An Introduction to More Advanced Steganography
John A. Ortiz july 21-22
Ends February 1
Ends June 1
Ends July 20
This course introduces you to basic data hiding terminology and concepts, advancing to showcase more advanced steganographic techniques, some with very high data hiding capacities. One technique successfully hides in a jpeg with a typical capacity of 15 to 20%! That equates to an 8 MB jpeg image containing up to 1.6 MB of covert data! Another advanced technique boasts a 50% capacity in a bitmap with minimal perception – we'll try it out. I will present several audio and video hiding techniques with source code for hands-on student exercises. Less conventional is hiding in executable code and visual cryptography. Finally, we'll discuss and explore specific steganalysis techniques and concepts and apply them to the data hiding programs.
Scattered throughout the course are working demonstrations (most with source code) and hands-on experiments of several steganographic software programs - YOU can decide the effectiveness for yourself. Can you see it? Can you hear it? We shall see … or not!
Who should take this class
You should take this course if you are interested in the topic of data hiding. This would include forensic examiners, counter intelligence, people requiring covert communication, and people wishing to learn more about steganography than the basic Least Significant Bit hiding techniques.
Student Requirements, experience/expertise
- Students should have some basic programming background (Java, C/C++, Matlab)
- A prior knowledge of basic steganography would be beneficial
What to bring
- To do the lab exercises, students should have a laptop with Windows XP or greater OR a Linux distribution with a Windows XP or greater virtual machine. Some of the programs with source code will compile under Linux, but some executables are Windows only.
- If they want to modify/compile some programs themselves, Visual Studio or equivalent is suggested but not required
- Freeware tools such as a hex editor, a picture viewer with zoom, and a media player that will play wave and avi files.
John Ortiz is currently a senior reverse/exploit engineer for Crucial Security Inc., a wholly owned subsidiary of Harris Corporation working in the San Antonio based Air Force 90th Information Operations Squadron. In this position, he develops defensive tools to protect the Air Force's internal networks and researches novel techniques to solve practical cyber security problems. Included are autonomous network traffic analysis, malware analysis, security testing and forensics. Prior to working at Crucial, he spent 5 years at SRA International and 5 years at General Dynamics developing various defense related software, researching data hiding techniques, and analyzing malware.
Mr. Ortiz teaches at the University of Texas at San Antonio for the Computer Science and Electrical and Computer Engineering Departments. He teaches a broad spectrum of courses including microcomputers, microelectronic circuits, solid-state device physics, C++ and Data Structures, and steganography. Additionally, Mr. Ortiz specifically developed the Steganography course for the UTSA. It covers a broad spectrum of data hiding techniques in both the spatial and transform domains including least significant bit, discrete cosine transform, echo hiding, hiding in executables, and hiding in network protocols. Additionally, Mr. Ortiz developed several steganographic programs for testing and analysis.
Prior to working in the private sector, Mr. Ortiz served in the U.S. Air Force for 12 years as a communications officer. In this role he developed and maintained database software, managed various Air Force missions, and taught a 7-week network course.
Mr. Ortiz holds two master's degrees from the Air Force Institute of Technology, the first in Electrical Engineering and the second in Computer Engineering, with a BSEE from Rose-Hulman Institute of Technology.