2017 - The Impact Of Stenography On Electronic Communications by Michael Hegarty

my guys forcefully can people hear me down the back anyway so particularly are terrorists using steganography are criminals using steganography my favorite thing to do at the end of the

[Music] biggest problem at the moment is holding the mall after three years any students

[Music]

[Music] so any questions one of the for today is steganography challenges who is using uses goes insane ography on a few experiments and research communications in secret it's been used since the Greeks used to take the slain to shave his legs had tattoo a message on to say onto the slaves head let the hair grow back send the slave who everybody had to go to and then the other person would shave her head you see our very own leaked encryption so if I'm using encryption we have some understanding of encryptions have I'm a bad person and I'm using encryption and I'm talking to somebody at the back of the class using encryption everybody else know that

communication has taken place communication has taken place where as in second ography we can communicate in secret people don't realize the communication is taking place and information our text or whatever is concealed and other information can be very very hard to find so the great Winston Churchill said and more claim the truth of some crashes and must be protected or attended by your body care deploys these deadly under central so steganography was very drawn to steganography as opposed to seemed sexy to me to begin with on a Saturday off available it came back lecture in 2012 has welcomed us in research areas fact that there was a lot of talk terrorists use in criminal activity

he got me interested and are you meditating passport important high school am I'm sewing a lot of one of the great we can't explain something simply you don't understand of whether move yourself if you want to know of your explain something simply to somebody obviously your experience with seven year old or seven year old explain seven year old or seven year old that they can understand what you're talking about going in a good place so my mother is 74 years old explained a second orbit or explain shaving the head it's invisible each is the former steganography saying loads of snow so where does communication where it's in secret it's a good knowledge she big fan of World

War two and reading about World War two so the she's had to meet me since about 2013 was her developed in 2000 employed apparently rather was five years old TV and they were using invisible ink I know he hell didn't we motor to get the invisible names no I was for even 1978 and I was living in problems not in our city and but wasn't a graceful matters so we can sound opeartor Danes honestly say with 40 years experience

[Music]

[Music]

explained okay so anybody see young people still use

some of the news reading about two years ago I never knew before a lot of high-end printers very faint yellow dots you leave a mark the story behind it is that there was pressure from governments took creatures became so good I think a copy in Celtic so well that is always ready the wall forms a second ology so where can be white information well there now will there not a beautiful week employed it probably go as far as saying this is a potential information [Music] so like Moore's law you know you get faster tools more processing power more bandwidth are JPEGs become bigger our definition becomes clearer we now have hhhh hhhh HD definition this is so clear

so digital evidence can be very hard to find very very hard to find digital event evidence of secrecy so over the course of the last two and a half years we spoken to over 20 forensics investigators and muddies are working for brand names that you'd know so I won't mention any names I asked them what process the course of Awesome lower questions are what process he used to identify the use of steganography and it was amazed that he all used the exact same process they don't they never look for it Digital stole that doesn't Clemente into consideration that they look for the information even in a JPEG where there can be information here because wasn't

doesn't come under the radar so say you're not a fee in a self like encryption there's nothing wrong with you know having secrets who's not in wrong will having secrets so can be used for criminal intent at this very good spot hands up anybody here who keeps the secret easier question hands of anybody who doesn't keep a secret Farrington Moines Alaska for your password if you say you don't keep secrets Rattata party we keep secrets we keep secrets okay so a simple second ography process M is a secret message for obvious reasons a carrier always needs to be bigger than a message how are your needs to be bigger than a message what we see there as well as a

ke terminated and create we create a message but also encrypted so not alone coming up see it's all encrypted and we said that and then we reverse the process on the other end and our secret messages family simple process simple process so Google Scholar articles around the area can be seen as so Google Scholar is 2016 it was 1688 articles regarding encryption and errors in the same year shows 238 regards take anomaly nerve and this false true for every were just to do a search on second RBI encryption well was it big bill to the numbers I like them steganography steganography is even funnier communications steganography is like the closing we know there exists another

interesting number in this as well it popped up in 2001 it was 55 papers published on stag another 2214 Oh camera 11 and this is where media started picking over that bin Laden was used in steganography to communicate prior to the September 11 attacks there was a big focus we know thank you people fake news

steganography because I talk to people and others are saying the steganography fake story get so many people don't know what it is when you do a search with articles in the Daily Mail regarding another terrorist I don't lead our sources out I don't know where to get this solid information visit as a lecturer most people gone through the college system you'd normally be obvious saying well you're a tourist of Isis

he's on ebay eBay eBay so we ran some experience let's keep on losing mokuba

it blurs the distance between letters on the page have some ulterior motive are you okay there's a famous paragraph image taken on video to talk a little bit more abou again just heighten information in the information we already have networks Hagen ography a potential on the seven layers of the OSI model for steganography to be used and I've written an article last month McAfee released a statement regarding network steganography and this was the next big problem Network steganography malware is and this is what we have to protect against read between the lines McAfee are saying you're gonna have to pay what he knew because he found a new problem but we need to protect it

against some folks have no wanted image steganography who mostly research around is least significant bit gang Kessler Bakley regarding an area of second of three excluding most farmers the most common forms of the weekly told the most significant bit the weekly told the least significant bit we can change the least significant bit to whatever we want and visually the image will still look exactly in most cases I don't wanna offend anybody here but we can change the two least the two least significant bits of our image still looks the exact same and if we really want to push it we change the three this and our image will stay the same hmm so we have these bits to play around

with and this is where we can order a secret message wherever we want from these bits again and very simple territories the letter A has a nasty cold voice where we have the blacks opposite views or zero change it warned we don't have to change this is already zero zero zero zero zero

any questions so far that worries me a little bit because I know I'm not explaining myself that well so we don't know that we have this rule at the end of a point where we can hide it whatever information we want how easy is a forest to the wind I'm gonna nipple later how easy is it for us to go in and the little manipulator it's as easy as uploading the image to Facebook or blown an image to Instagram we download a tool from the internet and this is a good signal or a good yardstick to measure it our people people will always ask me well are people using steganography how people use a second ography at the

moment there's around 1200 tools available to create steganography 1200 tools available to create all the different types of steganography so is anybody using it well that number would suggest there has to be somebody used in summer so data does fall around the moons of broken or particular orders and use all use different algorithms than hide information in different ways and some are more easy to detect and others the flipside in details creates eggnog Ravidas around 110 tools available to search for the use of steganography and somebody is em but see now a lot that the newer tools are distributed so if you have a secret message or something to hide or distribute it over maybe five or six different images

radicals get more and more complex so near crawl wasn't Peter honey would do great tools looking for the use of steganography many instances of Sagan ography that they find anybody hazard I guess u0 y a0 didn't find any whatsoever in 2001 so Tim 2015 the secret history of the Mossad the Mossad being the intelligence and Thomas rover again terrorists are using eBay for hide secret messages and they're using steganography to communicate so the cell phone couple of my students told your students a certain project point but is it being used so we gave them some guidance and kept on my shoulder and sat on the must we have to do so second Alice is a new Ward second

Alice's is simply the process of identifying the use of steganography the process of identifying the users tagging ography so as we can imagine eBay all these images it's like looking for a needle in a haystack I'm bearing the Moines we don't even know if it's there to begin with the alloys and all these images forensically examined them looking for second ology so what we'd almost we reverse to coast we reverse it office and we create technology we create secret messages and we uploaded them not to be made and that we downloaded them to see your message was still there and our messages were God but the students used about four or five different tools to create

steganography upload and then download the second Agra job is gone so what was happening well eBay have their own systems they resize the JPEG they use compression so think about we have a box and we put two dozen eggs in the box then we squash the Box down then pull the box back in and make in the box looks the exact same I do so it what's wrong with the eggs they're smashed no and that's business what happened so for at least significant bit eBay is not - you're not gonna point least significant bits technology on eBay we also ran the same process through Facebook same results and don't deal don't deal is a it's a trade in so

ignored and it's the most accessed Irish website annoyed so people point south carriages or whatever on either again destroyed at every point every couldn't couldn't retrieve the secret message that's it that's it we stopped be able so what we wanted to do then was obviously if we're looking for a needle in a haystack at a minimum what should we do looking in a step will be to do identify a sex any Russian people but M plan Tiana loco was saying in 2014 the oysters and everybody else's middle of devoid west or move and all the communications on to VK VK is basically a Russian version of Facebook a Russian version of Facebook social media and

they claim to have four hundred twenty users they have apparently about 50 or 60 it's not like the Aleutians to post so we thank office we create second ography in an image uploaded the image and download that the image again long behold our message was still there so now we know we have the environment suitable for steganography so what we don't end was the student went off and they downloaded circle around two million images started amyloids in two different available tools this staggered action they were and he came back where though it tells and images that were highly suspect so all our tools on the steganography tools won't tell you doctors steganography day they just

categorize it single Asterix to us and such we also ran the expert experiment and I know you some what are tools that have but can't use give you the name of at the moment and I it was a different dancer from from the same website found about two thousand images were highly highly suspect so it's being used and there is big news nope there's a caveat not necessarily illegal avoided was for instance was a photographer and always put my walk up I might embed steganography on Moneyball so what does call to a core case I can stand up and say welcome we walk we can stand over he's bad I don't want to paint a bad

picture of it but I'm only interested in about stuff we should say and thus you found the Hugo Boss you train in a link to a girl living in Ukraine [Music]

[Music] but I very interesting st. puzzles catedral byuklando people know st. puzzles kateed was really colorful lovely beautiful quarters in st. Basil's Cathedral and put a great environment to hide information I'm one of many pictures I found them in the process of another analyzes on them still and I'm some very interesting texts which account the bullet so Tracy original our leaf a little bit easier is originally the original image because then we have something to walk off it's quite easy to identify changes under strange or to disease

[Music] that helps us so sorry talk about Sega medal my passport practice will be to remove had a student ruin a four-tier project and now we have chips where all the information is just scan it and all the information on their screen because the picture

but also their house has taken out of here I'll see you messages hidden in the picture in the chip on the passport so I really wanna bring the banking codes or maybe the worst three equal product legal project my issues and I use open source tools for you also have some tools so what is the problem what is the challenge so how very communication like encryption in itself does nothing wrong with secrecy when it falls into the wrong hands terrorists are using criminals are using bad people are using it and it's an international problem there's an international problem because we see government's restrict an encryption and I mean encryption in certain cases people are still you hey so what can be

done to solve the challenge he's come back to me next year and said it's what I have done to solve the moment it's a work in progress so anybody wants a contact we should I'm on LinkedIn

[Music] look all research there's always people to thank Gary Kessler Neapolitan people are the last ones palace France long and granted movie realms you to help me here

and that's more or less me go is synchro ventures are fairly quick that we fertile grant on time any questions goes for your questions where's weaker oh now all every single not where well it probably say was so

[Music]

mold is so many different things to do is to streamline the overall but under an average of know when I give em like go up a sausage we find love is from a message not a lot of it a lot of it no not be understandable in the Senate you don't really but a lot of it come across just normal

[Music]

very good point you are used to possible again who knows because we can't identify a secret and I think possibly if they happen to be on there that we haven't been caught yes gonna take a secret information from the PowerPoint presentation they gave me JPEG image that are used in this PowerPoint presentation and I used a good view could have a secret message they don't put the portal I wouldn't be a good place to hoist a geography in a presentation

[Music]

there's a lot of these graduates me Cassius woman last year as well called Robin which is Latin for friends it's the same as a Facebook and the more you have exactly going to the web part of your just goes to the more that you have different features typically the picture long to users makes it easier for you did provision sorry it was before it was usually drugs analogy if I have a bag of cocaine and a lot of small that I did the big under container it employer said that there are now if we can get where there's a hundred telogen containers coming true or they're not going harder for people to plate and this is how people smuggle

drugs into ports there's hundreds of thousands of containers who were near the next move one pilot rolls in with this very good little pipette and that's the same not the jgeiger not know and x-rays some sensitive information regarding a patient and some hospitals they will use it on an x-ray so it's not just reasoning this information isn't anybody to see we put your x-ray there is there is a lot of another positive

you were worried a malware and we need to say you know what you could deal with make sure everything but there's a lot more does the criminal goalies can create your own one or void really monitor presidency would be no more there with a little bit aged a lot of normal and these professionals where they did the logo over ready have it mostly exact same with changeable in the early phases you've downloaded issue get video same picture no label to Mike they can go over there obviously see itself is the legal person and yes sometimes it will be both changing so it would usually would be a little bit bigger and that's it a giveaway

remember we're a much more show in the Tracy original force of already the same toys and the second thing we do is we put

what a fantastic question favorite thing to do with love love love no tink even as a lecturer there [Music]

juicy don't we have a matter what

good question and I should actually say that this is where me we seen in 2014 90 on Alok had saying Isis with Muno Communications on to vk.com and which they did and was the Wild West reward well Russia have really 21 laws and understand evolved into trollman under God on to the dark web and that's where I'm going next and they've done some initial and research around dark websites and I'm looking at probably around the same numbers around the same numbers of second ography on the darknet as you would on the clearly somewhere around or I haven't looked too much in our area but it is it's where the bad guys are hanging out there walks over

hold I'm getting less times will be any more Isis anybody who wants to ask me anything else will be your absolute so more than let them come over I have a job in the house have you have a talk and it's a novel thing for me to present when audience and these are all awake really is fantastic just really [Applause]