As a preliminary, we introduce some basic terminology, which will be used in the remainder of the paper. Even if the creation of a non- ambiguous vocabulary for steganographic applications is outside the scope of this work, reducing possible confusions or overloading of terms is fundamental to not void the efficiency and expressiveness of the taxonomy. Specifically, the term modifiable object we define as the general object type that will be used to contain the secret information. The process of hiding data within the cover depends on the used mechanism or pattern. In the following, we refer to such a process as embedding, injecting or hiding. The term modulating will be used in case of ambiguities, especially to highlight that the secret information is not directly stored but encoded by means of variations of the cover object. The amount of data that can be hidden will be denoted as the capacity. In general, patterns can be used both to describe the process of hiding information for storage purposes as well as to secretly move data among two endpoints. To avoid burdening the text, when the “transmissional” nature of the embedding process is not obvious, we will explicitly identify the covert sender and receiving side as to emphasize the origin and the destination of the steganographic communication. For the specific case of defining the taxonomy as well as to describe patterns, the following formal definitions have been introduced:
|Event||a (timed or forced) appearance, which can be composed of several elements||1) the appearance of a predefined character sequence;
2) a predefined specific sound in a video;
3) network connection establishment, reset or disconnection.
|Element||represents a single unit of a whole sequence||1) a word/character of a text;
2) a pixel of an image;
3) a network packet of the whole flow.
|Feature||characterizes a property of an element to be modulated||1) the color of a character;
2) the attribute of a tag in vector graphics;
3) the field / the size of a network packet.
|Interval||specifies the temporal gap between two events||1) the duration of an audio file;
2) the time between sending a message and receiving the related acknowledgement.
|State/Value||denotes a non-temporal numerical or
positional quantity of an element, feature, or event
|1) the values of TCP header fields (feature value);
2) the x-y-z coordinates of a player in a 3D game.