Stegoslayer: A Robust Browser-Integrated Approach for Thwarting Stegomalware

Rushikesh Kawale; Sarath Babu; Virendra Singh

doi:10.5220/0013509200003979

Stegoslayer: A Robust Browser-Integrated Approach for Thwarting Stegomalware

Rushikesh Kawale, Sarath Babu, Virendra Singh

2025

Abstract

Over the years, various threat groups (APTs) have exploited innocuous-looking images as carriers for malware payloads, data exfiltration, and covert command and control communication by utilizing steganographic and polyglot techniques. Due to the widespread use of browsers as entry points to the internet, they have become the primary targets of online attacks. The attackers use the browser as an initial vector for carrying out steganographic-based attacks due to the browser’s ability to execute JavaScript. Attackers leverage this feature to extract and run hidden payloads from polyglot and steganographic media. To the best of our knowledge, no existing work prevents stegomalware attacks exploiting web-browser vulnerabilities, even though modern browsers remain susceptible to such attacks. Thus, to counter stegomalware attacks, we propose a steganographic attack prevention algorithm, Stegoslayer. Stegoslayer is an image-cleaning web extension and technique that ensures the image is free of malicious content while maintaining its quality. We performed functional tests against F5, Outguess and Openstego steganographic algorithm and stegosploit stegomalware. Further, we analyzed the performance of Stegoslayer against the state-of-the-art prevention method, Stegowiper. The results indicate that the output image of Stegoslayer has 20% better PSNR value than stegowiper.

Download

Paper Citation

in Harvard Style

Kawale R., Babu S. and Singh V. (2025). Stegoslayer: A Robust Browser-Integrated Approach for Thwarting Stegomalware. In Proceedings of the 22nd International Conference on Security and Cryptography - Volume 1: SECRYPT; ISBN 978-989-758-760-3, SciTePress, pages 601-606. DOI: 10.5220/0013509200003979

in Bibtex Style

@conference{secrypt25,
author={Rushikesh Kawale and Sarath Babu and Virendra Singh},
title={Stegoslayer: A Robust Browser-Integrated Approach for Thwarting Stegomalware},
booktitle={Proceedings of the 22nd International Conference on Security and Cryptography - Volume 1: SECRYPT},
year={2025},
pages={601-606},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0013509200003979},
isbn={978-989-758-760-3},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 22nd International Conference on Security and Cryptography - Volume 1: SECRYPT
TI - Stegoslayer: A Robust Browser-Integrated Approach for Thwarting Stegomalware
SN - 978-989-758-760-3
AU - Kawale R.
AU - Babu S.
AU - Singh V.
PY - 2025
SP - 601
EP - 606
DO - 10.5220/0013509200003979
PB - SciTePress