The simplest container of digital information is "the file" and among the vast array of files currently available, MS-Office files are probably the most widely used. The "Microsoft Compound Document File Format" (MCDFF) has often been used to host secret information. The new format created by Microsoft, first used with MS-Office 2007, makes use of a new standard, the"Office Open XML Formats" (OOXML). The benefits include that the new format introduces the OOXML format, which lowers the risk of information leakage, as well as the use of MS-Office files as containers for steganography. In this work the authors, starting from the classification of information hiding adapted from Bauer, analyze four new methods for embedding data into the OOXML file format. These methods can be extremely useful when using MS-Office documents for steganographic purposes. The authors, analyzing a scenario composed of about 50.000 MS-Office files, highlight how the proposed methods are really helpful in real applications. An evaluation of the limits of the proposed methods is carried out by comparing them against the tool introduced by Microsoft to sanitize MS-Office files. The methods presented can be combined in order to extend the amount of data to be hidden in a single cover file.

Hiding information into OOXML documents: New steganographic perspectives

Castiglione Aniello;
2011-01-01

Abstract

The simplest container of digital information is "the file" and among the vast array of files currently available, MS-Office files are probably the most widely used. The "Microsoft Compound Document File Format" (MCDFF) has often been used to host secret information. The new format created by Microsoft, first used with MS-Office 2007, makes use of a new standard, the"Office Open XML Formats" (OOXML). The benefits include that the new format introduces the OOXML format, which lowers the risk of information leakage, as well as the use of MS-Office files as containers for steganography. In this work the authors, starting from the classification of information hiding adapted from Bauer, analyze four new methods for embedding data into the OOXML file format. These methods can be extremely useful when using MS-Office documents for steganographic purposes. The authors, analyzing a scenario composed of about 50.000 MS-Office files, highlight how the proposed methods are really helpful in real applications. An evaluation of the limits of the proposed methods is carried out by comparing them against the tool introduced by Microsoft to sanitize MS-Office files. The methods presented can be combined in order to extend the amount of data to be hidden in a single cover file.
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11386/4813279
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 10
  • ???jsp.display-item.citation.isi??? ND
social impact