(Also check out my other hacks)

Hijacking Youtube to transmit your Data

A little while back I thought to myself “I wonder if I can hide secret data within youtube videos?”. I asked myself this question because sometimes I will be on a network and I am unable to do certain things (like download files) because the network won’t allow it. But that same network is totally fine with me watching youtube videos. If I could hijack youtube’s datastream, then I could transmit the data over youtube and access my data from the locked down network. To the outside observer, it would appear as if I were just watching Youtube.

After a bit of messing around I found that it was not difficult to innocuously write data into a Youtube video, upload it to the internet, and then download that data at a different location with 100% accuracy.

At the moment I implemented this hack, I realized that I could also pass any kind of information through this data stream and it would be nearly impossible to detect.

Why would they never detect me? Well it has to do with the amount of video data on the internet. Let’s say that I have one particular method for encoding the data within the video and youtube figures out my method. They must now use some kind of program to scan for “videos that may contain encrypted data”. Once they identify videos that might contain encrypted data, they can then begin to work on decrypting that data. The amount of video data on the internet is massive and it is growing at an exponential rate (the zeta-bytes of data they would have to sift through, I cant even imagine the headache). The computer power necessary to scan the internet’s data stream like this does not exist. On top of that, this approach that I explain below has millions, if not billions, of variants. You would need to scan for every single encoding pattern just to make sure you don’t miss some secret message. It’s absurb.

This is a fundamental hole in security with no logical workaround.

Problem

Video data accounts for a large percentage of the Internet’s bandwidth. YouTube, a video hosting and streaming service, allows individuals to upload videos for public viewing. Some videos have millions or hundreds of millions of views. If a video is copyright infringement or a violation of terms and conditions, it will likely be flagged and removed. Aside from these exceptions, almost any material can be posted to the website. Using very simple techniques, it has been demonstrated that information can be innocuously written into video data, uploaded to YouTube, and that the information and appearance of the underlying video data are preserved when downloaded from YouTube. There are three key points to this problem:

The methods necessary to encrypt the data are simple enough that hardware and software implementations could become widespread at low cost. No scanning technology exists to identify this method of encryption. The broadcasting nature of uploading a video makes it very hard to narrow down the intended recipient of the transmission.

These three points suggest that an unmonitored black market could exist within YouTube and other video hosting systems. If the methods of video encryption are not identified, than it will not be possible to develop the scanning technologies necessary to detect encrypted messages. Described in this post is a family of methods to encrypt information on top of video data, while maintaining the integrity of the video, and the associated hazards of these approaches.

Methodology

The following is one example of how you might encode information within video data. This is one approach within a family of methods that can allow for billions of variations. This approach is the Amplitude Modulation Video Encoding Method (AMVEM)

Step 1: Acquire non-copyrighted video data. This can be a video of anything that would not normally be flagged as inappropriate. In this example we will use a 1020×768 resolution video that was sampled at 30 frames per second.

Step 2: Frame deletion. Replace every even frame with a copy of the subsequent odd frame (i.e. if the video was 10 frames long and you were to list out the frames it would be 1 2 3 4 5 6 7 8 9 10. In this step we are replacing the even frames with a copy of the subsequent odd frames; now if we list out the frames we have 1 1 3 3 5 5 7 7 9 9.) This gives us two copies of the odd frames and deletes the even frames.

Step 3: Encryption key selection and encoding. A key must be assigned to control how the information will be written into the image. In this case, a static encoding mechanism is used (the same encoding scheme is applied throughout the entire video). For each pair of identical frames there is a control frame and an encoding frame. The control frame is unmodified. The encoding frame will be modified with a small amount of noise in a very specific way to encode bits of data. The encryption key for this method of encoding is as follows: to encode a 0, we will add noise to the top half of the image and subtract noise from the bottom half of the image. To encode a 1 we will subtract noise from the top half of the image and add noise to the bottom half of the image. This encoding mechanism encodes 1 bit of data per every 2 frames. Therefore, for a 30 frames/second video, a 15 bit/s transfer rate is obtained. The amplitude of the noise can be adjusted until the user finds the correct balance of transmission accuracy and encryption transparency.

Step 4: Decoding. The video data is collected from YouTube and the encoding frames are subtracted from the control frames. The decoder then uses the encryption key to figure out that the top and bottom of the image are regions of interest (A and B as shown in the figure below). By comparing the values of A and B, the decoder can detect whether a 1 or 0 was written into the frame pair.

Conclusion

Experiments found that 100% transmission accuracy could be obtained with minimal video distortion. At 15 bits/second paragraphs of text can be sent in a video that is just a few minutes long and entire images can be sent in longer videos. The amount of video footage uploaded to the internet is growing more each day. It may never be possible to prevent this kind of encryption long term as the processing power necessary to decode the transmissions will grow as a function of the amount of video uploaded to the internet.

See this video below. If someone can figure out what I wrote into this video I will give you a cookie.

For some Matlab code and help getting started, email me banmeihack@gmail.com