Image Steganalysis via Diverse Filters and Squeeze-and-Excitation Convolutional Neural Network

One of the reasons for the implementation of information security threats in organizations is the insider activity of its employees. There is a big challenge to detect stego-insiders-employees who create stego-channels to secretly receive malicious information and transfer confidential information across the organization’s perimeter. Especially presently, with great popularity of wireless sensor networks (WSNs) and Internet of Things (IoT) devices, there is a big variety of information that could be gathered and processed by stego-insiders. Consequently, the problem arises of identifying such intruders and their transmission channels. The paper proposes an approach to solving this problem. The paper provides a review of the related works in terms of insider models and methods of their identification, including techniques for handling insider attacks in WSN, as well methods of embedding and detection of stego-embeddings. This allows singling out the basic features of stego-insiders, which could be determined by their behavior in the network. In the interests of storing these attributes of user behavior, as well as storing such attributes from large-scale WSN, a hybrid NoSQL database is created based on graph and document-oriented approaches. The algorithms for determining each of the features using the NoSQL database are specified. The general scheme of stego-insider detection is also provided. To confirm the efficiency of the approach, an experiment was carried out on a real network. During the experiment, a database of user behavior was collected. Then, user behavior features were retrieved from the database using special SQL queries. The analysis of the results of SQL queries is carried out, and their applicability for determining the attribute is justified. Weak points of the approach and ways to improve them are indicated.

show abstract

“…Electronic steganography -hiding messages in signals of an analog nature, for example, noise-like carriers, etc. [24,25]; 3.…”

Section: Technologies Of Stego-embeddingmentioning

confidence: 99%

An Approach for Stego-Insider Detection Based on a Hybrid NoSQL Database

Kotenko

Krasov

Ushakov

et al. 2021

JSAN

View full text Add to dashboard Cite

show abstract

“…He et al [26] focus on the channel relationship and propose the "Squeeze-and-Excitation" block, which can learn to use global information to emphasize informative features and suppress less useful ones selectively. Liu et al [29] construct a new effective network with diverse filter modules (DFMs) and squeezeand-excitation modules (SEMs), called DFSE-Net, which can better capture the embedding artifacts. e experiments presented that networks can pay more attention to critical channels by SEMs.…”

Section: E Squeeze-and-excitation Blockmentioning

confidence: 99%

SFRNet: Feature Extraction-Fusion Steganalysis Network Based on Squeeze-and-Excitation Block and RepVgg Block

Yang

Sicong

et al. 2021

Security and Communication Networks

View full text Add to dashboard Cite

In the era of big data, convolutional neural network (CNN) has been widely used in the field of image classification and has achieved excellent performance. More and more researchers are beginning to combine deep neural networks with steganalysis to improve performance in recent years. However, most of the steganalysis algorithm based on the convolutional neural network has only run test against the WOW and S-UNIWARD algorithms; meanwhile, their versatility is insufficient due to long training time and the limit of image size. This paper proposes a new network architecture, called SFRNet, to solve these problems. The feature extraction and fusion layer can extract more features from the digital image. The RepVgg block is used to accelerate the inference and increase memory utilization. The SE block improves the detection accuracy rate because it can learn feature weights to make effective feature maps with significant weights and invalid or ineffective feature maps with small weights. Experimental results show that the SFRNet has achieved excellent performance in the detection accuracy rate against four state-of-the-art steganography algorithms in the spatial domain, e.g., HUGO, WOW, S-UNIWARD, and MiPOD, under different payloads. The SFRNet detection accuracy rate achieves 89.6% against S-UNIWARD algorithm with the payload of 0.4bpp and 72.5% at 0.2bpp. As the same time, the training time of our network is greatly reduced by 35% compared with Yedroudj-Net.

show abstract

“…Further, the FANet performed better than the SRNet (70.14 and 79.32 for J-UNIWARD and UED) when the embedding rate is 0.2bpnzac and QF 75. The performance of DFSE-NET [145] reveals that detection error for WOW and S-UNIWARD is 0.247 and 0.341 respectively when the embedding rate is chosen to be 0.2bpp. The DFSE-NET is also performed better than Xu-Net, Ye-Net and Yedroudj-Net with detection errors 0.345, 0.306 and 0.332 respectively.…”

Section: Deep Learning Steganlysis Performancementioning

confidence: 99%

Stegomalware: A Systematic Survey of Malware Hiding and Detection in Images, Machine Learning Models and Research Challenges

Chaganti¹,

Ravi²,

Alazab³

et al. 2021

Preprint

View full text Add to dashboard Cite

<div>Malware distribution to the victim network is commonly performed through file attachments in phishing email or downloading illegitimate files from the internet, when the victim interacts with the source of infection. To detect and prevent the malware distribution in the victim machine, the existing end device security applications may leverage sophisticated techniques such as signature-based or anomaly-based, machine learning techniques. The well-known file formats Portable Executable (PE) for Windows and Executable and Linkable Format (ELF) for Linux based operating system are used for malware analysis and the malware detection capabilities of these files has been well advanced for real time detection. But the malware payload hiding in multimedia like cover images using steganography detection has been a challenge for enterprises, as these are rarely seen and usually act as a stager in sophisticated attacks. In this article, to our knowledge, we are the first to try to address the knowledge gap between the current progress in image steganography and steganalysis academic research focusing on data hiding and the review of the stegomalware (malware payload hiding in images) targeting enterprises with cyberattacks current status. We present the stegomalware history, generation tools, file format specification description. Based on our findings, we perform the detail review of the image steganography techniques including the recent Generative Adversarial Networks (GAN) based models and the image steganalysis methods including the Deep Learning opportunities and challenges in stegomalware generation and detection are presented based on our findings.</div>

show abstract

Image Steganalysis via Diverse Filters and Squeeze-and-Excitation Convolutional Neural Network

Cited by 17 publications

References 32 publications

An Approach for Stego-Insider Detection Based on a Hybrid NoSQL Database

An Approach for Stego-Insider Detection Based on a Hybrid NoSQL Database

SFRNet: Feature Extraction-Fusion Steganalysis Network Based on Squeeze-and-Excitation Block and RepVgg Block

Stegomalware: A Systematic Survey of Malware Hiding and Detection in Images, Machine Learning Models and Research Challenges

Contact Info

Product

Resources

About