diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..cb80cc6 --- /dev/null +++ b/.gitignore @@ -0,0 +1,4 @@ +*~ +*.class +*.jar +/target diff --git a/ChiSquare.class b/ChiSquare.class deleted file mode 100644 index 24f638d..0000000 Binary files a/ChiSquare.class and /dev/null differ diff --git a/Fuse.class b/Fuse.class deleted file mode 100644 index 0ae3f27..0000000 Binary files a/Fuse.class and /dev/null differ diff --git a/ImageFileManager.class b/ImageFileManager.class deleted file mode 100644 index a9aa571..0000000 Binary files a/ImageFileManager.class and /dev/null differ diff --git a/PixelBenchmark.class b/PixelBenchmark.class deleted file mode 100644 index 5ea91da..0000000 Binary files a/PixelBenchmark.class and /dev/null differ diff --git a/PrimarySets.class b/PrimarySets.class deleted file mode 100644 index 4b308f7..0000000 Binary files a/PrimarySets.class and /dev/null differ diff --git a/README.md~ b/README.md~ deleted file mode 100644 index beefd44..0000000 --- a/README.md~ +++ /dev/null @@ -1,72 +0,0 @@ -StegExpose -========== - -Description ------------ -StegExpose is a steganalysis tool specialized in detecting LSB (least significant bit) steganography in lossless images such as PNG and BMP. It has a command line interface and is designed to analyse images in bulk while providing reporting capabilities and customization which is comprehensible for non forensic experts. StegExpose rating algorithm is derived from an intelligent and thoroughly tested combination of pre-existing pixel based staganalysis methods including Sample Pairs by Dumitrescu (2003), RS Analysis by Fridrich (2001), Chi Square Attack by Westfeld (2000) and Primary Sets by Dumitrescu (2002). In addition to detecting the presence of steganography, StegExpose also features the quantitative steganalysis (determining the length of the hidden message). StegExpose is part of my MSc of a project at the School of Computing of the University of Kent, in Canterbury, UK. - -For more information, please download the research paper [here](http://arxiv.org/pdf/1410.6656v1.pdf) - - -Usage ------ -*java -jar StegExpose.jar [directory] [speed] [threshold] [csv file]* - -where - -*[directory]* - directory containing images to be diagnosed - -*[speed]* - Optional. Can be set to 'default' or 'fast' (set to 'default if left blank). default mode will try and run all detectors whereas fast mode will skip the expensive detectors in case cheap detectors are able to determine if a file is clean. - -*[threshold]* - Optional. The default value here is 0.2 (for both speed modes) and determines the the level at which files are considered to be hiding data or not. A floating point value between 0 and 1 can be used here to update the threshold. If keeping false positives at bay is of priority, set the threshold slightly higher ~0.25. If reducing false negatives is more important, set the threshold slightly lower ~0.15 - -*[csv file]* - Optional. Name of the csv (comma separated value) file that is to be generated. that If left blank, the program will simply output to the console. - -Example ------- -Basic usage of Stegexpose, providing a directory of images as the only argument - -*java -jar StegExpose.jar testFolder* - -Produce a steganalytic report in the form of a csv file named 'steganalysisOfTestFolder' - -*java -jar StegExpose.jar testFolder default default steganalysisOfTestFolder* - -Updating the threshold and running the program in fast mode to save time. - -*java - jar StegExpose testFolder fast 0.3* - -Performance ------------ -The accuracy and speed of StegExpose has been tested on an image pool of 15,200 lossless images, where 5,200 of them were stego images (images with hidden data) created with the tools OpenStego, OpenPuff, SilentEye and LSB-Steganography. Embedding rates range from 2.5% to 25.3% with an average of 13.8% (secret data / cover image). - -###Accuracy (ROC curves) -ROC or receiver operating characteristic curves expose the accuracy of a given signal. The curve below is used to demonstrate only the comparison between the the accuracy of StegExpose's fusion techniques (standard and fast) and the individual detectors it is derived from. Please note that the accuracy of each signal is very much dependant on the nature of the stego files they were tested on and can be a lot higher or lower depending on the embedding rate and method. -![alt text](roc.png) -The area under the curves reveals that the standard fusion technique is the most accurate. The fast fusion technique is only slightly outperformed by standard fusion (1.6%) and RS analysis (0.2%). However, fast fusion does offer a clear advantage, as it 3.2 times faster than RS analysis and 3.5 times faster than standard fusion. - -###Speed -A 460x460 pixel image will take **1.20** seconds to process in the default mode and **0.34** seconds in fast mode. However, the fast mode should be even faster in a real world environment, where there are a lot less stego files, allowing StegExpose to skip expensive detectors more frequently. - - -Compilation ------------ -To recompile the source code and create a new executable jar file, the following commands should do the trick. - -*javac -cp commons-math3-3.1.1.jar *.java* - -*jar cfm StegExpose.jar manifest.mf *.class* - -Bugs ----- -Component detectors do not all generate results for all images. This bug is present in the reused source code listed below. This bug impacts the speed of the fast mode as well as the accuracy of both fast and standard modes of StegExpose. - -Acknowledgements --------- -I would like to thank Julio Hernandez-Castro for supervising this project and coming up with the idea. Also, thank you Bastien Faure and Kathryn Hempstalk for publishing your source code. - -Support --------- -BTC address: 1JKsTRYxgVr1cyzxDEiRiCUYmrEDueGcPe - - diff --git a/RSAnalysis.class b/RSAnalysis.class deleted file mode 100644 index 8b30620..0000000 Binary files a/RSAnalysis.class and /dev/null differ diff --git a/RunStegExpose.class b/RunStegExpose.class deleted file mode 100644 index cec8967..0000000 Binary files a/RunStegExpose.class and /dev/null differ diff --git a/SamplePairs.class b/SamplePairs.class deleted file mode 100644 index 20790fd..0000000 Binary files a/SamplePairs.class and /dev/null differ diff --git a/StegExpose.jar b/StegExpose.jar deleted file mode 100644 index 7acd31e..0000000 Binary files a/StegExpose.jar and /dev/null differ diff --git a/commons-math3-3.1.1.jar b/commons-math3-3.1.1.jar deleted file mode 100644 index 43b5215..0000000 Binary files a/commons-math3-3.1.1.jar and /dev/null differ diff --git a/manifest.mf b/manifest.mf deleted file mode 100644 index 2b293c9..0000000 --- a/manifest.mf +++ /dev/null @@ -1,4 +0,0 @@ -Manifest-Version: 1.0 -Main-Class: RunStegExpose -Class-Path: commons-math3-3.1.1.jar - diff --git a/pom.xml b/pom.xml new file mode 100644 index 0000000..5888f71 --- /dev/null +++ b/pom.xml @@ -0,0 +1,76 @@ + + + 4.0.0 + stegexpose + StegExpose + jar + 1.0-SNAPSHOT + StegExpose + + https://github.com/b3dk7/StegExpose + + + UTF-8 + + + + StegExpose + + + org.apache.maven.plugins + maven-compiler-plugin + + 1.7 + 1.7 + + + + + org.apache.maven.plugins + maven-jar-plugin + + + + true + RunStegExpose + + + + + + + maven-assembly-plugin + + + + RunStegExpose + + + + jar-with-dependencies + + + + + make-assembly + package + + single + + + + + + + + + + + org.apache.commons + commons-math3 + 3.1.1 + + + + diff --git a/ChiSquare.java b/src/main/java/ChiSquare.java similarity index 100% rename from ChiSquare.java rename to src/main/java/ChiSquare.java diff --git a/Fuse.java b/src/main/java/Fuse.java similarity index 100% rename from Fuse.java rename to src/main/java/Fuse.java diff --git a/ImageFileManager.java b/src/main/java/ImageFileManager.java similarity index 100% rename from ImageFileManager.java rename to src/main/java/ImageFileManager.java diff --git a/PixelBenchmark.java b/src/main/java/PixelBenchmark.java similarity index 100% rename from PixelBenchmark.java rename to src/main/java/PixelBenchmark.java diff --git a/PrimarySets.java b/src/main/java/PrimarySets.java similarity index 100% rename from PrimarySets.java rename to src/main/java/PrimarySets.java diff --git a/RSAnalysis.java b/src/main/java/RSAnalysis.java similarity index 100% rename from RSAnalysis.java rename to src/main/java/RSAnalysis.java diff --git a/RunStegExpose.java b/src/main/java/RunStegExpose.java similarity index 100% rename from RunStegExpose.java rename to src/main/java/RunStegExpose.java diff --git a/SamplePairs.java b/src/main/java/SamplePairs.java similarity index 100% rename from SamplePairs.java rename to src/main/java/SamplePairs.java