Documente Academic
Documente Profesional
Documente Cultură
of Technology in
Computer Science
By
Pankhuri Kaushik (0709510042) Rohit Gupta (0709510047) Namita Chakravarty(0709510033)
Table of Contents
List of Tables.iii List of Figuresiv Declaration ....v Certificate...vi Acknowledgement.vii Abstract.viii CHAPTER 1 Introduction 1.1 Overview...2 1.2 Problem and Motivation....3 1.3 Approach of Steganography..4 CHAPTER 2 Feasibility Study 2.1 Technical Feasibility..................................................................................6 2.2 Operational Feasibility...6 2.3Economical Feasibility....6 CHAPTER 3 Software Development Paradigm.................................................10 CHAPTER 4 Project Planning 4.1 Activity planning......................................................................................12 4.2 Activity sequencing and scheduling.13 CHAPTER 5 Software requirement specification 5.1 Introduction 5.1.1 Purpose of document.......15 5.1.2 Scope...15 5.1.3 Definitions...16 5.2 Overall Description 5.2.1 Product perspective.....17 5.2.2 Product functionality...17 5.2.3 Operating environment....................................................18 5.2.4 Design and implementation constraint18 5.3 Specific Requirements
i 5.3.1 Non-Functional requirements.....18 5.3.2 Functional requirements......... ....19 CHAPTER 6 Design 6.1 High level design 6.1.1 Data flow diagrams.........21 6.1.2 Sequence diagrams..23 6.1.3 Activity diagrams.....25 6.2 Low level design 6.2.1 Class diagrams........27 6.2.2 Procedural tables.....28 CHAPTER 7 Testing 7.1 Unit testing................................................................................................31 7.2 Integration testing.31 7.3 System testing...31 7.4 Test cases..31 CHAPTER 8 Snapshots 8.1 Snapshot of Initial Page........................................................................34 8.2 Snapshot of Receive Mail Interface......35 8.3 Snapshot of De-Stegnalizing... ..36 8.4 Snapshot of Sending mail Interface after Steganalizing...37 8.5 Snapshot of Mail sent successfully...38 8.6 Snapshot of De-Steganalized successfully39 Advantages and disadvantages ..40 Future Enhancements......41 Conclusion .....42 Bibliography...43
ii
List of Tables
S.No. 1.
Table Name Steganography advantageous over cryptography Input Results Phase Distribution Non-Functional Requirements Functional Requirements Send Mail Module Message Steganography Module Message DeSteganography Module Receive Mail Module Test Cases
Page No. 3
2. 3. 4. 5. 6. 7. 8. 9. 10. 11.
Ch-2 Ch-2 Ch-2 Ch-5 Ch-5 Ch-6 Ch-6 Ch-6 Ch-6 Ch-7
2.1 2.2 2.3 5.1 5.2 6.1 6.2 6.3 6.4 7.1
7 7 8 18 19 28 28 29 29 32
iii
List of Figures
S.No. 1. 2. 3. 4. 5. 6.
Figure Name Working Work Breakdown Structure Gantt Chart Context Level Diagram(Level 0) Level 1 Data flow Diagram Sequence diagram for Steganalyzing & Sending Sequence diagram for De-Steganalyzing & Receiving Activity diagram for Steganalyzing & mailing Activity diagram for De-Steganalyzing & Receiving Class Diagram for Mailing System Class Diagram for Steganography
Page No. 4 12 13 21 22 23
7.
Ch-6
6.4
24
8.
Ch-6
6.5
25
9.
Ch-6
6.6
26
10. 11.
Ch-6 Ch-6
6.7 6.8
27 27
iv
DECLARATION
We Pankhuri Kaushik, Rohit Gupta and Namita Chakravarty hereby declare that the report of the project entitled Mailing System using Steganography is our own work and that to the best of our knowledge and belief, it contains no material previously published or written by another person, nor material which to a substantial extent has been excepted for the award of any degree or the diploma of the university or the institute of higher learning, except where due acknowledgement has been made in the text.
CERTIFICATE
This is to certify that the project report (TCS-853) entitled Mailing System using Steganography done by Pankhuri Kaushik(0709510042), Rohit Gupta (0709510047), Namita Chakravarty (0709510033) is an authentic work carried out by him/her at Mahatma Gandhi Missions College of Engineering and Technology, Noida under my guidance. The matter embodied in this project work has not been submitted earlier for the award of any degree or diploma to the best of my knowledge and belief.
vi
ACKNOWLEDGEMENT
It gives us a great sense of pleasure to present the report of the Project undertaken during B.Tech. Final Year. We owe special debt of gratitude to Lecturer Mr. Mohammad Asim, Department of Computer Science & Engineering and Information Technology, Mahatma Gandhi Missions College of Engineering & Technology, Noida for his constant support and guidance throughout the course of our work. His sincerity, thoroughness and perseverance have been a constant source of inspiration for us. It is only his cognizant efforts that our endeavors have seen light of the day. We also do not like to miss the opportunity to acknowledge the contribution of all faculty members of the department for their kind assistance and cooperation during the development of our project. Last but not the least, we acknowledge our friends for their contribution in the completion of the project.
Signature: Name : Pankhuri Kaushik Roll No.: 0709510042 Signature: Name : Rohit Gupta Roll No.: 0709510047 Signature: Name : Namita Chakravarty Roll No.: 0709510033 Date:
vii
ABSTRACT
The basis of this project was to create an application using steganography that shows how steganography can add to the strength of the application. The application that we have opted for is a mailing system. It includes the facilities of sending steganalized information using your existing Email addresses along with the options of attachments and opening your Email accounts to see the received mail along with your inbox . Steganography is a technique that provides the facility of hiding secret information in some other carrier file format (Text, Image, Audio etc.) in such a way that no one other that the sender and the intended recipient could suspect the existence of the secret information. Our project uses Text to Text steganography to resolve the issue that whether the information being sent on the web is secured or being accessed. We are providing double protection, one using an encryption process and the other using Text to Text steganography. The encryption process involves the encryption of the Real message (Secret message) with a Password both of which are provided by the user. Steganography involves hiding of this encrypted message behind the Fake message that is also provided by the user. The result of the above approach is that now we can send our secret information with assurance that even if somebody is able to conceal the steganalised encrypted message then he/she will not be able to guess if it contains some secret information. So, it can be concluded that Text to Text steganography added strength to our mailing system by enhancing its working.
viii
CHAPTER 1 INTRODUCTION
INTRODUCTION
1.1 Overview
Today, email has become the most popular way of communication between individuals and even organizations. But as the number of people emailing has skyrocketed, so have the risks to organizations that their sensitive information being stolen by hackers. As a click on send button does not just send the mail from you to the person you intended to send to. Although email appears fast, but each mail hops from system to system in the public internet until it arrives at its intended destination. Email system is like an electronic post card. If someone wants to copy, intercept or even alter your emails, they can do it with relative ease. Though there may exist encryption in the hop going from client to the server, no matter how unbreakable but still arouse suspicion. Therefore, keeping both the things in mind we have developed a mailing system with steganography implementation at the back end. Steganography hide the messages in such a way that no one, apart from the sender and intended recipient, suspects the existence of the message. Steganography is more effective than encryption when used in right way. We have named our mailing system as StegMail. StegMail uses the text to text steganography approach to keep the mails safe from malicious security incidents, so that there will be no longer worry about sensitive information being shared with unauthorized individuals. Text to text steganography involves that both the secret information and the carrier file behind which this information has to be hidden should be in text format. That is what was required for providing the security in emails as carrier file as image, audio or video would arouse suspicion and also unnecessarily will increase the size of the mail.
Steganography is a technique of hiding the message in such a way that others cannot discern the presence or contents of the hidden message. Steganography advantageous over Cryptography Cryptography The word originates from Greek, which means "hidden, secret". In this, messages may attract attention to themselves. Plainly visible encrypted messages, no matter how unbreakable will arouse suspicion. Cryptography protects the contents of a message. Steganography The word originates from Greek, which means "covered, hidden writing". In this, messages do not attract attention to themselves. It will not arouse suspicion. Steganography can be said to protect both messages and communicating parties.
To provide security to the mailing system, we have used Text to text steganography technique before sending the mail. The objective of the proposed system is to send and receive steganalyzed messages i.e. encrypted and embedded in another text body. The user can choose the fake message according to him/her. Our system is able to evaluate the chosen fake message will be able to carry the real message or not. The user has to set a different key for every message he steganalyzes and sends. This enables the user to send different messages (more than 1) with 2 different keys using the same fake message. At the time of receiving, user will have to de-steganalyze the stego-object by entering the same key value by which the sender steganalyzed it. Working Real message abcd 10010101 XOR Key abcd 10010101
10100110
4
Figure 1.1
FEASIBILITY STUDY
The concept of feasibility is to determine whether or not a project is worth doing. Types of Feasibility 1. Technical Feasibility 2. Operational Feasibility 3. Economic Feasibility 2.1 Technical Feasibility This deals with whether project requisites are feasible. Our project uses Gmail server to login and access the Gmail accounts. And the access to Gmail server can be done easily without any charges. All the technology for our projects composition is easily available. To run our application we just need a workstation with the facility to access internet. Therefore our project will perform and there are no production barriers 2.2 Operational feasibility This is a measure of how well a new proposed system solves the existing problem. Our project satisfies all GUI and processing requirements. The goal of our proposed system is to provide security to the information that is being sent on the internet. For this purpose a technique called steganography is defined. We use the concept of Text to Text steganography which can be easily implemented. So our project is operationally feasible. 2.3 Economic Feasibility This is done to evaluate effectiveness of the new proposed system. In this the cost of developing is estimated depending on which the project is taken up.
6 Cost estimation of the project: The cost plays an important role in deciding the feasibility of new system, so it must be identified and estimated properly. We have used the online COCOMO software cost model It computes software development effort and cost as a function of program size. Program size is expressed in estimated thousands of lines of code (KLOC).
Inputs
Development Delivered Source Instructions (thousands) (KDSI) Development Mode Average Cost Rate ($/PM) Maintenance KDSI added (annual) KDSI modified (annual) Average Cost Rate ($/PM)
0
0 3.7
Organic
1000
person-months (PM) months instructions per person-month full-time-equivalent software personnel person-months
Table 2.2
Phase Distribution
Effort (PM) Schedule (mo.) Staff (avg.) Plans and requirements * Product Design Programming Detailed Design Code and unit test Integration and test
0.5 1.4 6.1 2.3 3.8 1.4 1.1 1.3 0.6 1.1 3.8 0.8 1.3 1.6
Cost
500 1400 6100 2300 3800 1400
Table 2.3
PROTOTYPE MODEL The prototyping is a concept that bases its development by creating prototypes after prototypes until the perfect software is created. Prototyping has several benefits: The software designer and implementer can obtain feedback from the users early in the project. The client and the contractor can compare if the software made matches the software specification, according to which the software program is built. It also allows the software engineer some insight into the accuracy of initial project estimates and whether the deadlines and milestones proposed can be successfully met. The process of prototyping involves the following steps: 1. Identify basic requirements
Determine basic requirements including the input and output information desired. Details, such as security, can typically be ignored. 2. Develop Initial Prototype
The initial prototype is developed that includes only user interfaces. 3. Review
The customers, including end-users, examine the prototype and provide feedback on additions or changes. 4. Revise and Enhance the Prototype
Using the feedback both the specifications and the prototype can be improved. Negotiation about what is within the scope of the contract/product may be necessary. If changes are introduced then a repeat of steps 3 and step 4 may be needed.
10
11
PROJECT PLANNING
Project planning involves the development of action items and scheduling that will keep the project moving forward on a consistent basis. 4.1 Activity Planning Activities must be defined so that they meet these criteria. A project is composed of a number of interrelated activities A project may start when at least one of its activity starts A project will be completed when all of the activities it encompasses have been completed Some activities might require that others are completed before they can begin Work break down Structure A project is made manageable by first breaking it down into individual components in a hierarchical structure, known as the work breakdown structure, or the WBS.
Figure 4.1
Level 1 STEGMAIL Mailing System using Steganography
1.2 Steganography
Gantt Chart
Sep Activities/Duratio n A Research Analysis B C Design Part I Design Part II and Oct Nov Dec Jan Feb March April
D CodeModule1 Sending Mail E F Code Module2 Steganalyzing Code Module3 Receiving Mail G Code Module4 De-steganalyzing H Testing I Documentation
Figure 4.2
13
14
Introduction
Purpose of document This is the software requirement specification for the Mailing system using Steganography. This document provides a description of the purpose, requirements, and scope of the software. In this software requirement specification, constraints and other specification is addressed The purpose of our project is to develop such a mailing system which can provide security to our secret message from being fetched by unauthorized user. Scope of development project The Product Scope (the whats) of our project includes To develop a Mailing system i.e. provision of sending and receiving Enhance the security as compared to existing systems Facility of attachments User friendly interface The Project Scope (the hows) of our project includes Sending of mail through Gmail SMTP server Steganography implementation rather than just encryption Steganalizing the message to be sent De-Steganalizing the message when received
15
5.1.1 (i)
Definitions Steganography: It is the art and science of hiding messages in such a way that no one, apart from the sender and intended recipient, suspects the existence of the message, a form of security through obscurity
Steganalyzing: This means to hide the secret message behind some other file (carrier file). De-steganalyzing: This means to extract the secret message from the other file (stego object). Real Message: It is the message or mail which user wants to keep secured from unauthorized fetch. Fake Message: It is the message behind which real message will be hidden. This message can be fetched if anybody tries to access the mail in between. so it should not contain any important information.
Carrier File: This term is used in steganography. This is the file which carries the secret message behind itself. It can be Text file, image, audio etc. Stego Object: Output of steganalyzing is stego object. It is that fake message which has secret message embed behind it. [Real message + carrier file]. Fake character count: This is the minimum length required for a fake message, so that real message can be embed into it.
16
Overall Description
Product Perspective Email system is like an electronic post card. If someone wants to copy, intercept or even alter your emails, they can do it with relative ease. Though there may exist encryption in the hop going from client to the server, no matter how unbreakable but still arouse suspicion. Therefore, keeping this in mind we have developed a mailing system with steganography implementation at the back end. Steganography hide the messages in such a way that no one, apart from the sender and intended recipient, suspects the existence of the message. Steganography is more effective than encryption when used in right way. We have named our mailing system as StegMail. StegMail uses the text to text steganography approach to keep the mails safe from malicious security incidents, so that there will be no longer worry about sensitive information being shared with unauthorized individuals. Text to text steganography involves that both the secret information and the carrier file behind which this information has to be hidden should be in text format. That is what was required for providing the security in emails as carrier file as image, audio or video would arouse suspicion and also unnecessarily will increase the size of the mail.
Product Functionality To carry out the proposed work we have followed a systematic approach. Firstly steganalizing the mail provides two fold securities. One is by encrypting the real message with the password both of which are requested from the user. Encryption is carried out by applying XOR between the real message and the password. Second is to hide this encrypted text behind the fake message provided by the user. De-steganalizing involves the coded message and the password as input from the receiver and it finally gives the secret information.
17
Operating Environment Hardware Specification Pentium III or higher 128MB RAM(512MB recommended) 1 GB hard disk space (minimum) Software Specification Windows XP Service Pack 2 or above Microsoft Visual Studio 2008
Design and Implementation Constraints The proposed project should have a simple and user friendly interface such that any of the users who are not having extensive knowledge of computers can use it. Also the security consideration is the main constraint which cannot be neglected at all. Reliability and portability of the project are some other issues which should be kept in mind. Cost is also a constraint from the point of view of services that are to be made available.
Specific Requirements
NON-FUNCTIONAL REQUIRMENTS: It specifies the criteria based on which we can judge the operation of the proposed system. It defines how a system is supposed to be. (i) (ii) (iii) High Security Reliability Usability (iv) (v) (iv) Table 5.1 18 Portability Efficiency Extensibility
FUNCTIONAL REQUIRMENTS: It consists of the specific functionality that defines what a system is supposed to accomplish. (i) Any of the existing Gmail ids can be used to send the mail from the proposed system named StegMail. (ii) Proposed system will also receive the mails by logging in their respective ids and will show in their full inbox. (iii) Security through obscurity i.e. the security which even hides the existence of secret message from eavesdropper. (iv) (v) (vi) (vii) Facility of file attachments in mailing system Email notifications of mail sent and mail not sent More secured than the existing systems Technique of the text to text steganography should be carefully chosen Table 5.2
19
CHAPTER 6 DESIGN
20
DESIGN
Fake Message Real Message Senders Email Steganalized Mail Receivers Email Key
Sender
STEG MAIL
Receiver
Key
21
Steganalized Mail
Encrypt
Sender
Send
Response Request If Valid Download Inbox Real Message Key Receivers Email
Decrypt
Receive
Receiver
Receivers password
Steganalized Mail
Sender
To ,From ,Password Subject Message
Form1
Steganalize
Send
Receiver
Message Key
Coded Message
23
Receiver
Username ,Password
Form1
Receive
De-Steg
Stego Object
key Message
24
Start Start
Encryption
Store Stego-Object
Validation
Figure 6.5
25
Start Start
Connect to inbox
Rejected
Enter Key
De-steganalize
Figure 6.6
26
27
Send Mail Module Parameters SendTo SendFrom SendSubject SendMessage SendMessageWithAttachment attachments Pass Combo Method Name
Description It calls the ValidateEmailAddress method so that validation is applied before sending the mail and then sends the email using SMTP. It validates the Email
ValidateEmailAddress
emailAddress
Table 6.1
Message Steganalyzing Module Parameters Description Key It first encrypts the secret SecretMessage message with the key & FakeMessage then hides this encrypted StegnalisedMessage msg behind the fake msg.
Table 6.2
28 Function Name Message De-Steganalyzing Module Parameters Description SourceText It decrypts the source text Key
decrypter
SecretMessage
Table 6.3
Description It checks whether connected to internet or not. It checks the username and password It retrieves Emails from
the receivers mail address. It downloads the attachment and also gives the option to save the file. It disconnects with the server.
Disconnect_Click
___
Table 6.4
29
CHAPTER 7 TESTING
30
TESTING
The basic levels of testing are:-
31
S.No.
Bench-Mark Test
1.
Inputs and Observations Unfilled secret Checking functionality of message textbox send mail module & click on Encrypt button Unfilled senders Checking functionality of email textbox & send mail module click on Send button Unfilled senders Checking functionality of password textbox send mail module & click on Send button Unfilled receivers Checking functionality of email textbox & send mail module click on Send button Click on Send Checking functionality of button before send mail module steganalizing Unfilled key textbox & Click on steganalize button If length of fake Checking functionality of message is empty message steganalizing or shorter than module expected Unfilled username Checking functionality of password & click Receive mail module on Connect Checking functionality of message steganalizing module Invalid username Checking functionality of password & click Receive mail module on Connect Unfilled source or Checking functionality of key & click on demessage de-steganalizing steganalize module
Expected Output Generates a message box that secret message empty. Generates a message box that senders Email empty. Generates a message box that senders password empty. Generates a message box that receivers email empty. Nothing happens as send button is disabled at that time. Generate a message box that key empty. Generates a message box that fake message not enough Generates a message box that username password empty Generates a message box that cannot connect (Invalid username & password) Generates a message box that source or key empty.
2.
3.
4.
5.
6.
7.
8.
9.
10.
Table 7.1
32
CHAPTER 8 SNAPSHOTS
33
SNAPSHOTS
Initial page
34
35
De-Steganalizing
36
37
38
De-Steganalized successfully
39
Advantages Mails are securely sent using steganography Steganography is a more secure technique than cryptography as it does not arouse suspicion of some hidden secret information to the eavesdropper as was the case in cryptography.
Disadvantages The Existing Email accounts containing a very large number of files in their inbox will take a large amount of time in the receiving process. If the real confidential message entered by the user is large, then the fake message acting as carrier file should also be very large. Only text can be concealed and no image or audio file can be concealed.
40
FUTURE ENHANCEMENTS
In future our system can be extended to a web application. Information other than text can be concealed such as an image, an audio file etc. Users other than Gmail account users could also send the mail using our system.
41
CONCLUSION
The project Mailing system using steganography that was designed to provide security to the users information that travels through the web has been successfully developed. It can be concluded that the project is working correctly in the way it was intended to behave. As well as it is competent enough as along with providing security to information, it also provides the facility to send and receive emails. All and all it could be commented that the project works as been desired and the remaining flaws could be overcome .
42
Bibliography
[1] http://msdn.microsoft.com/en-us/library/ms123401.aspx. [2] http://www.c-sharpcorner.com/ [3] Book- Sams teach yourself C# in 21 days, Page 460-485 [4] http://en.wikipedia.org/wiki/Steganography [5] http://www.softwareprojects.org/software-project-management.htm [6] http://www.sersc.org/journals/IJAST/vol3/9.pdf [7] www.processimpact.com/process_assets/srs_template.doc
43