Sign in to follow this  
ilya

How social media networks can combat spam, bots and digital theft (part 2)

Recommended Posts

A few months back I read an article about steganography.
Back then I did not know what steganography was, but the information blew my mind.

What is steganography?

It's a way of encoding (aka storing) information to an image, without ANY visible loss/changes to the image itself.
This strategy does not alter the image file, but it alters the pixels themselves, such that the information is stored inside the image.
This is a crazy method and it CANNOT be detected. It's a very dangerous method and can be used by criminals and terrorists to communicate using Instagram, Pinterest, Facebook, Tumblr, Imgur, ... without revealing their message. It is quite scary since these organizations/individuals can appear as regular users.

How does it work?

Allow me to illustrate how powerful steganography really is.
Take a look at the next two images, can you spot the 10 differences?

out.jpg

ori.jpg

Let me disappoint you but there are no differences, at least not to the human eye.
However, the first image contains data encoded into its pixels, and this is the content:

secretMessge.png

In this demo, it stores a text file with the message as shown above. But it can store anything, it could even be an EXE file, a zip file, another image file, a PDF file,... you name it. Although the files we encode into the images should be small in size, otherwise there is the possibility that the image's pixels become visibly corrupted/altered (but I have not tested this yet).

Try it yourself

I have used the Java code, found on this repository:
https://github.com/leoxiong/image-steganography

The owner of the code has provided a short YouTube tutorial which you can watch:

You can try to re-upload the image with encoded data to some image sharing site (e.g. imgur), and then re-download it, decode it and verify the decoded message. I have tried this with Imgur and Pinterest. Thus to stop terrorists, these sites should definitely consider doing research on a detection mechanism (which would be incredibly hard to realize).

Why is this a risk for bots and spammers?

Social media sites, allow you to upload images, gain followers and grow your brand.
However, there is an ongoing debate about using/stealing content of other people, and how such a crime can be punished in an effective manner.

In part 1 of this series, I have proposed a system that can identify fake profiles from real ones.
Using that knowledge we can further let social media sites exclude all fake profiles from rankings and feeds, basically isolating them to die out.

Steganography offers an incredibly powerful way to reward original uploaders and punish content thieves. And it would work like this:

  1. A user uploads an image onto his favorite social media site.
  2. That website will apply steganography to encode his profile information (unique user ID) into the image.
  3. Everyone who now attempts to steal and re-upload this image will be categorized as "thief" and we can lower their chances of appearing on any feed. If the "thief"-level becomes high, the website can decide to ban/isolate the account entirely.

The beauty of steganography is that encoding information to an image is quick and easy, but extracting it is very hard if you don't know the algorithm that was used (only known to the website itself and hidden in the code on a server).

Even if the user edits the image, such as, applying a watermark or adding a logo, chance is pretty high that the unique user ID can be decoded from the image.  Even if you attempt to make a screenshot of the image, the information will still be in there.

Problems

A major problem with this is that you can easily create unique images, that remove the encoded data, by re-saving the image in a different format or apply image compressions. But also when you apply a filter or edit it in Photoshop for instance, then the information will be lost.

The above statement is only true for the code which I've used to play with (see link above).
Maybe, but I haven't don't my homework, it could be possible to develop a steganography algorithm which withstands compressions, re-saving and even filters (to a certain degree).

You can read more about this method in this paper:
http://ieeexplore.ieee.org/document/6714170/

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this