Abstract
PE (Portable executable) file is a standard format for executable file and is applied extensively. PE file has diversity, uncertainty of file size, complexity of file structure and singleness of file format, which make PE file easy to be a carrier of information hiding, especially for that of large hiding capacity. A novel software information hiding algorithm is proposed, which makes full use of display characteristics of palette icon of portable executable file. In this algorithm, the information is embedded into the transparent area of the icon by taking advantage of the redundant color items in the palette. The experimental results show that after embedding the information, the size of the icon remains unchanged, that is, the size of the resource section will not change, and the size of the PE file will not change. On the other hand, the icon with embedded data can be correctly analyzed and displayed without any distortion. PE file can run normally, and does not affect the performance of the program, so the algorithm has good concealment. The algorithm selects an index value whose color is black according to rules in the XOR bitmap, these index values are encoded for information hiding, its complexity is low. At the same time, we can further improve the hiding capacity by adding one or more icons to PE file.
Highlights
PE file is a standard Windows executable file format [1], which originates from the version of the UnixCOFF (Common Object File Format) file format
In order to achieve covert communication of PE file without affecting the performance of the program nor increasing the length of the program, this paper proposes a new software information hiding algorithm based on PE file icon resource by deeply analyzing the principle of palette icon transparency display and making full use of the transparent display characteristics of PE file icon resources
Anti-attack: The algorithm utilizes the redundant data of palette icon to hide the secret information into the transparent areas of PE file icon resources and the AND bitmap area
Summary
PE file is a standard Windows executable file format [1], which originates from the version of the Unix. In order to achieve covert communication of PE file without affecting the performance of the program nor increasing the length of the program, this paper proposes a new software information hiding algorithm based on PE file icon resource by deeply analyzing the principle of palette icon transparency display and making full use of the transparent display characteristics of PE file icon resources. To make the user’s interface more attractive and achieve a better visual effect, PE file contains a large number of multimedia resources as the design materials, including bitmaps, icons, menus, text resources, dialog template, GIF animations, and WAVE sound, and etc These multimedia software resources are compiled into the binary information and stored in the resource section of PE file. It is divided into 5 layers, namely, the directory of resource type, the directory of resource ID (Identity Document), resources, code page directory of resources, resource description information entry and resource data
Sign-in/Register to view highlights & summary 
Published Version (
Free)
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call