Honeypot and Steganography

NIS ASSIGNMENT
Topic: Honeypot and Steganography
Date:08/08/2015
Made By:
Preeti Kumari
Sushma Bhat
MOUNT CARMEL COLLEGE
DEPARTMENT OF MCA

Honeypots
Be afraid
Be very afraid

/10/07 Presentation
CONTENTS
 Introduction
 History
 What is Honeypot?
 Classification
 Applications
 Advantages and Disadvantages
 Conclusion
 References

/10/07 Presentation
Introduction
 The primary goal of computer security is to defend
computers against attacks launched by malicious users.
 A relatively recent innovation in intrusion detection
technology is the honeypot.
 The systems can only react to or prevent attacks but they
cannot give us information about the attacker, the tools used
or even the methods employed. Hence, Honeypots are a novel
approach to network security and security research
 Honeypots are closely monitored decoys that are employed in
a network to study the trail of hackers and to alert network
administrators of a possible intrusion.

/10/07 Presentation
 The concept of Honeypots was first described by Clifford Stoll
in 1990.
 It began with two publications, “The Cuckoos Egg” and “An
Evening with Breford”.
 The first honeypot was released in 1997 called the Deceptive
Toolkit.
 In 1998 the first commercial honeypot called Cybercop Sting
was released.
 In 2002 the honeypot was used all over the world.
 In the year 2005 The Philippine Honeypot Project was started to
promote computer safety over in the Philippines.
History

/10/07 Presentation
 A HONEYPOT is an information system resource whose value
lies in unauthorized or illicit use of that resource
 Honeypots and firewalls work in reverse direction to each other
as the honeypots allow all traffic to come in but blocks all
outgoing traffic. Most honeypots are installed inside network
firewalls and is a means of monitoring and tracking hackers.
Honeypots are a unique tool to learn about the tactics of
hackers.
 Honeypots are decoy systems that are designed to lure a
potential attacker away from critical systems.
What is a Honeypot?

/10/07 Presentation
Goals of the Honey pot system
The virtual system should look as real as possible, it
should attract unwanted intruders to connect to the virtual
machine for study. It must include files, directories and
information that will catch the eye of the hacker.
The virtual system should be watched to see that it isn’t
used for a massive attack on other systems.

/10/07 Presentation
Purpose
The two main reasons why honeypots are deployed are
1.To learn how intruders probe and attempt to gain access to
your systems and gain insight into attack methodologies to
better protect real production systems.
2. To gather forensic information required to aid in the
apprehension.

/10/07 Presentation
Block diagram of single honeypot

/10/07 Presentation
How do honeypots work?

/10/07 Presentation
Classification of HoneyPots
Honeypots can be classified according to two criteria:
 According to their Implementation Environment
 According to their Level of Interaction.

/10/07 Presentation
Implementation Environment
Under this two category
 Production Honeypots
 Research Honeypots

/10/07 Presentation
Production Honeypots: …..
Used to protect organizations in real production
operating environments.
Specifically the three layers of prevention, detection, and
response.

/10/07 Presentation
Research Honeypots: …..
These Honeypots are not implemented with the
objective of protecting networks.
Studying all sorts of attack patterns and threats.
Used to gather information about the intruders’ actions.

/10/07 Presentation
Level of Interaction …...
The term “Level of Interaction” defines the range of
attack possibilities that a Honeypot allows an attacker to
have.
classified on the bases of their levels:-
1. HoneyD (Low-Interaction)
2. Honey net (High-Interaction)

/10/07 Presentation
Low-Interaction Honeypots
Low-interaction honeypots are typically the easiest
honeypots to install, configure, deploy, maintain.
Nepenthes
Honeyd
Honeytrap
Web Applications

/10/07 Presentation
High-interaction Honeypots
Honeynets is a collection of honeypots are combined to
create a single honeynet.
High-interaction honeypots provide an attacker with a real
operating system where nothing is emulated or restricted.
It controls an attacker at the network level.

/10/07 Presentation
Advantages of Honeypots…..
New Tools and Tactics
Minimal Resources
Information
Simplicity

/10/07 Presentation
Disadvantages of Honeypots……
Limited Vision
Risk

/10/07 Presentation
Applications
Defence
Business
Education organizations
Banking security
Web applications

/10/07 Presentation
Contents
 What is Steganography?
 History Of Steganography
 Physical And Digital techniques
 Steganography v/s Cryptography
 Basic Steganography Model
 Types Of Steganography
 Applications
 Advantages v/s Disadvantages
 Conclusion
 References

/10/07 Presentation
History
 Steganography was traced from 440 BC
 Demaratus sent a warning about a forthcoming attack to
Greece by writing it directly on the wooden backing of a
wax tablet
 Ancient Chinese wrote messages on fine silk
 During Second World War a technique was developed to
shrink photographically a page of text into a dot less than
one millimeter in diameter.

/10/07 Presentation
What is Steganography?
What is Steganography?
Steganography is the art and science of writing hidden
messages in such a way that no one, apart from the sender
and intended recipient, suspects the existence of the
message.
“Steganography means hiding one piece of data within
another”.

/10/07 Presentation
Example
Since everyone can read, encoding text
in neutral sentences is doubtfully effective
Since Everyone Can Read, Encoding Text
In Neutral Sentences Is Doubtfully Effective
‘Secret inside’

/10/07 Presentation
Physical Techniques
 Hidden messages within wax tablets
 Hidden messages on messenger's body
 Hidden messages on paper written in secret inks
 Messages written on envelopes in the area covered
by postage stamps.
 Invisible ink
 Character marking
 Pin punctures
 Typewriter correction ribbon

/10/07 Presentation
Digital Techniques
 Concealing messages within the lowest bits
of noisy images or sound files.
 Modifying the echo of a sound file (Echo
Steganography)
 Including data in ignored sections of a file, such as
after the logical end of the carrier file.

/10/07 Presentation
Steganography V/s Cryptography
Steganography Cryptography
Unknown message passing Known message passing
Steganography prevents discovery of the
very existence of communication
Encryption prevents an unauthorized party
from discovering the contents of a
communication
Little known technology Common technology
Technology still being develop for certain
formats
Most of algorithm known by all
Once detected message is known
Strong current algorithm are resistant to
attacks ,larger expensive computing power
is required for cracking
Steganography does not alter the structure
of the secret message
Cryptography alter the structure of the
secret message

/10/07 Presentation
Basic Steganography Model

/10/07 Presentation
Text Steganography
 Text steganography can be applied in the digital makeup
format such as PDF, digital watermark or information
hiding
 Example: TextHide hides the information in the manner
of text overwriting and words’ selection.

/10/07 Presentation
Text Steganography Methods
 Text Steganography in Markup Languages[HTML]
 Text Steganography in Specific characters in words
 Line shifting Method
 Word shifting
 Feature coding

/10/07 Presentation
Examples of Text Steganography
An example of a message containing cipher text by German
Spy in World War II:
“Apparently neutral's protest is thoroughly discounted
And ignored. Isman hard hit. Blockade issue affects
Pretext for embargo on by products, ejecting
suets and Vegetable oils. ”
Pershing sails from NY June 1.

/10/07 Presentation
Image Steganography

/10/07 Presentation
Transform Domain Technique
 Transform domain techniques embed messages in the
intensity of the pixels directly.
 In this technique images are first transformed and then the
message is embedded in the image
 This techniques encompass bit-wise methods that apply
bit insertion and noise manipulation.
 Steganography in the transform domain involves the
manipulation of algorithms and image transforms.

/10/07 Presentation
LSB [Least Significant bit] Method
 Least significant bit (LSB) insertion is a common, simple
approach to embedding information in a cover image
 The least significant bit (8th bit) is changed to a bit of the
secret message
 When using a 24-bit image, a bit of each of the red, green
and blue colour components can be used, since they are
each represented by a byte.
 In its simplest form, LSB makes use of BMP images,
since they use lossless compression

/10/07 Presentation
Example Of LSB Method
A grid for 3 pixels of a 24-bit image can be as follows:
(00101101 00011100 11011100)
(10100110 11000100 00001100)
(11010010 10101101 01100011)
When the number 200, which binary representation is
11001000, is embedded into the least significant bits of this
part of the image, the resulting grid is as follows:
(00101101 00011101 11011100)
(10100110 11000101 00001100)
(11010010 10101100 01100011)

/10/07 Presentation
Example Of Image Steganography
Image of a tree
with a
steganographically
hidden
image.

/10/07 Presentation
Audio Steganography
 Embedding secret messages into digital sound is known
as audio Steganography.
 Audio Steganography methods can embed messages in
WAV, AU, and even MP3 sound files.

/10/07 Presentation
LSB Technique Method
 The message 'HEY' is encoded in a
16-bit sample using the LSB
method.
 Here the secret information is
‘HEY’ and the cover file is audio
file. HEY is to be embedded inside
the audio file.
 First the secret information ‘HEY’
and the audio file are converted into
bit stream.
 The least significant column of the
audio file is replaced by the bit
stream of secret information ‘HEY’.
 The resulting file after embedding
secret information ‘HEY’ is called
Stego-file.

/10/07 Presentation
 It is used in the way of hiding not the information but the
password to reach that information.
 Difficult to detect. Only receiver can detect.
 Can be applied differently in digital image, audio and
video file.
 It can be done faster with the large number of softwares.
Advantages

/10/07 Presentation
Disadvantages
 Huge number of data, huge file size, so someone can
suspect about it.
 If this technique is gone in the wrong hands like hackers,
terrorist, criminals then this can be very much dangerous
for all.

/10/07 Presentation
Applications
 Media Database systems
 Usage in modern printers
 Alleged use by terrorists
 Alleged use by intelligence services

/10/07 Presentation
Conclusion
• Honey pots are an extremely effective tool for observing
hackers movements as well as preparing the system for
future attacks.
• Steganography in our current digital age can be attributed
to both the desire of individuals to hide information

/10/07 Presentation
References
http://www.honeynet.org.mx/es/data/files/Papers/UAT_Ho
neypots_EN
http://www.honeypots.net/honeypots/links
S. William, Cryptography and Network Security:
Principles and Practice, 2nd
edition, Prentice-Hall, Inc., 1999
pp 23-50
Bandyopadhyay, S.K., 2010. An Alternative Approach of
Steganography Using Reference Image.

/10/07 Presentation
Research paper on
Online hiding of information

/10/07 Presentation
 In today’s world the art of sending & displaying the
hidden information especially in public places, has
received more attention.
 In this paper we propose a new form of steganography,
on-line hiding of information on the output screens of the
instrument. This method can be used for announcing a
secret message in public place.
 Private marking system using symmetric key
steganography technique and LSB technique is used here
for hiding the secret information.
Abstract

/10/07 Presentation
Introduction
 The main goal of steganography is to hide information in
the other cover media so that other person will not notice
the presence of the information.
 Steganography is the art of inconspicuously hiding data
within data.

/10/07 Presentation
Requirements of hiding information digitally
a)The integrity of the hidden information after it has been
embedded inside the stego object must be correct.
b)The stego object must remain unchanged or almost
unchanged to the naked eye.
c) Finally, we always assume that the attacker knows that
there is hidden information inside the stego object.

/10/07 Presentation
Embedding and detecting secret information

/10/07 Presentation
Types of steganography
Steganography can be split into two types :
a)Fragile: This steganography involves embedding
information into a file which is destroyed if the file is
modified.
b)Robust: Robust marking aims to embed information into a
file which cannot easily be destroyed.

/10/07 Presentation
PROPOSED WORK

/10/07 Presentation
Algorithm for embedding the secret message
a) Read the image from the source.
b) Divide the image into [R x C] smaller blocks .Where R
& C are the first & second bytes of the key respectively
c) Each smaller block is a combination of many pixels of
different values.
d) The LSBs of the pixel are changed depending on the
pattern bits and the secret message bits.
e) The pattern bits are considered in sequence form its
MSB.
f) If the pattern bit is 0, then the first LSB of the pixel is
changed

/10/07 Presentation
g) If the pattern bit is 1, then the second LSB of the pixel is
changed accordingly.
h) A single bit of the secret message is distributed through
out the block. This is done to have enough information so
that correct information can be retrived after decoding
i) Similarly the other bits are inserted in the remaining
blocks.
j) If the length of the secret message is large , then it can
be divided and stored in two or three frames.
k) The information is extracted.

/10/07 Presentation
Performance Measures
a) The integrity of the hidden information should not
change after embedding.
b) The stego object must remain almost unchanged to the
naked eye.
c) There should be accuracy in the extracted data

/10/07 Presentation
RESULTS
In Online transmission of the hidden data, there are 3
systems are used
System 1 : To create and send the normal billboard data
System 2 : To hide the secret message .
System 3 : To display any data coming from system 2.

/10/07 Presentation
CONCLUSION
 Steganography is more widely used in computing.
 For a system to be considered robust it should have the
following properties:
a) The quality of the media should not noticeably degrade
upon addition of a secret data.
b) Secret data should be undetectable without secret
knowledge, typically the key.
c) If multiple data are present they should not interfere with
each other.
d) The secret data should survive attacks that don’t degrade
the perceived quality of the work.

/10/07 Presentation
References
[1] Mohammad Shirali-Shahreza , “A new method for real
time steganography”, ICSP 2006 Proceedings of IEEE .
[2] Yuk Ying Chung, fang Fei Xu , “Development of video
watermarking for MPEG2 video” City university of Hong
Kong ,IEEE 2006.
[3] C. Lu, J. Chen and K. Fan, "Real-time Frame-Dependent
Video Watermarking in VLC Domain", Signal Processing :
Image Communication 20, 2005.

Honeypot and Steganography

More Related Content

What's hot (20)

Viewers also liked (13)

Similar to Honeypot and Steganography (20)

Recently uploaded (20)

Honeypot and Steganography