pp. 7063–7094, 2015.Google Scholar
  23. 23.
    Sky Juice Software, Data Stash, Singapore (, 2017.
  24. 24.
    C. Tumbleson and R. Winsniewski, Apktool: A Tool for Reverse Engineering Android APK Files, version 2.2.0, 2016.Google Scholar
  25. 25.
    Twisted Pear Productions, Camouflage (, 2018.
  26. 26.
    D. Upham, Steganographic Algorithm Jsteg (, 1993.
  27. 27.
    A. Westfeld, F5 – A steganographic algorithm, in Information Hiding, I. Moskowitz (Ed.), Springer-Verlag, Berlin Heidelberg, Germany, pp. 289–302, 2001.Google Scholar
  28. 28.
    WetStone Technologies, StegoHunt, Cortland, New York (, 2018.
  29. 29.

Copyright information

© IFIP International Federation for Information Processing 2018

Authors and Affiliations

  • Wenhao Chen
    • 1
  • Yangxiao Wang
    • 1
  • Yong Guan
    • 1
  • Jennifer Newman
    • 1
    Email author
  • Li Lin
    • 1
  • Stephanie Reinders
    • 1
  1. 1.Iowa State UniversityAmesUSA

Personalised recommendations