2014 The 3rd International Conference on Advancements in Information Technology (ICAIT 2014) Dubai, UAE, 22-23 August 2014 2-Leyer Security System for Hiding Sensitive Text Data on Personal Computers Nouf Al-Otaibi and Adnan Gutub Umm Al-Qura University (UQU) Makkah, Saudi Arabia 1 Saturday 23 rd August 2014
2-Leyer Security System for Hiding Sensitive Text Data on Personal Computers Outline • Introduction Motivation & Methods • • Cryptography & Steganography • System Overview System Implementation Interface • • Testing Results & Comparison • Adnan Gutub Saturday 23 rd August 2014 2 ICAIT 2014, Dubai, UAE
2-Leyer Security System for Hiding Sensitive Text Data on Personal Computers Motivation: • Secure Text Storge on Personal Computer (PC) • Use 2-layers ▫ PC independent (Cryptography Layer) ▫ PC data dependant (Steganography Layer) Adnan Gutub Saturday 23 rd August 2014 3 ICAIT 2014, Dubai, UAE
2-Leyer Security System for Hiding Sensitive Text Data on Personal Computers Methods • Cryptography ▫ Converting secret data to unreadable forms... Unconverting it back to the readable form • Steganography ▫ Hiding existence of a secret data (from observation) Adnan Gutub Saturday 23 rd August 2014 ICAIT 2014, Dubai, UAE
2-Leyer Security System for Hiding Sensitive Text Data on Personal Computers Cryptography • Encryption & decryption keys are known Hiding Retrieve • They are usually related (if not identical) Key = Z Same Key = Z ▫ easy to derive the decryption key once the encryption key is known Z Secret Data • DES, AES (Rijndael) Secret Data Lock • A secret must be known (agreed upon) to hide and retrieve Z ▫ So can generate encryption and decryption keys • Key distribution and/or management problem Adnan Gutub Saturday 23 rd August 2014 5 ICAIT 2014, Dubai, UAE
2-Leyer Security System for Hiding Sensitive Text Data on Personal Computers Steganography model Basic Steganography System Cover Object Input Communication Channel Steganography Stego Algorithm Output Object (Embedding Part) Secret Object Input Cover Object Output Communication Channel Steganography Stego Algorithm Input Object (Detection Part) Secret Object Output Adnan Gutub Saturday 23 rd August 2014 6 ICAIT 2014, Dubai, UAE
2-Leyer Security System for Hiding Sensitive Text Data on Personal Computers Steganography & Cryptography • Overlapping usages for information hiding • Steganography security hides the knowledge that there is information in the cover medium • cryptography revels this knowledge but encodes the data as cipher-text and disputes decoding it without permission • cryptography concentrate the challenge on the decoding process while steganography adds the search of detecting if there is hidden information or not. Adnan Gutub Saturday 23 rd August 2014 7 ICAIT 2014, Dubai, UAE
2-Leyer Security System for Hiding Sensitive Text Data on Personal Computers Process flow graph of the 2-Layer security system Storing sensitive secret text data Retrieving back secret text data Adnan Gutub Saturday 23 rd August 2014 8 ICAIT 2014, Dubai, UAE
2-Leyer Security System for Hiding Sensitive Text Data on Personal Computers Overview : 2-leyer security system Cover Stego Image Secret Encryption/ Sensitive Secret Decryption Key Text Data 2-Layer Security System Image Base AES Symmetric Steganography Cryptography Layer Layer Output: Stego-Image Hiding Sensitive Secret Text Data on Personal Computers Adnan Gutub Saturday 23 rd August 2014 9 ICAIT 2014, Dubai, UAE
2-Leyer Security System for Hiding Sensitive Text Data on Personal Computers Cryptography: AES Adnan Gutub Saturday 23 rd August 2014 10 ICAIT 2014, Dubai, UAE
2-Leyer Security System for Hiding Sensitive Text Data on Personal Computers Steganography: Image based • Hiding in LSBs • Example: embedding 200 => (11001000) • Pixel 1: 0010110 1 0001110 1 1101110 0 • Pixel 2: 1010011 0 1100010 1 0000110 1 • Pixel 3: 1101001 0 1010110 0 01100011 Adnan Gutub Saturday 23 rd August 2014 11 ICAIT 2014, Dubai, UAE
2-Leyer Security System for Hiding Sensitive Text Data on Personal Computers System interface showing: bits statistics process of hiding sensitive text: AES encryption image based steganography Adnan Gutub Saturday 23 rd August 2014 12 ICAIT 2014, Dubai, UAE
2-Leyer Security System for Hiding Sensitive Text Data on Personal Computers retrieve sensitive data Adnan Gutub Saturday 23 rd August 2014 13 ICAIT 2014, Dubai, UAE
2-Leyer Security System for Hiding Sensitive Text Data on Personal Computers Image changes cannot be observed Original image Stego image Adnan Gutub Saturday 23 rd August 2014 14 ICAIT 2014, Dubai, UAE
2-Leyer Security System for Hiding Sensitive Text Data on Personal Computers Stego Tests: Capacity Improvement Changing: 1-LSB 7-LSB Steganography acceptable number of bits = 1-LSB & 2-LSB Adnan Gutub Saturday 23 rd August 2014 15 ICAIT 2014, Dubai, UAE
2-Leyer Security System for Hiding Sensitive Text Data on Personal Computers Testing: 30 images security relation to data dependency Compare: 1LSB and 2LSB. Adnan Gutub Saturday 23 rd August 2014 16 ICAIT 2014, Dubai, UAE
2-Leyer Security System for Hiding Sensitive Text Data on Personal Computers Testing Results: 30 images security relation to data dependency Compare: 1LSB & 2LSB. Adnan Gutub Saturday 23 rd August 2014 17 ICAIT 2014, Dubai, UAE
2-Leyer Security System for Hiding Sensitive Text Data on Personal Computers Remarks • Implemented visual basic platform of 2-layer security system ==> hiding sensitive text data on personal computers (PC) • AES Crypto layer: PC independent security • Image Based Stego layer: fully dependant on the PC data available • Capacity improved by Stego layer accepting security of 2LSB as well as 1LSB Adnan Gutub Saturday 23 rd August 2014 18 ICAIT 2014, Dubai, UAE
2-Leyer Security System for Hiding Sensitive Text Data on Personal Computers Adnan Gutub Saturday 23 rd August 2014 19 ICAIT 2014, Dubai, UAE
2014 The 3rd International Conference on Advancements in Information Technology (ICAIT 2014), Dubai, UAE, 22-23 August 2014 Thanks for the opportunity Questions? 2-Leyer Security System for Hiding Sensitive Text Data on Personal Computers Nouf Al-Otaibi and Adnan Gutub Umm Al-Qura University (UQU), Makkah, Saudi Arabia 20
Recommend
More recommend