Provos, Honeyman, Detecting Steganographic Content on the Internet


This is a paper on Network Security I had randomly laying around on my computer that I was bored enough one night to give a read. I’m playing around with the idea of expanding this blog to something like “Boring Books & More”. If so, this will be the first “& More” item.

Steganography is a form of cryptography, and a practice of concealing information inside other objects. In 2002, when this paper was published, the media was concerned that terrorist groups were using Steganography on sites like eBay, in order to discretely communicate evil plans.

This paper first breaks down the different technical ways messages can be inserted into images without changing the visual output of the image, and without drastically changing things like file size. Then they present Stegdetect, a tool they developed that crawls site and scans images, returning a probability that the provided image contains a hidden message.

Stegdetect sampled two million images from eBay actions, and identified 17,000 images that could potentially contain hidden messages. At the time of publication, however, they stated, “so far we have not found a single genuine hidden message.” Too bad!

I thought the paper was highly amusing. First, it’s interesting to explore the complexities of image construction. They are both incredibly complicated and incredibly simple clusters of information. Second, by the end of the paper I was cackling at the results. It is very 2002 to for the news to get in a frenzy about illicit communication via eBay. To have found that wasn’t the case at all was very cathartic.