COMSATS University Islamabad (CUI)

Onion Steganography

By

Maaz Khan CIIT/SP16-BSE-104/ISB

Shahid Ali CIIT/FA15-BSE-098/ISB

Supervisor
Ma’am Saira Beg

Bachelor of Science in Software Engineering (2016-2020)

The candidate confirms that the work submitted is their own and appropriate
credit has been given where reference has been made to the work of others.
 COMSATS University Islamabad (CUI)

Onion Steganography

A project presented to
COMSATS University Islamabad

In partial fulfillment
of the requirement for the degree of

Bachelor of Science in Software Engineering (2016-2020)

By

Maaz Khan CIIT/SP16-BSE-104/ISB

Shahid Ali CIIT/FA15-BSE-098/ISB

i
 DECLARATION
We hereby declare that this software, neither whole nor as a part has been copied out from any
source. It is further declared that we have developed this software and accompanied report entirely
on the basis of our personal efforts. If any part of this project is proved to be copied out from any
source or found to be reproduction of some other. We will stand by the consequences. No Portion
of the work presented has been submitted of any application for any other degree or qualification
of this or any other university or institute of learning.

Maaz Khan Shahid Ali

--------------------------- ---------------------------

ii
CERTIFICATE OF APPROVAL
It is to certify that the final year project of BS (CS) “Project title” was developed by
Maaz Khan (CIIT/SP16-BSE-104) and Shahid Ali (CIIT/FA15-BSE-098) under the
supervision of “Ma’am Saira Beg” and that in (their/his/her) opinion; it is fully adequate, in scope
and quality for the degree of Bachelors of Science in Computer Sciences.

---------------------------------------
Supervisor

---------------------------------------
External Examiner

---------------------------------------
Head of Department
(Department of Computer Science)

iii
 Executive Summary
We are in the digital age. Data is arguably the most valuable asset and therefore needs to be kept
safe. The most obvious solution to protect data is to encrypt it (scramble or replace original text
with text that is not meaningful to someone who does not know how to retrieve the original text).
Merely encrypting data, however, has a major caveat. If something is encrypted, it means there is
something of value hidden in the encrypted data. Malicious parties then apply all possible means
to decrypt the data and it is well known that no encryption is 100% unbreakable. Every
encryption can be bypassed whether it is by figuring out a pattern or by brute force attacks.

This is where steganography comes in. Steganography refers to hiding data in a form of media
(image, video, audio, or any other form of media) in such a way that the hidden data is concealed
and anybody interacting with the medium has no idea that the data is concealed within it. If the
user has no idea that there is something of value hidden within the medium, he/she will not try to
extract data from it, which greatly reduces the risk of data getting into the wrong hands.

This project is based on steganography i.e. hiding important information inside a publically
available form of media in such a way that it is accessible to all but only the authorized parties
know how to retrieve the hidden information from said medium. The ultimate goal of our system
is to hide the data into a video file. It is not one dimensional, simple steganography. It uses
layered steganography, which means data is hidden within multiple forms of media sequentially,
before ultimately hiding it into the audio component of desired video. It also uses text encryption
as an added layer of security. There are 10 algorithms, any one of which will be used based on
audio file active zones. The working of the project is explained below.

Hiding process:
The user selects a video file to hide the data into. The audio file is analyzed to determine the
technique we need to use to encrypt the text message.

The user is then asked to enter a message to be hidden. The user inputs a message to hide. The
message may be up to 100 characters in length. Upon confirmation, the message is encrypted,
based on the active zones of the audio file (based on channel values). The project then generates
a logo image ( An image generated by taking the encrypted message as input and generating
random values based on these input values using logistic map ) based on the encrypted text.

The next step is to choose a cover image (an image that will act as an intermediate medium in
which the data is hidden before ultimately, the image itself is hidden into the video). The user
selects an image which is anywhere between 100 x 100 and 300 x 300 pixels (width x height). If
the image is larger, the user can crop the image to be eligible. The user may also take a picture
and then crop it to be eligible. After the user has confirmed the selection of the image, the project
hides the previously generated logo image into the cover image. The project then hides the cover
image into the audio of the selected video. The project then saves the video in the desired
location.

iv
Extraction process:

To extract a message from a video, the user first selects a video file to extract data from. Audio is
then extracted from the video file and the decryption technique to be used later, is then
determined by the audio active zones. Next, the cover image is extracted from the audio, based
on the dimensions of the image hidden in the audio file. After the cover image is extracted, the
logo image is extracted from the cover image. The encrypted text is then extracted from the logo
image, and finally, the encrypted/cipher text is then decrypted using technique determined by the
previously determined decryption technique.

v
 Acknowledgement
All praise is to Almighty Allah who bestowed upon us a minute portion of His boundless
knowledge by virtue of which we were able to accomplish this challenging task.

We are greatly indebted to our project supervisor “Ma’am Saira Beg”. Without their personal
supervision, advice and valuable guidance, completion of this project would have been doubtful.
We are deeply indebted to them for their encouragement and continual help during this work.

And we are also thankful to our parents and family who have been a constant source of
encouragement for us and brought us the values of honesty & hard work.

Maaz Khan Shahid Ali

--------------------------- ---------------------------

vi
 Abbreviations
SRS Software Requirement Specification

PC Personal Computer

vii
 Table of Contents
1 Introduction ........................................................................................................................... 1

1.1 Brief Overview

1.2 Relevance to Course Modules
1.3 Project Background
1.4 Literature Review
1.5 Analysis from Literature Review
1.6 Methodology and Software Lifecycle for this Project
1.6.1 Rationale behind the Selected Methodology
2 Problem Definition ................................................................................................................ 5

2.1 Problem Statement

2.2 Deliverables and Development Requirements
2.3 Current Systems
3 Requirement Analysis ........................................................................................................... 7

3.1 Use Cases Diagram(s)

3.2 Detailed Use Cases
3.3 Functional Requirements
3.4 Non-Functional Requirements
4 Design and Architecture ..................................................................................................... 32

4.1 System Architecture

4.2 Data Representation
4.3 Process Flow/Representation
4.4 Design Models
5 Implementation ................................................................................................................... 40

5.1 Algorithm
5.2 External APIs
5.3 User Interface
6 Testing and Evaluation ....................................................................................................... 41

6.1 Manual Testing

6.1.1 System testing
6.1.2 Unit Testing
6.1.3 Functional Testing
6.1.4 Integration Testing
6.2 Automated Testing
Tools used:
7 Conclusion and Future Work ............................................................................................ 44

7.1 Conclusion
7.2 Future Work
8 References ............................................................................................................................ 45

viii
 List of Figures
Fig 1.1 Block Diagram .....................................................................................................................8
Fig 2.1 Use Case Diagram ...............................................................................................................9

ix
1 Introduction …
This chapter provides the overview of the project. The first paragraph of every chapter should provide
the chapter summary. You are required to use a Grammarly or some other automated tool to avoid the
grammar and language mistakes.

This section will discuss the nature, background, outcome, tools used and the methodology used

1.1 Brief Overview …

A very brief introduction of project work, outcome of your work, tools, methodology used &
highlights of discussions in various chapters of report.

Brief introduction: The project

Outcome:

Tools used:

Methodology used:

Highlights of discussion:

1.2 Relevance to Course Modules …

A brief explanation of how your project is related to various courses studied during BCS degree
program.

This project is related to the following courses we have studied and how each of these has a part
to play in the implementation of the project

 Introduction to Computers and Programming – Java basics

 Object Oriented Programming – Object Oriented implementation of code

 Data Structures – Using basic data structures

 Modern Programming Languages – Android programming basics

 Computer Organization and Assembly Language – Machine code understanding and bit
Manipulation

 Computer Architecture - Machine code understanding and bit Manipulation

1
  Software Engineering I – Understanding and choosing the best practices and
methodologies for planning and implementation of our project

 Software Requirements Engineering – Understanding the procedures and dos and don’ts
of creating an SRS document

 Software Design and Architecture – Understanding the procedures and dos and don’ts of
creating an SDS document

1.3 Project Background

This project is based on steganography, which refers to hiding data in a form of media (image,
video, audio, or any other form of media) in such a way that the hidden data is concealed and
anybody interacting with the medium has no idea that the data is concealed within it.

The basic concept behind this project is to hide data under so many layers of steganography that it
is very difficult to suspect that data is hidden with the medium in question. Even if an
unauthorized/undesirable person does suspect the presence of valuable data, the presence of so
many layers of steganography will make the person question their suspicion.

Other domains our project is related to are cryptography (replacement or scrambling text with
something which is not discernable in such a way that the original text can be extracted from it
when needed), chaotic maps (logistic map), audio manipulation, and image manipulation.

Literature Review
According to current trends, steganography is not a mainstream way of securing data, mainly
because it requires more processing power and a suitable medium to hide the data. Another reason
is the fact that people do not consider it a viable option to send data, due to it consuming more
bandwidth than regular text encryption. All applications dealing with frequent and secure
transportation of data, therefore, do not use steganography because it creates a lot of bandwidth
overhead. Text encryption is, therefore, much more common. There are a few important
applications, however, where steganography is very useful.

Any application which needs to conceal data without the knowledge of any third party (only the
sender and receiver know whether data is hidden or not) uses steganography. Intelligence agencies
use steganography to hide data in the most unexpected of media. For example, a person may hide
data in a video which he/she then uploads to any of her social media accounts. Multiple people
watch the video, oblivious to the fact that it contains a hidden message. Only the intended person
will know that the video contains data. People even hide malware within media, which is, one of

2
the most common usage scenarios of steganography today. The most common is, arguably, hiding
watermarks.

The above is achievable by one level of steganography. Our system has multiple.

1.4 Analysis from Literature Review …

After reviewing similar products and researching current trends and studies on steganography, this
project seems to be viable and an endeavor that is bound to be useful to those who want to hide
data from unauthorized access while making sure that if someone does get his/her hands on the
medium contacting the data, they will most probably be unable to extract the data from it.

1.5 Methodology and Software Lifecycle for this Project

We used the waterfall approach to develop this project. Everything was done is sequence and no
steps overlapped.

 We first studied the scope of the project and created a formal scope document.
 We then gathered the requirements from our supervisor and created an SRS document
 We then discussed the design details with our supervisor and created an SDS document.
 We then implemented the project based on the SRS and SDS documents
 Finally, we performed verification (testing) to ensure that the system works as intended

We used the object-oriented programming approach to implement our project.

1.5.1 Rationale behind the Selected Methodology

The reason for using the waterfall approach was mainly because our academic calendar made it
compulsory for us to do so by setting deadlines for submission of SRS and SDS documents.

Another reason is the fact that waterfall methodology is simple to implement and requires few
deliverables. It is possible we might have used iterative or code and fix methodologies if it were
not for these 2 factors.

The reason for using object-oriented methodology is that it tends to be more secure than
functional/structural methodology and also allows easy integration of modules and reuse of code.

Another reason for using object-oriented approach to programming is mostly because we are very
familiar with the approach, due to multiple courses emphasizing on the advantages of object-

3
oriented approach and most of the programming related to academics was done using object-
oriented methodology.

4
2 Problem Definition
This chapter would discuss the targeted problem in a precise manner. It should also need to clearly
discuss the outcome of the targeted project.

2.1 Problem Statement

In the current day and age, data is arguably the most important part of information systems.
Security and integrity of data is crucial. Measures have been taken to secure the data from
unauthorized people, but it is never impossible to breach the security and it is only a matter of time
before some unauthorized party breaches the security put in place. Such a risk of breach of security
exists because in these cases, unauthorized parties know where the data is stored. A very good
analogy is that unauthorized parties are like thieves trying to enter a secure house containing
valuables. They know where the house is, but they need to figure out how to enter it. But what if
the thieves did not know which house contains valuables? This is where steganography comes in.

2.2 Deliverables and Development Requirements

This section would need to discuss about the deliverables and the development requirements.

Deliverables:
Android application: The application which is made to be run on android devices.

2.3 Current System

Application name Weaknesses Proposed Solutions
QuickCrypto
 Single layered  Multiple mediums
steganography supported
 Only medium  Multi layered
available is image steganography

RSteg
 Less secure due to  Multiple mediums
no layering supported
approach  Multi layered
 Only medium steganography
available is image

Crypture
 No GUI, therefore  Multiple mediums
not very user supported
friendly

5
  Only medium  Multi layered
available is image steganography
 No layering, only
one medium at a
time

Table 22.1: Similar Existing Systems

6
3 Requirement Analysis
The following parts of Software Requirements Specification (SRS) report should be included in
this chapter.

3.1 Use Cases Diagram(s)

This section will present the use case diagram. It is also suggested to discuss the use case
diagram from a technical perspective.

3.2 Detailed Use Case

This section will present the detailed use case.

Use Case ID: UC-1

Use Case Choose whether to hide or extract data
Name:
Actors: Primary actor(s): User
Secondary actor(s): None
Description:

7
 The user needs to choose whether to hide data into a video or extract data from a
video.
Outcome: The system moves on to the next step based on which of the two
options is chosen

Trigger:
The user starts the application

Preconditions:
PRE-1. User is at the main menu

Postconditions:
POST-1. The system moves on to the next step based on which of the options is
chosen

Normal Flow:
1.The user is taken to the main menu upon starting the application
2.The user chooses either to hide the data or to extract the data
3.The chosen process is started

Alternative No alternate flows

Flows:
[Alternative
Flow 1 – Not in
Network]
Exceptions: No exceptions
Business Rules

Assumptions:

Use Case ID: UC-2

Use Case Hide data
Name:
Actors: Primary actor(s): User
Secondary actor(s): None
Description:
A user wants to hide data into a video file.
Outcome: The user saves the video with hidden data to the device

Trigger:
The user chooses to hide data

Preconditions:
PRE-1. User has chosen to hide data

8
Postconditions:
POST-1. The data is hidden in the video
POST-2. The video is saved on the device

Normal Flow:
1.User chooses hide data option
2.User is asked to choose video
3.Audio is extracted from the video
4.The number of active zones is calculated
5.User is asked to enter message to hide into the video
6.The text message previously entered is then encrypted by choosing one of the
cipher techniques based on the number of active zones
7.The encryption technique is chosen and applied to the text to convert it into cipher
text
8.The cipher text is then converted into a logo image by multiplying with a matrix
9.User is asked to choose cover image
10.The logo image is then hidden into the cover image
11.The cover image is then hidden into the silent zones of the audio file
12. The new audio file with the hidden data along with the images previously
extracted from the video are combined to form a video file which is the video with
the hidden message.

Alternative
Flows:
Alternative flow:
The user cancels the entire process by pressing back button at any of the steps
1,2,5,9 to go back to the main menu

Exceptions:
Exception 1:
2a.Video size is too big
2b.Video size too small
2c.Video format is not supported

Exception 2:
5a. Message is too long and must be shortened
5b. Message field empty

Exception 3:
9a. Cover image too big
9b.Cover image too small

9
Business Rules

Assumptions:

Use Case ID: UC-3

Use Case Extract data
Name:
Actors: Primary actor(s): User
Secondary actor(s): None
Description:
A user wants to extract data from a video file. This use case describes the process
of extraction of data from the video file
Outcome: The user extracts the data / hidden message from the video file

Trigger:
The user chooses to extract data

Preconditions:
PRE-1. User has chosen to extract data

Postconditions:
POST-1. The hidden message is extracted from the selected video file

Normal Flow:
1.User chooses extract data option
2.User is asked to upload video
3.Audio is extracted from the video
4.The number of active zones is calculated
5.The cover image is then extracted from the silent zones of the audio file
6.The logo image is then extracted from the cover image
7.The cipher text is then extracted from the logo image
8.The cipher text is then decrypted by choosing one of the cipher techniques based
on the number of active zones
9.The extracted message is displayed to the user

Alternative
Flows: Alternative flow:
[Alternative
Flow 1 – Not in
The user cancels the entire process at any of the steps 1,2 to go back to the main
Network] menu

Exceptions:
Exception 1:
2a. Video size is too big

10
 2b. Video size too small
2c. Video format is not supported

Business Rules

Assumptions:

Use Case ID: UC-4

Use Case Enter text message
Name:
Actors: Primary actor(s): User
Secondary actor(s): None
Description:
The user enters the message he/she wants to hide into the area specified. The user
can then confirm to move on to the next step.

Trigger:
The user wants to enter message to be hidden into video

Preconditions:
PRE-1. User has chosen to hide data
PRE-2. The user wants to enter message to be hidden into video

Postconditions:
POST-1. The user has entered the text message
POST-2. The user has confirmed the entry of text message and the message has
been moved to the next step for further processing

Normal Flow:
1.The user is required to enter text message into the field given below
2.The user enters text message
3.The user confirms the entered text message
4.The system starts the encryption process

Alternative
Flows: None

Exceptions: Exception 1:
4a. System will not start the encryption process if the message to be hidden is larger
than possible to hide in the provided video
4b. System will not move on to the next step if message field is empty

Business Rules

11
Assumptions:

Use Case ID: UC-5

Use Case Choose video file
Name:
Actors: Primary actor(s): User
Secondary actor(s): None
Description:
A user wants to choose a video file to hide the data into. The user selects the
option to hide data and then selects the video to upload from his/her device.

Outcome: The video is processed by the system and the system then waits for
confirmation from user to move to the next step.

Trigger:
The user wants to upload a video to hide data into

Preconditions:
PRE-1. User has chosen the option to choose a video from his/her machine

Postconditions:
POST-1. The video is chosen, and the user can confirm for further processing

Normal Flow:
1.The user is given the option to choose video
2.User chooses a video
3.User confirms selection

Alternative
Flows:
[Alternative
Flow 1 – Not in
Network]
Exceptions:
Exception 1:
2a. User is unable to choose video because the video file is very large
2b. User is unable to choose video because video file is very small
2c. User is unable to choose video due to unsupported format

Business Rules

Assumptions:

12
Use Case ID: UC-6
Use Case Choose an image
Name:
Actors: Primary actor(s): User
Secondary actor(s): None
Description:
A user wants to upload a cover image to hide the logo image into. The user
selects the cover image from his/her device.

Outcome: The image is processed by the system and the system then waits for
confirmation from user to upload the image.

Trigger:
The user wants to upload an image to hide data into

Preconditions:
PRE-1. User has chosen to hide data
PRE-2. User has chosen the option to choose an image from his/her machine

Postconditions:
POST-1. The image is chosen, and the user can confirm for further processing

Normal Flow:
1.The user is given the option to choose image
2.User chooses an image
3.User confirms selection

Alternative
Flows:
[Alternative
Flow 1 – Not in
Network]
Exceptions:
Exception 1:
2a. User is unable to choose image because the image file is very large
2b. User is unable to choose image because image is very small

Business Rules

Assumptions:

13
3.3 Functional Requirements
The Functional Requirements needs to be mentioned in this section.

3.1. Choose whether to hide or extract data

Identifier FR-12
Title Choose whether to hide or extract data
Requirement
The user shall be able to choose whether to hide or extract data from
the main menu

Source Supervisor
Rationale The two major features which make up the system need to be available
to the user
Business Rule (if
required)
Dependencies None
Priority High

Identifier FR-7
Title “Hide” button
Requirement
The system shall start the hiding process upon pressing the
“Encryption” button and set the value of “chosen” variable to “hide”

Source Supervisor
Rationale Button functionality is necessary for user interaction
Business Rule (if
required)
Dependencies None
Priority High

14
Identifier FR-8
Title “Extract” button
Requirement
The system shall start the extraction process upon pressing the
“Decryption” button and set the value of “chosen” variable to
“extract”

Source Supervisor
Rationale Button functionality is necessary for user interaction
Business Rule (if
required)
Dependencies None
Priority High

Identifier FR-13
Title Choose video
Requirement
The user shall be able to upload a video file of up to ----- Megabytes
of mp4 format

Source Supervisor
Rationale The video file must have a limit which can accommodate a message of
up to 100 characters while being large enough that it is very difficult to
find the small hidden message inside it
Business Rule (if Any restriction, policy, rule that the particular rrequirement must be
required) fulfilled through its functional behavior
Dependencies None
Priority High

Identifier FR-19
Title Extract audio from video
Requirement
The system shall be able to extract the audio from the provided video

15
Source Supervisor
Rationale It is necessary to extract audio from video to be able to calculate silent
and active zones as well as to later hide data into the silent zones
Business Rule (if
required)
Dependencies None
Priority High

Identifier FR-20
Title Calculate active zones in audio
Requirement The system shall be able to calculate active zones in the audio

Source Supervisor
Rationale The decision of which cipher technique will be used is based on active
zones of audio file
Business Rule (if
required)
Dependencies None
Priority High

Identifier FR-20
Title Calculate technique to be used based on active zones
Requirement The system shall be able to calculate a number from 0 to 9 based on
active zones and set a variable “technique” based on it

Source Supervisor
Rationale The decision of which cipher technique to encrypt/decrypt will be used
is based on active zones of audio file
Business Rule (if
required)
Dependencies None

16
Priority High

Identifier FR-14
Title Enter message to be hidden
Requirement
The system shall allow the user to input a plain text message whose
length limit is 100 characters and does not allow spaces, capital
characters, or numbers

Source Supervisor
Rationale The message must have a limit as the video, audio and cover image in
which we will hide the message will also have a limit and the message
must be able to be properly hidden into the video without major
changes to the media
Business Rule (if
required)
Dependencies None
Priority High

Identifier FR-21
Title Extract silent and active zones of audio file
Requirement The system shall be able to break down the audio file into silent and
active zones

Source Supervisor
Rationale This requirement exists because ultimately, data has to be hidden into
the silent zones of audio files, which is not possible without extracting
and editing the components of the audio file.
Business Rule (if Any restriction, policy, rule that the particular requirement must be
required) fulfilled through its functional behavior
Dependencies None
Priority High

Identifier FR-22

17
Title Choose encryption technique
Requirement The system shall be able to choose cipher technique based on the
value of the “technique” variable which is set based on active zones
of audio
Source Supervisor
Rationale The system needs to be able to choose from among multiple cipher
techniques to increase security of hidden data
Business Rule (if
required)
Dependencies None
Priority High

Identifier FR-25
Title Get binary string of given value
Requirement The system shall be able to get binary representation of desired value
Source Supervisor
Rationale Very important to modify media, image manipulation, text
manipulation, audio manipulation all depend on this function
Business Rule (if
required)
Dependencies None
Priority High

Identifier FR-25
Title Get value from binary string
Requirement The system shall be able to get value from binary string
Source Supervisor
Rationale Very important to modify media, image manipulation, text
manipulation, audio manipulation all depend on this function
Business Rule (if
required)
Dependencies None
Priority High

18
Identifier FR-23
Title Encrypt text message using Tri Square cipher
Requirement The system shall be able to apply Tri Square encryption technique to
text message based on the value of “technique” variable
Source Supervisor
Rationale The system has to have multiple encryption techniques to encrypt the
text message before hiding it
Business Rule (if
required)
Dependencies None
Priority High

Identifier FR-23
Title Encrypt text message using Vignere cipher
Requirement The system shall be able to apply Vignere encryption technique to
text message based on the value of “technique” variable
Source Supervisor
Rationale The system has to have multiple encryption techniques to encrypt the
text message before hiding it
Business Rule (if
required)
Dependencies None
Priority High

Identifier FR-23
Title Encrypt text message using Four Square cipher
Requirement The system shall be able to apply Four Square encryption technique
to text message based on the value of “technique” variable
Source Supervisor
Rationale The system has to have multiple encryption techniques to encrypt the
text message before hiding it
Business Rule (if
required)

19
Dependencies None
Priority High

Identifier FR-23
Title Encrypt text message using Digraph cipher
Requirement The system shall be able to apply Digraph encryption technique to
text message based on the value of “technique” variable
Source Supervisor
Rationale The system has to have multiple encryption techniques to encrypt the
text message before hiding it
Business Rule (if
required)
Dependencies None
Priority High

Identifier FR-23
Title Encrypt text message using Quagmire IV cipher
Requirement The system shall be able to apply Quagmire IV encryption technique
to text message based on the value of “technique” variable
Source Supervisor
Rationale The system has to have multiple encryption techniques to encrypt the
text message before hiding it
Business Rule (if
required)
Dependencies None
Priority High

Identifier FR-23
Title Encrypt text message using Condi cipher
Requirement The system shall be able to apply Condi encryption technique to text
message based on the value of “technique” variable
Source Supervisor

20
Rationale The system has to have multiple encryption techniques to encrypt the
text message before hiding it
Business Rule (if
required)
Dependencies None
Priority High

Identifier FR-23
Title Encrypt text message using Compressocrat cipher
Requirement The system shall be able to apply Compressocrat encryption
technique to text message based on the value of “technique” variable
Source Supervisor
Rationale The system has to have multiple encryption techniques to encrypt the
text message before hiding it
Business Rule (if
required)
Dependencies None
Priority High

Identifier FR-23
Title Encrypt text message using Trifid cipher
Requirement The system shall be able to apply Trifid encryption technique to text
message based on the value of “technique” variable
Source Supervisor
Rationale The system has to have multiple encryption techniques to encrypt the
text message before hiding it
Business Rule (if
required)
Dependencies None
Priority High

Identifier FR-23
Title Encrypt text message using Gromark cipher
Requirement The system shall be able to apply Four Square encryption technique
to text message based on the value of “technique” variable
Source Supervisor

21
Rationale The system has to have multiple encryption techniques to encrypt the
text message before hiding it
Business Rule (if
required)
Dependencies None
Priority High

Identifier FR-23
Title Encrypt text message using Phillips cipher
Requirement The system shall be able to apply Phillips encryption technique
(modified) to text message based on the value of “technique”
variable
Source Supervisor
Rationale The system has to have multiple encryption techniques to encrypt the
text message before hiding it
Business Rule (if
required)
Dependencies None
Priority High

Identifier FR-24
Title Generate integer pixel array from given text
Requirement The system shall be able to generate a 38 element integer array from
the encrypted text
Source Supervisor
Rationale Necessary to generate logo image
Business Rule (if
required)
Dependencies None
Priority High

Identifier FR-24

22
Title Generate array based on logistic map equation
Requirement The system shall be able to generate an array based on logistic map
equation
xn+1 = r * xn ( 1 – xn )
where xn = value of current array element
xn+1 = value of next array element
r = parameter that decides the generated values
Source Supervisor
Rationale Necessary to generate logo image
Business Rule (if
required)
Dependencies None
Priority High

Identifier FR-24
Title XOR pixel array with chaotic map array
Requirement The system shall be able to generate a logo image array by
performing XOR of pixel array and chaotic map array

Source Supervisor
Rationale Cipher text is converted into logo image to add an additional layer of
security
Business Rule (if
required)
Dependencies None
Priority High

Identifier FR-13
Title Choose Cover Image
Requirement
The user shall be able to choose a cover image from device storage

Source Supervisor
Rationale User selected cover image is necessary for the process

23
Business Rule (if
required)
Dependencies None
Priority High

Identifier FR-13
Title Take picture
Requirement
The user shall be able to take a picture to be chosen as cover image

Source Supervisor
Rationale User selected cover image is necessary for the process
Business Rule (if
required)
Dependencies None
Priority High

Identifier FR-13
Title Crop Cover Image
Requirement
The user shall be able to crop chosen image to a size between 100 x
100 pixels and 300 x 300 pixels

Source Supervisor
Rationale The cover image can be from 100 x 100 to 300 x 300 pixels so cropping
a larger image is necessary
Business Rule (if
required)
Dependencies None
Priority High

24
Identifier FR-25
Title Hide logo image in cover image
Requirement The system shall be able to hide the logo image into a cover image
Source Supervisor
Rationale Similar to logo image, this step adds yet another layer of security to the
system
Business Rule (if
required)
Dependencies None
Priority High

Identifier FR-25
Title Verify if audio file is large enough to hide the cover image
Requirement The system shall be able to hide the cover image in audio by checking
if silent zones (channels with values lower than a certain value) are
enough to store the image uploaded by user
Source Supervisor
Rationale To prevent undesirable output due to lack of space to hide
Business Rule (if
required)
Dependencies None
Priority High

Identifier FR-25
Title Verify number of audio file channels and bit depth
Requirement The system shall be able to ensure that the audio is only eligible for
hiding the cover image if
Source Supervisor
Rationale To prevent data overflow due to data type limitation
Business Rule (if
required)
Dependencies None

25
 Priority High

Identifier FR-26
Title Hide cover image in audio
Requirement The system shall be able modify the silent zones of audio to hide the
cover image into the silent zones
Source Supervisor
Rationale The image has to be hidden into the audio to complete the process
Business Rule (if
required)
Dependencies None
Priority High

Identifier FR-27
Title Combine audio with video to form output video
Requirement The system shall be able to combine audio with the selected video to
form the video with hidden data
Source Supervisor
Rationale After hiding data into the audio, the audio must be merged with the
video to generate the video i.e. the end result of hide process
Business Rule (if
required)
Dependencies None
Priority High

EXTRACTION

Identifier FR-22
Title Choose decryption technique
Requirement The system shall be able to choose cipher technique based on the
value of the “technique” variable which is set based on active zones
of audio
Source Supervisor

26
Rationale The system needs to be able to find out which technique was used for
encryption in order to decrypt it
Business Rule (if
required)
Dependencies None
Priority High

Identifier FR-29
Title Extract cover image from audio
Requirement The system shall be able to extract the cover image data from the
silent zones of the audio file
Source Supervisor
Rationale The system needs to extract cover image to extract the hidden message
in it
Business Rule (if
required)
Dependencies None
Priority High

Identifier FR-31
Title Extract logo image from cover image
Requirement The system shall be able to extract the logo image hidden in the cover
image extracted from audio file
Source Supervisor
Rationale Logo image is the message hidden in the form of image and hence to
find the hidden message we need to extract logo image first
Business Rule (if
required)
Dependencies None
Priority High

Identifier FR-32

27
Title Extract cipher text from logo image
Requirement The system shall be able to extract cipher text from the logo image
Source Supervisor
Rationale Extracting the cipher text is necessary to extract the message encrypted
within the cipher text
Business Rule (if
required)
Dependencies None
Priority High

Identifier FR-23
Title Decrypt cipher text using Tri Square cipher
Requirement The system shall be able to apply Tri Square decryption technique to
text message based on the value of “technique” variable
Source Supervisor
Rationale The system has to decrypt the message using the technique with which
it was originally encrypted
Business Rule (if
required)
Dependencies None
Priority High

Identifier FR-23
Title Decrypt cipher text using Vignere cipher
Requirement The system shall be able to apply Vignere decryption technique to
text message based on the value of “technique” variable
Source Supervisor
Rationale The system has to decrypt the message using the technique with which
it was originally encrypted
Business Rule (if
required)
Dependencies None
Priority High

28
Identifier FR-23
Title Decrypt cipher text using Four Square cipher
Requirement The system shall be able to apply Four Square decryption technique
to text message based on the value of “technique” variable
Source Supervisor
Rationale The system has to decrypt the message using the technique with which
it was originally encrypted
Business Rule (if
required)
Dependencies None
Priority High

Identifier FR-23
Title Decrypt cipher text using Digraph cipher
Requirement The system shall be able to apply Digraph decryption technique to
text message based on the value of “technique” variable
Source Supervisor
Rationale The system has to decrypt the message using the technique with which
it was originally encrypted
Business Rule (if
required)
Dependencies None
Priority High

Identifier FR-23
Title Decrypt cipher text using Quagmire IV cipher
Requirement The system shall be able to apply Quagmire IV decryption technique
to text message based on the value of “technique” variable
Source Supervisor
Rationale The system has to decrypt the message using the technique with which
it was originally encrypted
Business Rule (if
required)
Dependencies None
Priority High

29
Identifier FR-23
Title Decrypt cipher text using Condi cipher
Requirement The system shall be able to apply Condi decryption technique to text
message based on the value of “technique” variable
Source Supervisor
Rationale The system has to decrypt the message using the technique with which
it was originally encrypted
Business Rule (if
required)
Dependencies None
Priority High

Identifier FR-23
Title Decrypt cipher text using Compressocrat cipher
Requirement The system shall be able to apply Compressocrat decryption
technique to text message based on the value of “technique” variable
Source Supervisor
Rationale The system has to decrypt the message using the technique with which
it was originally encrypted
Business Rule (if
required)
Dependencies None
Priority High

Identifier FR-23
Title Decrypt cipher text using Trifid cipher
Requirement The system shall be able to apply Trifid decryption technique to text
message based on the value of “technique” variable
Source Supervisor
Rationale The system has to decrypt the message using the technique with which
it was originally encrypted
Business Rule (if
required)
Dependencies None

30
Priority High

Identifier FR-23
Title Decrypt cipher text using Gromark cipher
Requirement The system shall be able to apply Four Square decryption technique
to text message based on the value of “technique” variable
Source Supervisor
Rationale The system has to decrypt the message using the technique with which
it was originally encrypted
Business Rule (if
required)
Dependencies None
Priority High

Identifier FR-23
Title Decrypt cipher text using Phillips cipher
Requirement The system shall be able to apply Phillips decryption technique
(modified) to text message based on the value of “technique”
variable
Source Supervisor
Rationale The system has to decrypt the message using the technique with which
it was originally encrypted
Business Rule (if
required)
Dependencies None
Priority High

31
3.4 Non-Functional Requirements

3.4.1 Security
SEC-1: The system shall not allow any change in data while encryption or decryption

3.4.2 Reliability
REL-1: The system shall not fail but generate an error message in case of unexpected
circumstances

3.4.3 Efficiency
EFF-1. The system shall use minimal RAM and processing power to make sure it can run on older
mobile devices

4 Design and Architecture

The following parts of Software Design Description (SDD) report should be included in this
chapter.

4.1 System Architecture

32
4.2 Data Representation

4.3 Process Flow/Representation

System level:

33
Hide:

34
Extract:

35
36
4.4 Design Models

4.4.1 Structural Diagrams

4.4.1.1 Class diagram

37
4.4.2 Behavioral Diagrams
This section would present the behavior diagrams that show the dynamic behavior of the objects
in a system, which can be described as a series of changes to the system over time.

4.4.2.1 Activity diagram

38
4.4.2.2 Sequence diagram

Sequence diagram for hide data:

39
Sequence diagram for extract data:

40
5 Implementation

5.1 Algorithm

Algorithms used:
Tri square cipher
Vignere cipher
Four square cipher
Digraph cipher
Quagmire IV cipher
Condi cipher
Compressocrat cipher
Trifid cipher
Gromark cipher
Philips cipher (modified)

Main features:
Extract audio file from video / Merge audio file with video
Text encryption / Text decryption
Logo image generation / Extract text from logo image
Hide logo image in cover image / Extract logo image from cover image
Hide cover image in audio file / Extract cover image from audio file

5.2 External APIs

Describe the APIs used in the following table.

Table 5.1: Details of APIs used in the Project

FFMPEG Transcoding To handle media
Video scaling files such as audio
and video

5.3 User Interface

Details about user interface with descriptions will be presented in this section.

41
42
43
44
45
46
6 Testing and Evaluation
This chapter may include the following sections. (Students are required to perform the testing both
manually and automatedly).

6.1 Manual Testing

6.1.1 System Testing

Once the system has been successfully developed, testing has to be performed to ensure that the
system working as intended. This is also to check that the system meets the requirements stated
earlier. Besides that, system testing will help in finding the errors that may be hidden from the
user. There are few types of testing which includes the unit testing, functional testing and
integration testing. The testing must be completed before it is being deploy for user to use.

6.1.2 Unit Testing

Unit Testing 1: Enter

Testing Objective: To ensure the login form is working correctly.
Test Case Id: BU_001
Test Case Description: Test the login functionality.
Test Scenario: Verify on entering valid username and password, the user can login.

Table 6.1: Test Cases for Hide Data Button

No. Test Case/Test Script Test Data Expected Result Actual Pass/Fail/Not
Result Executed/
Suspended
1. Verify when user On Successfully enters As Pass
presses on the “Hide pressing the “choose the Expected
Button” on the main the Button video “ interface
menu interface.

Unit Testing 2: Choose Video

Testing Objective: To ensure that app shows browse window and then user chooses the video from
gallery once video is selected.
Test Case Id: 6.2

47
Test Case Description: Testing the choose video functionality from storage.
Test Scenario: once Select Video button is clicked the app opens the window from gallery.
Table 6.2: Test Cases for Choose Video
No. Test Case/Test Script Test Data Expected Result Actual Pass/Fail/Not
Result Executed/
Suspended
1. Verify when Select User Successfully opens As Pass
video button is clicked Interaction the gallery windows Expected
the gallery window with
must open. button.

Unit Testing 3: Extract Data

Testing Objective:
Test Case Id: 6.3
Test Case Description: This test case describes the process of extraction of data from the video file .
Test Scenario: The user extracts the data / hidden message from the video file
Table 6.3: Test Cases for Extract Data
No. Test Case/Test Script Test Data Expected Result Actual Pass/Fail/Not
Result Executed/
Suspended
1. Verify the extraction of Video File The hidden message As Pass
data from the video file is extracted from the Expected
selected video file

Unit Testing 4: Enter text message

Testing Objective: The text is added to the and app moves forward to next step.
Test Case Id: 6.4
Test Case Description: The user enters the message he/she wants to hide into the area specified. The
user can then confirm to move on to the next step.
Test Scenario: On entering the text the app moves forward.
Table 6.4: Test Cases for Enter text message
No. Test Case/Test Script Test Data Expected Result Actual Pass/Fail/Not
Result Executed/
Suspended

48
 1. Verify the text is saved Text New window As Pass
on the device and app opened Expected
moves forward.

Unit Testing 5: Choose an image

Testing Objective: To choose the image from the gallery.
Test Case Id: 6.5
Test Case Description: A user wants to upload a cover image to hide the logo image into.The
user selects the image from his/her device.
Test Scenario: That on deleting a company it is deleted from the database
Table 6.5: Test Cases for Choose an Image
No. Test Case/Test Script Test Data Expected Result Actual Pass/Fail/Not
Result Executed/
Suspended
1. The user selects the Button The image is As Pass
cover image from press chosen, and the user Expected
his/her device can confirm for
further processing

Unit Testing 6: “Extract Active Zones ”

Testing Objective: To extract the active zones of the audio.
Test Case Id: 6.6
Test Case Description: The system shall start the extraction and look for active zones inside the
audio.
Test Scenario: User Input Audio file and App extract the active zones inside the app.
Table 6.6: Test Cases for viewing analytics and reports
No. Test Case/Test Script Test Data Expected Result Actual Pass/Fail/Not
Result Executed/
Suspended
1. User Input Audio file Button Active and silence As Pass
and App extract the press zones are extracted Expected
active zones inside the
app.

49
7 Conclusion and Future Work

7.1 Conclusion
This section will summarize that how your project successfully solves the targeted problem. You
may summarize your key project results in a few sentences and use this summary to support your
conclusion. Also, include key facts from literature to explain your results as needed.

Our project successfully helps solve the issue of hiding data in a medium without having to worry
about someone figuring out whether data is hidden into the medium or not due the many layers of
steganography. Data hidden into the medium is kept safe from all except the most determined
persons and even if a person manages to extract the data, he/she will neither be able to determine
the nature of data nor the encryption applied to it.
Our project will help people hide sensitive messages into videos in such a way that they can only
be extracted using only our project. This way, even if an unintended party tries to extract the
message, they will not know what to use.

7.2 Future Work

This section will help in explaining the readers where you think the results can lead you. What
do you think are the next steps to take? Do you think certain paths seem to be more promising
than others?

This section should be petty short. The goal should not be to go into a bunch of details, but instead
just a sentence or two explaining each idea. It should just provide enough information as to a
possible further development path and why the path may be important.

Our project may be built upon to

50
8 References
References to any book, journal paper or website should properly be acknowledged. Please
consistently follow the style. The following are few examples of different resources i.e. journal
article, book, and website.

1. Lyda M.S. Lau, Jayne Curson, Richard Drew, Peter Dew and Christine Leigh, (1999), Use
Of VSP Resource Rooms to Support Group Work in a Learning Environment, ACM 99, pp-
2. (Journal paper example)

2. Hideyuki Nakanishi, Chikara Yoshida, Toshikazu Nishmora and TuruIshada, (1996),

FreeWalk: Supporting Casual Meetings in a Network, pp 308-314 (paper on web)
http://www.acm.org/pubs/articles/proceedings/cscw/240080/p308-nakanishi.pdf

3. Ali Behforooz& Frederick J.Hudson, (1996), Software Engineering Fundamentals, Oxford

University Press. Chapter 8, pp255-235. (book reference example)

4. Page Author, Page Title, http://www.bt.com/bttj/archive.htm, Last date accessed. (web site)

51