Forensic Analysis of Android Steganography Apps
The processing power of smartphones supports steganographic algorithms that were considered to be too computationally intensive for handheld devices. Several steganography apps are now available on mobile phones to support covert communications using digital photographs.
This chapter focuses on two key questions: How effectively can a steganography app be reverse engineered? How can this knowledge help improve the detection of steganographic images and other related files? Two Android steganography apps, PixelKnot and Da Vinci Secret Image, are analyzed. Experiments demonstrate that they are constructed in very different ways and provide different levels of security for hiding messages. The results of detecting steganography files, including images generated by the apps, using three software packages are presented. The results point to an urgent need for further research on reverse engineering steganography apps and detecting images produced by these apps.
KeywordsImage forensics steganography steganalysis Android apps
Unable to display preview. Download preview PDF.
- 1.P. Alvarez, Using extended file information (EXIF) file headers in digital evidence analysis, International Journal of Digital Evidence, vol. 2(3), 2004.Google Scholar
- 2.Android Developers, UI Automator (developer.android.com/training/testing/ui-automator.html), 2018.
- 3.Android Open Source Project, Dalvik Bytecode (source.android.com/devices/tech/dalvik/dalvik-bytecode), 2018.
- 4.Center for Statistics and Applications in Forensic Evidence, StegoDB: An Image Dataset for Benchmarking Steganalysis Algorithms, Final Technical Report, Iowa State University, Ames, Iowa, 2017.Google Scholar
- 5.A. Cheddad, J. Condell, K. Curran and P. McKevitt, Digital image steganography: Survey and analysis of current methods, Signal Processing, vol. 90(3), pp. 727–752, 2010.Google Scholar
- 6.F. Djebbar, B. Ayad, K. Abed Meraim and H. Hamam, Comparative study of digital audio steganography techniques, EURASIP Journal on Audio, Speech and Music Processing, vol. 2012, article no. 25, 2012.Google Scholar
- 7.F5-Steganography Project, F5 Steganography in Java (code.google.com/archive/p/f5-steganography), 2017.
- 8.J. Fridrich and J. Kodovsky, Rich models for steganalysis of digital images, IEEE Transactions on Information Forensics and Security, vol. 7(3), pp. 868–882, 2012.Google Scholar
- 9.B. Gruver, Smali Home (github.com/JesusFreke/smali/wiki), 2017.
- 10.Guardian Project, Pixelknot: Hidden Messages (guardianproject.info/apps/pixelknot), 2017.
- 11.Herodotus, The Histories, A. Burn (Ed.) and A. de Selincourt (Translator), Penguin Books, Harmondsworth, United Kingdom, 1954.Google Scholar
- 12.F. Huang, J. Huang and Y. Shi, New channel selection rule for JPEG steganography, IEEE Transactions on Information Forensics and Security, vol. 7(4), pp. 1181–1191, 2012.Google Scholar
- 13.JD Project, Java Decompiler – Yet Anther Fast Java Decompiler (jd.benow.ca), 2015.
- 14.N. Johnson and S. Jajodia, Exploring steganography: Seeing the unseen, IEEE Computer, vol. 31(2), pp. 26–34, 1998.Google Scholar
- 15.I. Lee and W. Tsai, A new approach to covert communications via PDF files, Signal Processing, vol. 90(2), pp. 557–565, 2010.Google Scholar
- 16.S. Lyu and H. Farid, Steganalysis using higher-order image statistics, IEEE Transactions on Information Forensics and Security, vol. 1(1), pp. 111–119, 2006.Google Scholar
- 17.W. Mazurczyk, P. Szaga and K. Szczypiorski, Using transcoding for hidden communications in IP telephony, Multimedia Tools and Applications, vol. 70(3), pp. 2139–2165, 2014.Google Scholar
- 18.B. Pan, dex2jar (github.com/pxb1988/dex2jard), 2018.
- 19.N. Provos, Outguess (www.outguess.org), 2017.
- 20.N. Provos, StegDetect (github.com/abeluck/stegdetect), 2017.
- 21.RADJAB, Da Vinci Secret Image (play.google.com/store/apps/details?id=jubatus.android.davinci), 2012.
- 22.M. Sadek, A. Khalifa and M. Mostafa, Video steganography: A comprehensive review, Multimedia Tools and Applications, vol. 74(17), pp. 7063–7094, 2015.Google Scholar
- 23.Sky Juice Software, Data Stash, Singapore (www.skyjuicesoftware.com/software/ds_info.html), 2017.
- 24.C. Tumbleson and R. Winsniewski, Apktool: A Tool for Reverse Engineering Android APK Files, version 2.2.0, 2016.Google Scholar
- 25.Twisted Pear Productions, Camouflage (camouflage.unfiction.com), 2018.
- 26.D. Upham, Steganographic Algorithm Jsteg (zooid.org/paul/crypto/jsteg), 1993.
- 27.A. Westfeld, F5 – A steganographic algorithm, in Information Hiding, I. Moskowitz (Ed.), Springer-Verlag, Berlin Heidelberg, Germany, pp. 289–302, 2001.Google Scholar
- 28.WetStone Technologies, StegoHunt, Cortland, New York (www.wetstonetech.com/product/stegohunt), 2018.
- 29.Wikibin, Jpegx (www.nerdlogic.org/jpegx/old/jpgx.html), 2017.