Summary: | Facebook Messenger, ChatSecure, Line, QQ and WhatsApp represent examples of Mobile Messaging Applications (MMAs) that collectively facilitate instant and global communications, in which billions of audio, image, text and video messages are exchanged on a daily basis. Some of these messages are digital assets (messages that have a significant functional, sentimental or monetary value) that may be exposed to confidentiality or exploitation threats, wehn published in MMAs that are subject to such security concerns. Additionally, some MMAs impose message format constraints that prevent users from publishing sudio, image and video digital assets in an encrypted form, thus hampering their attempts to mitigate such concerns. In this thesis, two research contributions are presented, that are designed to establish confidentiality over digital assets that are messaged via MMAs. The first contribution, Dual Carrier Steganographic Messaging (DCSM) protocols, pairs two independent and non-colluding MMAs as communication channels, in which a digital asset is steganographically messaged over one MMA and its stego-key (size, format, access information) over the other. The second contribution, extends a probabilistic Hash-based Least Significant Bit (HLSB) steganography technique through the introduction of hash function arrays, and can be applied to JPG images in the spatial domain. This technique features as an integral component in DCSN schemes. Both research contributions are implemented and evaluated via a prototype application, Conceal[sub]2. JPG HLSB embedding is evaluated in a number of configurations that are applied to cover-images with diverse pixel luminance profiles. Subsequent performance results are measured in terms of embedding overheeads, carrier-image distortion ranges, thresholds and embedding scope. Results conclude that JPG HLSB embedding is most efficient when utilising images with wide variations in pixel luminance, and that a configuration utilising an array of 16 hash functions, delivers the best performance of the array sizes tested. Empirical evaluations of 54 Android MMAs conclude that their use as communication channels in DCSM schemes, is feasible where MMAs maintain image integrity and that the successful act of steganographic messaging over viable MMAs without subsequent corruption of carrier-images, indicates that carrier-images are detected but only observed, or that they are not monitored, or that MMA systems are ineffective at detecting the carrier-images utilised in this research.
|