A study on the false positive ratio of Stegdetect

Omed Khalind, Julio Hernandez-Castro, Benjamin Aziz

Research output: Contribution to journalArticlepeer-review

974 Downloads (Pure)

Abstract

In this paper we analyse Stegdetect, one of the well-known image steganalysis tools, to study its false positive ratio. In doing so, we process more than 40,000 image files randomly downloaded from the internet using Google images, together with 25,000 images from the ASIRRA (Animal Species Image Recognition for Restricting Access) public corpus. The aim of this study is to help digital forensic analysts aiming to study a large number of image files during an investigation. The results obtained shows that the ratio of false positive generated by Stegdetect depends highly on setting the sensitivity value, and it is generally quite high. This should inform the forensic expert and help to better interpret results, particularly false positives. Additionally, we have provided a detailed statistical analysis for the obtained results to study the difference in ‘difference in detection’ between selected groups, close groups and different groups, of images. This method can be applied to any other steganalysis tools, which gives the analyst a better understanding of the results, especially when he has no prior information about the false positive ratio of the selected tool.
Original languageEnglish
Pages (from-to)235-245
Number of pages11
JournalDigital Investigation
Volume9
Issue number3-4
DOIs
Publication statusPublished - Feb 2013

Keywords

  • Stegdetect
  • steganalysis
  • steganography
  • digital forensics
  • computer forensics
  • detection
  • false positive

Fingerprint

Dive into the research topics of 'A study on the false positive ratio of Stegdetect'. Together they form a unique fingerprint.

Cite this