Hiding information into OOXML documents: New steganographic perspectives

The simplest container of digital information is "the file" and among the vast array of files currently available, MS-Office files are probably the most widely used. The "Microsoft Compound Document File Format" (MCDFF) has often been used to host secret information. The new format created by Microsoft, first used with MS-Office 2007, makes use of a new standard, the"Office Open XML Formats" (OOXML). The benefits include that the new format introduces the OOXML format, which lowers the risk of information leakage, as well as the use of MS-Office files as containers for steganography. In this work the authors, starting from the classification of information hiding adapted from Bauer, analyze four new methods for embedding data into the OOXML file format. These methods can be extremely useful when using MS-Office documents for steganographic purposes. The authors, analyzing a scenario composed of about 50.000 MS-Office files, highlight how the proposed methods are really helpful in real applications. An evaluation of the limits of the proposed methods is carried out by comparing them against the tool introduced by Microsoft to sanitize MS-Office files. The methods presented can be combined in order to extend the amount of data to be hidden in a single cover file.