Hiding Data in Plain Sight

Wednesday, May 11, 2011 @ 12:05 PM gHale


Security through obscurity could be a workable way to hide data.

That is where steganography comes into play. That is where a user can hide information within an unusual medium. A traditional paper watermark is a well-known example of steganography. At first glance, there would appear to be nothing unusual about the work, but a recipient aware of the presence of the hidden message would be able to extract it easily.

Those intent on hiding information from prying eyes can embed data in different file types like music files (mp3), images (jpeg), video (mpeg4) or word-processing documents. The problem is there is a limit to how much hidden data a user can embed in those files without it becoming apparent they are hiding something because the file size increases beyond what one might expect to see for a common music or video file. A five minute music file in mp3 format and the widespread sampling rate of 128 kilobits per second, for instance, usually uses 5 megabytes. Much bigger and suspicions would arise as to the true nature of the file.

However, one group of files that vary enormously in size and are usually rather difficult to examine in detail because they comprise of compiled computer code are executable, or exe, files.

These files tend to contain “junk data” of their own as well as internal programmer notes and identifiers, redundant sections of code and infuriatingly in some senses coding “bloat.” All of this adds up to large and essentially random file sizes for exe files. As such, it might be possible to embed and hide large amounts of data in encoded form in an exe file without disrupting the file’s ability to run as a program but crucially without anyone discovering the exe file has a dual function.

Computer scientists Rajesh Kumar Tiwari of the GLNA Institute of Technology, in Mathura and G. Sahoo of the Birla Institute of Technology, in Mesra, Ranchi, India, developed an algorithm for embedding hidden data in an executable file.

The algorithm builds into a program with a graphical user interface that would take a conventional exe file and the data to hide as input and then merge the two producing a viable exe file with a hidden payload.

The technology could work in smart phones, tablet PCs, portable media players and any other information device on which a user might wish to hide data.



Leave a Reply

You must be logged in to post a comment.