Acknowledgement

A
PROJECT REPORT
ON
Text Steganography

SUBMITTED BY
Karan C. Jasani

T.Y.BSc. (I.T)

UNDER THE GUIDANCE OF

PROF. Anupama Jawale

Roll Number
 A-09

title (with logo)

 Abstract

Steganography is the art of hiding information within other information in such a way that it is
hard or even impossible to identify the existence of any hidden information. There are many
different carriers for steganography. Of which, most popular ones are digital images. Due to
recent developments in steganalysis, providing security to personal contents, messages, or digital
images using steganography has become difficult. By using steganalysis, one can easily reveal
existence of hidden information in carrier files. This project introduces a novel steganography
approach for covert communications between two private parties. The approach introduced in
this project makes use of both steganography as well as cryptographic techniques. The process
involves converting a secret image into a text document, then encrypting the generated text into
a cipher text using a key (password) based encryption algorithm, and finally embedding the
cipher text on to a cover image. This embedding process is carried out using a threshold based
scheme that inserts secret message bits into the cover image only in selected pixels. The security
to maintain secrecy of message is achieved by making it infeasible for a third person to detect
and retrieve the hidden message.
index
 Introduction

Brief Overview:
Steganography is the art and science of writing messages in such way that the existence of the
communication is hidden. It has been used in various forms for thousands of years. In the
computer era data hiding techniques gain importance and serve security, primarily the
authenticity and integrity of a message in the context of computer-supported communication.
Steganography is often confused with cryptography because the two are similar in the way that
they both are used to protect confidential information. In contrast to cryptography where it is
allowed to detect and intercept messages without being able to violate certain security premises
guaranteed by a cryptosystem the goal of steganography is to hide messages inside other
“harmless” media in a way that prevents anybody even detecting it. A good steganographic
system should fulfill the same requirements posed by “Kirchhoff‟s‟ law” in cryptography.
Kirchhoff‟s law states that a cryptosystem should be secure even if everything about the system,
except the key, is public knowledge. Unfortunately it can also be used for communication among
terrorists and criminals as well as hard core pornography.

History/Past:
Johannes Trithemius (1462-1516) has published a series of books named “Steganography: the art
through which writing is hidden requiring recovery by the minds of men”. The book I and Book II
describe the methods to hide messages in writing. Book III is about secret astrology. Two
researchers have discovered that Book III contains some hidden messages. One of those
messages was “the quick brown fox jumps over the lazy dog”.
Mary Queen of Scots used a combination of cryptography and steganography to hide letters. Her
letters were hidden in the bunghole of a beer barrel, which freely passed in and out of her prison.

2. Other uses of steganography weren‟t limited to normal writing materials. One may consider
the huge geoglyphs of the 1Nazca in Peru to be a form of steganography. As seen at Figure 1 and
Figure 2 the geoglyphs are obviously open to view, yet many of the images were not detected
until viewed from the air.
Human vectors include the efforts of Histaiacus in the 5th century BC. Histaiacus shaved the head
of a messenger, wrote a note encouraging Aristagoras of Miletus to revolt against the king of
Persia. After the messenger’s hair grew back, the messenger was dispatched with the message.
Obviously, this message wasn’t especially time constrained.

Objectives and Scope: In the context of steganography it is necessary to take a closer look at the
choosing of an appropriate carrier. While in ancient Greece slaves were used to play this role, in
present times, various types of data files have the potential for this function. Therefore file
formats can be assigned to the following domains: text, image, audio, video, and program files.
Encrypting a stega-media is in most cases is an option but it helps to improve the authenticity
and security of the steganographical scheme. (4) In fact, 71 % of the analyzed steganographic
tools feature the use of a cryptographic key for the encryption of the message before the
embedding process. Encryption can increase the security level of the hiding procedure, e.g. by
preventing the comprehension of the message content if the embedding is discovered and/or by
creating a uniformly distributed secret message out of any original secret message.
Analysis shows that one of the more commonly used algorithms is Blowfish. In fact a number of
15 investigated tools use this encryption scheme. The DES algorithm is the second most
frequently used cryptographic function. Finally, self-constructed algorithms without published
source code infringe Kerckhoffs‟ law. They are provided by small developer groups only who
generally cannot ensure their security whereas open source algorithms (e.g. Blowfish, DES, etc.)
are (usually) more secure than self-constructed ones because open source is reviewed by much
more people. In addition, the standardized encryption schemes such as AES experienced no
severe attack.

Objective of the Study:

In my project I primarily concentrated on the data security issues when sending the data over the
network using steganographic techniques.
• The main objectives of the project are Requirement of this steganography system is that the
hider message carried by stego-media should not be sensible to human beings. The other goal of
steganography is to avoid drawing suspicion to the existence of a hidden message.
• This approach of information hiding technique has recently become important in a number of
application areas. Here primarily concentrated on the data security issues when sending the data
over the network using steganographic techniques.
This approach Of information hiding technique has recently become important in a number Of
application areas.
Scope:
• The scope Of the project is to limit unauthorized access and provide better
security during message transmission. TO meet the requirements, I use the
simple and basic approach Of steganography.
• In this project, the proposed approach finds the suitable algorithm for
embedding the data in an image using steganography which provides the better security pattern
for sending messages through a network.
• Android Studio is used to develop the application.
 System Analysis
Problem Statement:
• How can we send a message secretly to the destination?
• Using steganography, information can be hidden in carriers such as images, audio files, text
files, videos and data transmissions.
• In this study, I proposed a new framework of an image steganography system to hide a digital
text of a secret message.

EXISTING SYSTEM:
In the existing system reversible data hiding technique the image is compressed and encrypted
by using the encryption key and the data to hide is embedded in to the image by using the same
encryption key.
The user who knows the secret encryption key used can access the image and decrypt it after
extracting or removing the data hidden in the image.
Digital Steganography is the art of inconspicuously hiding data within data. Steganography is a
process that involves hiding a message in an appropriate carrier for example, an image or an
audio file. The carrier can then be sent to a receiver without anyone else knowing that it contains
a hidden message.
There are many techniques available to the digital stenographer. The most common technique is
to exploit the lenient constraints of popular file formats. Many publicly available software
packages use this technique on a variety of media.
Images are a good medium for hiding data. The more detailed an image, the fewer constraints
there are on how much data it can hide before it becomes suspect.

DISADVANTAGES OF EXISTING SYSTEM:

Time constraint.
High communication costs.
Low bandwidth and latency issues.
There is no security for the data.
If more than two people having same steganography software then hidden massage can acquire.
This software has been implemented by Android, which is open source, therefore code is
readable so anyone with bad mentality can make software perform inverse operation. Only
unintended user may know the actual working of software.

Intruder may penetrate suspecting images to get hidden data.

Advantage / Features of Project:

In Steganography the user can send the image to multiple recipients without them even realizing
that the image contains hidden data.
In steganography transmitted data will not see because embedded in a cover. If man in the
middle suspect that there something inside the cover, the idea of steganography gone.
Stenography hides the reality of existing exchange information between the receiver and sender.
So, not reveal the about the identity of sender and receiver.
It is Robust, Imperceptible, Reliable and Secured
It is used to ensure that a third party has not tampered with a sent message. This is accomplished
by creating a hash of the message using a fixed character length for every item in the message,
when the original items are in fact of variable character length. The hash is encrypted and sent
with the message. When the recipient receives the message it is decoded. If the hash from the
decoded message does not match the hash from the encrypted message, both the sender and
recipient of the message know that it has been tampered.
Can be applied in digital image, audio and video file.
Can be done very fast.
The main advantages of this system is Security that it provides security to your messages without
knowing to third party.
Number of bits have been replaced according to user or sender, therefore third party cannot
guess password.
Normal network user can’t guess image.
In steganography anyone can’t jump on suspect by looking images.
Easy to use.
Easy Maintenance.
System have been secured by password authentication.
 Requirement Analysis
Functional Requirements:
A functional requirement defines a function of a system or its component. A function is
described as a set of inputs, the behavior, and outputs.
Functional requirement of this project include:
 The system shall enable the valid user and customer to register to the system.
 The system shall display progress bar ( or animations).
 The system shall match between real and system world.
 The system shall give user control and freedom.
 The system shall provide consistency and standards while performing the
operation.
 The system shall be flexible and efficient to use.
 The system shall help users to recognize, diagnose, and recall from errors.
 The system shall provide aesthetic and minimalist design.

Non-Functional Requirements:
A non-functional requirement is a requirement that specifies criteria that can be used to
judge the operation of a system, rather than specific behaviors.

Non-Functional requirements are:

 Operational Requirements
 The system should operate in Window platform environment
 The system should prompt user to make a backup at the end of the operational day.

 Performance Requirements
 The system should let the user complete the task in short period of time.
 Security Requirements
 The system should validate the username and password in order to login and make
changes to the system.
  The system should request the current password of the user in order to let them
change to a new password.
 Usability Requirement
 The system should have an easy understand graphic user interface that deal with
the user.
 The system should let user easy to understand the functionality of each modules.

Software Quality Attributes:

The Quality of the software is maintained in such a way that only sender and
receiver can communicate through image. There is no probability of knowing secret
image.

User Requirements:
 The User should have the basic knowledge of text steganography.
 The User should know how to accomplished text steganography.
 The User should be able to mail to other users via insecure mail servers.
 The User should know how to hide code/ data/ information over unencrypted
network.
 The User should know how to encode/decode the data.

Hardware Requirements:
 Pentium 2 or Celeron processor or higher
 64/128 MB RAM or higher
 Minimum 256 MB hard disk.
 Modern & Internet Connection
 Input devices i.e. keyboard, mouse, etc.

Software Requirements:
Software plays an important role in any project development. One should understand which
software to use to develop the project.
 Android studio.
 Microsoft’s Windows 7/8/10.
 Feasibility Study
As the name implies, a feasibility analysis is used to determine the viability of an idea, such as
ensuring a project is legally and technically feasible as well as economically justifiable. It tells us
whether a project is worth the investment—in some cases, a project may not be doable. There
can be many reasons for this, including requiring too many resources, which not only prevents
those resources from performing other tasks but also may cost more than an organization
would earn back by taking on a project that isn’t profitable.

A well-designed study should offer a historical background of the business or project, such as a
description of the product or service, accounting statements, details of operations and
management, marketing research and policies, financial data, legal requirements, and tax
obligations. Generally, such studies precede technical development and project
implementation.

The main purpose of feasibility analysis is to check the economic viability of the proposed
system. The result of the feasibility study will indicate whether to proceed with the proposed
system or not. If the results of the feasibility study are positive, then we can proceed to develop
a system otherwise project should not be pursued. Preliminary investigation examine project
feasibility, the likelihood the system will be useful to the organization. The main objective of
the feasibility study is to test the Technical, Operational and Economical feasibility for adding
new modules and debugging old running system. All system is feasible if they are unlimited
resources and infinite time. There are aspects in the feasibility study portion of the preliminary
investigation:
1. Operational Feasibility
2. Economic Feasibility
3. Technical Feasibility

Operational Feasibility:
This assessment involves undertaking a study to analyze and determine whether—and how
well—the organization’s needs can be met by completing the project. Operational feasibility
studies also examine how a project plan satisfies the requirements identified in the
requirements analysis phase of system development. Operational feasibility study tests the
operational scope of the system to be developed. The proposed system must have high
operational feasibility.

 No need of any registration or login can be used directly.

 The usability will be high.
 Response time of the application is fast.
 The application is developed with clear and easy to understand navigation that enables
users to find information quickly.
 The app itself does major task of the user, the only work for the user is to select the image
from the gallery and type the message he/she wants to encrypt.
 Thus, the proposed system is operationally feasible.

Economic Feasibility:
This assessment typically involves a cost/ benefits analysis of the project, helping organizations
determine the viability, cost, and benefits associated with a project before financial resources
are allocated. It also serves as an independent project assessment and enhances project
credibility—helping decision-makers determine the positive economic benefits to the
organization that the proposed project will provide. The purpose of the economic feasibility
assessment is to determine the positive economic benefits that the proposed system will provide.

Proposed system requires development tools and software such as visual studio 2010 which are
free of cost and available on Internet. For developing proposed system, we need various
resources such as computer systems, internet connection, recommended disk space, and memory
speed as mention in requirement. By looking at all these expenses and comparing with proposed
system, we have many benefits from proposed system such are:

 This application will help users to share any message secretly with the help of encryption.
 This system will save the time of the people.

So keeping all above mentioned benefits and comparing with various expenditures of
resources, we conclude that proposed system is economically feasible.

Technical Feasibility:
This assessment focuses on the technical resources available to the organization. It helps
organizations determine whether the technical resources meet capacity and whether the
technical team is capable of converting the ideas into working systems. Technical feasibility also
involves evaluation of the hardware, software, and other technical requirements of the
proposed system. As an exaggerated example, an organization wouldn’t want to try to put Star
Trek’s transporters in their building—currently, this project is not technically feasible.
The technical feasibility assessment is focused on gaining an understanding of the present
technical resources and their applicability to the expected needs of the proposed system. It is
an evaluation of the hardware and software and how it meets the need of the proposed
system.
This system will be developed using Android technology. As we require some time to learn
these technologies, all these are easy to learn and can develop system very rapidly. After
developing and deploying the system, any user can view this application on the Internet.
It is an Android based user interface thus it provides an easy access to the users.
Permission to the users would be granted based on the roles specified. Therefore, it provides
the technical guarantee of accuracy, reliability and security.
Thus, the proposed system is technically feasible.
3 Process/System model
 System Design
UseCase Diagram:

A use case diagram contains four components:

o The boundary, which defines the system of interest in relation to the world around it.
o The actors, usually individuals involved with the system defined according to their roles.
o The use cases, which the specific roles are played by the actors within and around the system.
o The relationships between and among the actors and the use cases.

The actors can be human user, some internal applications or may be some external applications. So in a
brief when we are planning to draw a use case diagram we should have the following items identified.

i. Functionalities to be represented as a use case.

ii. Actors.
iii. Relationships among the use cases and actors.

Use case diagrams are drawn to capture the functional requirements of a system. So after identifying the
above items we have to follow the following guidelines to draw an efficient use case diagram.

i. The name of the use case is very important. So the name should be chosen in such a way so that
it can identify the functionalities performed.
ii. Give a suitable name for actors.
iii. Show relationship and dependencies clearly in the diagram.
iv. Do not try to include all types of relationships. Because the main purpose of the diagram is to
identify requirements.
v. Use note whenever required to clarify some important points.
Class Diagram:
Class diagrams are the most popular UML diagrams used for construction of software application. So it is
very important to learn the drawing procedure of class diagram.

The purpose of the class diagram is to model the static view of an application. The class diagrams are the
only diagrams which can be directly mapped with object oriented languages and thus widely used at the
time of construction.

Class diagrams have lot of properties to consider while drawing but here the diagram will be considered
from a top level view.

Class diagram is basically a graphical representation of the static view of the system and represents
different aspects of the application. So a collection of class diagrams represent the whole system.

The following point should be remembered while drawing a class diagram:

i. The name of the class diagram should be meaningful to describe the aspect of the system.
ii. Each element and their relationships should be identified.
iii. Attributes and methods of each class should be clearly identified.
iv. For each class minimum number of properties should be specified. Because unnecessary
properties will make the diagram complicated.
Activity Diagram:

Activity diagram is another important diagram in UML to describe dynamic aspects of the system.

Activity diagram is basically a flow chart to represent the flow form one activity to another activity. The
activity can be described as an operation of the system.

So the control flow is drawn from one operation to another. This flow can be sequential, branched or
concurrent.

Before drawing an activity diagram we must have a clear understanding about the elements used in
activity diagram. The main element of an activity diagram is the activity itself. An activity is a function
performed by the system. After identifying the activities we need to understand how they are associated
with constraints and conditions.

So before drawing an activity diagram we should identify the following elements:

o Activities
o Association
o Conditions
o Constraints
Sequence Diagram:

A Sequence diagram is an interaction diagram that shows how processes operate with one
another and in what order. It is a construct of a Message Sequence Chart. A sequence diagram
shows object interactions arranged in time sequence. It depicts the objects and classes involved
in the scenario and the sequence of messages exchanged between the objects needed to carry
out the functionality of the scenario. Sequence diagrams are typically associated with use case
realizations in the Logical View of the system under development. Sequence diagrams are
sometimes called event diagrams or event scenarios.

A sequence diagram shows, as parallel vertical lines (lifelines), different processes or objects that
live simultaneously, and, as horizontal arrows, the messages exchanged between them, in the
order in which they occur. This allows the specification of simple runtime scenarios in a graphical
manner.
 Iterative Model

In this Model, you can start with some of the software specifications and develop the first version of the
software. After the first version if there is a need to change the software, then a new version of the
software is created with a new iteration. Every release of the Iterative Model finishes in an exact and
fixed period that is called iteration.

Planning & Requirements: As with most any development project, the first step is go through an initial
planning stage to map out the specification documents, establish software or hardware requirements,
and generally prepare for the upcoming stages of the cycle.

Analysis & Design: Once planning is complete, an analysis is performed to nail down the appropriate
business logic, database models, and the like that will be required at this stage in the project. The design
stage also occurs here, establishing any technical requirements (languages, data layers, services, etc)
that will be utilized in order to meet the needs of the analysis stage.

Implementation: With the planning and analysis out of the way, the actual implementation and coding
process can now begin. All planning, specification, and design docs up to this point are coded and
implemented into this initial iteration of the project.

Testing: Once this current build iteration has been coded and implemented, the next step is to go
through a series of testing procedures to identify and locate any potential bugs or issues that have have
cropped up.

Evaluation: Once all prior stages have been completed, it is time for a thorough evaluation of
development up to this stage. This allows the entire team, as well as clients or other outside parties, to
examine where the project is at, where it needs to be, what can or should change, and so on.
Advantage of Iterative Model:

Testing and debugging during smaller iteration is easy.

A Parallel development can plan.

It is easily acceptable to ever-changing needs of the project.

Risks are identified and resolved during iteration.

Limited time spent on documentation and extra time on designing.

Disadvantage of Iterative Model:

It is not suitable for smaller projects.

More Resources may be required.

Design can be changed again and again because of imperfect requirements.

Requirement changes can cause over budget.

Project completion date not confirmed because of changing requirements.

Layout Screenshots
 Cost Estimation Model

 Direct costs are broadly classified as those directly associated with a single area (such
as a department or a project). In project management, direct costs are expenses billed
exclusively to a specific project. They can include project team wages, the costs of
resources to produce physical products, fuel for equipment, and money spent to address
any project-specific risks.
 Indirect costs, on the other hand, cannot be associated with a specific cost center and
are instead incurred by a number of projects simultaneously, sometimes in varying
amounts. In project management, quality control, security costs, and utilities are usually
classified as indirect costs since they are shared across a number of projects and are
not directly billable to any one project.
 Labor: The cost of human effort expended towards project objectives.
 Materials: The cost of resources needed to create products.
 Equipment: The cost of buying and maintaining equipment used in project work.
 Services: The cost of external work that a company seeks for any given project
(vendors, contractors, etc.).
 Software: Non-physical computer resources.
 Hardware: Physical computer resources.
 Facilities: The cost of renting or using specialized equipment, services, or locations.
 Contingency costs: Costs added to the project budget to address specific risks.
 Test Case

Case 1 : App opens successfully Case 2 : App asks user to encode or decode

Case3 : Clicking on Encode takes to another activity Case 4 : Clicking on Encode takes to another
activity

Case 5 : Opens gallery for selection of an image Case 6 : Adds image in the app

Case 7 : Takes input Case 8 : Encodes the image with message

Case 9 : Verifies for secret key Case 10 : Decodes the message
a
Maintainance

Future scope: 1) adding a registration and login

2) For more security adding a field where along with message and secret key, it will ask for

Identity of the another user. Say eg user with id: Secretagent. No account other than
Secretagent will be able to decode the message even if the secret key is correct.

references