Audio steganography

April 2010 Information Security

In the past decade, steganography, or the art of concealing information within seemingly innocuous digital platforms and carriers, has emerged into a hot area of research. This is due to its increasing use by hackers and miscreants for covertly hiding information.

Although steganography has gained notoriety as an approach that is useful only for illegitimate applications, it could be extremely useful in application areas such as intellectual property (IP) protection and copyright marking. Steganography allows media content publishers to hide a copyright mark in the content they produce. If copies of the produced content are made and distributed illegally, the copyright mark would remain on the copies as it is hidden from the user. Publishers could then use the copyright mark to identify owners of an illegal copy.

To hide information in audio files, substitution techniques are typically used by modifying a bit or few bits of information in an audio sample. However, copyright marks hidden in audio samples using substitution could be easily manipulated or destroyed if a miscreant comes to know that information is hidden this way.

In an attempt to bolster the robustness of content hidden in audio samples using substitution techniques, researchers from the College of Science and Technology at the University of Technology in Malaysia have come out with a novel algorithm that hides bits of information in multiple, vague least significant bit (LSB) layers of an audio file. In a nutshell, the algorithm is capable of ensuring that the hidden content would not be leaked when the audio content is subjected to intentional attacks or manipulations.

Content hidden in audio files typically gets distorted or leaked when it is subjected to two types of scenarios – when an intentional attack is launched to reveal hidden information in the files and when the audio file is subjected to noise additions or signal processing manipulation. To ensure robustness against the first scenario, the researchers have designed the algorithm in such a way that it embeds information in bits other than LSBs, since LSBs are most susceptible to intentional attacks aimed at extracting hidden information. Essentially, the researchers have ensured that it would be extremely difficult for attackers to discover which bits are the carriers of the hidden information, as opposed to conventional algorithms that hide information only in LSBs. To further increase the ambiguity, the algorithm is designed to modify indistinct audio samples as opposed to adopting a predefined procedure.

To protect audio files against the second scenario mentioned above, the researchers have ensured that the algorithm embeds bits of hidden information in deeper layers of the audio file and alters other bits to decrease the error. Typically, if a random selection of audio samples is chosen for carrying hidden information, low-power additive white Gaussian noise (AWGN) would be introduced in the sample. AWGN is easily detectable by the human auditory system and hence, the scope of modifying bits for hiding information would be limited. To overcome this problem, the researchers have designed the algorithm to embed message bits in deeper layers, albeit in an intelligent manner in order to decrease the intensity of errors.

For more information contact Frost & Sullivan, +27 (0)18 464 2402, [email protected], www.frost.com





Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Highest increase in global cyberattacks in two years
Information Security News & Events
Check Point Global Research released new data on Q2 2024 cyber-attack trends, noting a 30% global increase in Q2 2024, with Africa experiencing the highest average weekly per organisation.

Read more...
Empower individuals to control their biometric data
Information Security Access Control & Identity Management Security Services & Risk Management
What if your biometrics, now embedded in devices, workplaces, and airports, promising seamless access and enhanced security, was your greatest vulnerability in a cyberattack? Cybercriminals are focusing on knowing where biometric data is stored.

Read more...
Strategies for combating insider threats
Information Security Security Services & Risk Management
In Africa, insider threats pose an increasingly significant risk to businesses, driven by economic uncertainty, labour disputes, and rapid digital transformation. These threats can arise from various sources, including disgruntled employees and compromised third-party service providers

Read more...
Five tech trends shaping business in 2025
Information Security Infrastructure
From runaway IT costs to the urgent need for comprehensive AI strategies that drive sustainable business impact, executives must be prepared to navigate a complex and evolving technology environment to extract maximum value from their investments.

Read more...
Kaspersky’s predictions for 2025 APT landscape
Information Security
The 2025 advanced persistent threat (APT) includes the rise of hacktivist alliances, increased use of AI-powered tools by state-affiliated actors – often with embedded backdoor – more supply chain attacks on open-source projects.

Read more...
SecurityHQ certified B-BBEE Level 1: Delivering global services from a local entity
SecurityHQ Information Security
SecurityHQ, a global managed security services provider (MSSP) with an office in South Africa, has announced it can now offer local companies a complete managed cybersecurity service from a Level-1 B-BBEE accredited and 51% black-owned service provider.

Read more...
2024, the year of Fraud-as-a-Service
Information Security
A report from AU10TIX outlines how ‘the industry’s dark engine’ offers user-friendly fraud kits that enable amateurs to execute complex attacks against thousands of accounts in minutes.

Read more...
The future of endpoint security
Information Security
Endpoint security is a critical pillar of cybersecurity, especially for South African businesses, which are becoming prime targets for cybercriminals. Endpoint security involves safeguarding devices connected to a network from a range of cyberthreats.

Read more...
Not enough businesses take cybercrime seriously
Information Security
Interpol recently revealed that cybercrime, specifically ransomware incidents, cost the South African economy up to 1% of the country’s GDP, while the Council for Scientific and Industrial Research estimated the loss at R2,2 billion a year.

Read more...
Navigating today’s cloud security challenges
Information Security Infrastructure
While the cloud certainly enables enterprises to quickly adapt to today’s evolving demands, it also introduces unique challenges that security teams must recognise and manage. Vincent Hwang offers insights from the 2025 State of Cloud Security Report.

Read more...