Outguess Steganography

 



  1. OutGuess is one of many steganography applications. Developed in Germany in 1999, OutGuess is available under a BSD software license and is completely free for all users. While there are official executables for Windows operating systems, OutGuess rebirth doesn’t work with 3301’s JPEGs.
  2. Choice of Tools. In this tutorial, I will use the OpenStego tool to perform the steganography. Thankfully, there are quite a lot of options that Linux users can choose from in this particular field with some of them being the command line Steghide and OutGuess, or the GUI Steganography Studio and Steg.

From the README: OutGuess is a universal steganographic tool that allows the insertion of hidden information into the redundant bits of data sources. The nature of the data source is irrelevant to the core of OutGuess.

Outguess is a steganography tools that allows a user to embedd hidden data inside of a JPEG-image file (and some other image formats). It stores the data by modifying redundant information, so that it doesn't cause visual changes to the image. Outguess became widely known since Cicada 3301 posted their first image on 4chan in 2012. The image contained a hidden message that lead the reader to their recruitment tests.

Linux installation

Outguess

Outguess is available as a package for the most popular Linux distributions. For example in Debian or Ubuntu you install it with this command:

If your Linux distribution doesn't have a Outguess package, you can download the source code and follow the instructions in the README file provided.

Windows installation

While there are executables available for Windows, they are not fully compatible with the Linux version. Instead you can install Cygwin (an environment that runs under Windows but is similar to Linux) and use the outguess package provided there.

  • Make sure you use the 32-bit version. Outguess doesn't work in the 64-bit version.
  • During the installation, on the page 'Select Packages', make sure to include Outguess. Type outguess in the search field to find it.
OutGuess
Original author(s)Niels Provos
Initial release1999; 22 years ago
Stable release
Repository
Written inC
Operating systemWindows, Unix-like
Typesteganography
LicenseBSD (Free Software)

Outguess Steganography Tools

OutGuess is a steganographic software for hiding data in the most redundant content data bits of existing (media) files. It has handlers for image files in the common Netpbm and JPEG formats, so it can, for example, specifically alter the frequency coefficients of JPEG files. It is written in C and published as Free Software under the terms of the old BSD license. It has been tested on a variety of Unix-like operating systems and is included in the standard software repositories of the popular Linux distributions Debian and Arch Linux (via user repository) and their derivatives.

Method of operation[edit]

An algorithm estimates the capacity for hidden data without the distortions of the decoy data becoming apparent. OutGuess determines bits in the decoy data that it considers most expendable and then distributes secret bits based on a shared secret in a pseudorandom pattern across these redundant bits, flipping some of them according to the secret data.For JPEG images, OutGuess recompresses the image to a user-selected quality level and then embeds secret bits into the least significant bits (LSB) of the quantized coefficients while skipping zeros and ones.[2] Subsequently, corrections are made to the coefficients to make the global histogram of discrete cosine transform (DCT) coefficients match that of the decoy image, counteracting detection by the chi-square attack that is based on the analysis of first-order statistics.[citation needed] This technique is criticized because it actually facilitates detection by further disturbing other statistics.[3]Also, data embedded in JPEG frequency coefficients has poor robustness and does not withstand JPEG reencoding.[4][citation needed]

History[edit]

OutGuess was originally developed in Germany in 1999 by Niels Provos.In 1999, Andreas Westfeld published the statistical chi-square attack, which can detect common methods for steganographically hiding messages in LSBs of quantized JPEG coefficients.[5]In response, Provos implemented a method that exactly preserves the DCT histogram on which this attack is based.[6] He released it in February 2001 in OutGuess version 0.2, which is not backward compatible to older versions. It was broken by an attack published in 2002 that uses statistics based on discontinuities across the JPEG block boundaries (blockiness) of the decoded image and can estimate the lengths of messages embedded by OutGuess.[7]It gained popularity after being used in the first puzzle published by Cicada 3301 in 2012.OutGuess was abandoned and the official website was shut down in September 2015.[8]A fork called OutGuess Rebirth (OGR) was released in 2013 by Laurent Perch, with some bug fixes and a graphical user interface for Windows. After its last version 1.3 from September 28, 2015 it was also abandoned and in 2018 its website went offline.In November 2018, Debian developer Joao Eriberto Mota Filho imported the source code into a new repository on GitHub to continue development, and since then released some new minor versions that include bug fixes from several people.

References[edit]

Outguess Steganography Linux

  1. ^'Release 0.2.2'. 21 January 2019. Retrieved 23 August 2019.
  2. ^Feamster, Nick; Balazinska, Magdalena; Harfst, Greg; Balakrishnan, Hari; Karger, David (2002-08-08). Infranet: Circumventing Web Censorship and Surveillance. USENIX Security Symposium. 11. San Francisco, CA, USA: USENIX Association. pp. 247–262.
  3. ^Fridrich, Jessica; Pevný, Tomáš; Kodovský, Jan (2007). Statistically undetectable JPEG steganography(PDF). New York, New York, USA: ACM Press. doi:10.1145/1288869.1288872. ISBN978-1-59593-857-2.
  4. ^Hiney, Jason; Dakve, Tejas; Szczypiorski, Krzysztof; Gaj, Kris (2015-08-25). Using Facebook for Image Steganography(PDF). International Conference on Availability, Reliability and Security. 10. Toulouse, France: IEEE. doi:10.1109/ARES.2015.20.
  5. ^Westfeld, Andreas; Pfitzmann, Andreas (2000). 'Attacks on Steganographic Systems'. Information Hiding(PDF). Berlin, Heidelberg: Springer Berlin Heidelberg. pp. 61–76. doi:10.1007/10719724_5. ISBN978-3-540-67182-4. ISSN0302-9743.
  6. ^Provos, Niels (2001-08-17). Defending against statistical steganalysis. USENIX Security Symposium. 10. Washington, D.C., USA: USENIX Association. pp. 323–336.
  7. ^Fridrich, Jessica; Goljan, Miroslav; Hogea, Dorin (2002-12-06). Attacking the OutGuess(PDF). ACM Workshop on Multimedia and Security. France.
  8. ^'Archived copy'. Archived from the original on 2015-08-31. Retrieved 2015-08-31.CS1 maint: archived copy as title (link)

External links[edit]

Outguess Steganography

Retrieved from 'https://en.wikipedia.org/w/index.php?title=OutGuess&oldid=991677838'