Steganalysis of Hydan

Blasco, J., Hernandez-Castro, J. C., Tapiador, J. M. E., Ribagorda, A. & Orellana-Quiros, M. A. (2009). Steganalysis of Hydan. IFIP Advances in Information and Communication Technology, 297, pp. 132-142. doi: 10.1007/978-3-642-01244-0_12

[img]
Preview
Text - Accepted Version
Download (349kB) | Preview

Abstract

Hydan is a steganographic tool which can be used to hide any kind of information inside executable files. In this work, we present an efficient distinguisher for it: We have developed a system that is able to detect executable files with embedded information through Hydan. Our system uses statistical analysis of instruction set distribution to distinguish between files with no hidden information and files that have been modified with Hydan. We have tested our algorithm against a mix of clean and stego-executable files. The proposed distinguisher is able to tell apart these files with a 0 ratio of false positives and negatives, thus detecting all files with hidden information through Hydan.

Item Type: Article
Additional Information: The final publication is available at Springer via http://dx.doi.org/10.1007/978-3-642-01244-0_12
Subjects: Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Divisions: School of Engineering & Mathematical Sciences > Engineering
URI: http://openaccess.city.ac.uk/id/eprint/13755

Actions (login required)

View Item View Item

Downloads

Downloads per month over past year

View more statistics