Dismantling OpenPuff PDF steganography

Sloan, Tom, Hernandez-Castro, Julio (2018) Dismantling OpenPuff PDF steganography. Digital Investigation, 25 . pp. 90-96. ISSN 1742-2876. (doi:10.1016/j.diin.2018.03.003) (KAR id:67242)

PDF Publisher pdf Language: English This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
Download this file (PDF/935kB)
Request a format suitable for use with assistive technology e.g. a screenreader
Official URL: https://doi.org/10.1016/j.diin.2018.03.003

Abstract

We present a steganalytic attack against the PDF component of the popular OpenPuff tool. We show that our findings allow us to accurately detect the presence of OpenPuff steganography over the PDF format by using a simple script. OpenPuff is a prominent multi-format and semi-open-source stego-system with a large user base. Because of its popularity, we think our results could potentially have relevant security and privacy implications. The relative simplicity of our attack, paired with its high accuracy and the existence of previous steganalytic findings against this software, warrants major concerns over the real security offered by this steganography tool.

Item Type:	Article
DOI/Identification number:	10.1016/j.diin.2018.03.003
Divisions:	Divisions > Division of Computing, Engineering and Mathematical Sciences > School of Computing
Depositing User:	Julio Hernandez Castro
Date Deposited:	08 Jun 2018 15:39 UTC
Last Modified:	08 Dec 2022 22:25 UTC
Resource URI:	https://kar.kent.ac.uk/id/eprint/67242 (The current URI for this page, for reference purposes)

University of Kent Author Information

Sloan, Tom.

Creator's ORCID:
CReDIT Contributor Roles:

Hernandez-Castro, Julio.

Creator's ORCID:	https://orcid.org/0000-0002-6432-5328
CReDIT Contributor Roles:

Depositors only (login required):

Altmetric

Download Statistics

Total unique views for this document in KAR since July 2020. For more details click on the image.