CUING 2023

The 7th International Workshop on Criminal Use of Information Hiding

to be held in conjunction with the 18th International Conference on Availability, Reliability and Security
(ARES 2023 –

August 29 – September 01, 2023

With the constant rise of the number of Internet users, available bandwidth and an increasing number of services shifting into the connected world, criminals are increasingly active in the virtual world. With improving defensive methods cybercriminals have to utilize more and more sophisticated ways to perform their malicious activities. While protecting the privacy of users, many technologies used in current malware and network attacks have been abused in order to allow criminals to carry out their activities undetected. This poses a lot of new challenges for digital forensics analysts, academics, law enforcement agencies (LEAs), and security professionals.

The aim of the International Workshop on Criminal Use of Information Hiding (CUIng) is to bring together researchers, practitioners, law enforcement representatives, and security professionals in the area of analysis of information hiding. However data hiding is understood here in a wider manner than in the academic world i.e. all techniques that pertain to camouflaging/masking/hiding various types of data (e.g. identities, behavior, communication, etc.) are included here. This means not only digital steganography/covert channels but also obfuscation/anti-forensics techniques and even underground networks (darknets) or activities related to behavior impersonation or mimicking. This will allow to present a more complete picture on novel research regarding the use of data and communication hiding methods in criminal environments and discuss ideas for fighting misuse of privacy enhancing technologies.

Moreover, this year the CUING workshop is co-organized together with the SIMARGL (Secure Intelligent Methods for Advanced RecoGnition of malware and stegomalware) and DISSIMILAR (Detection of fake newS on SocIal MedIa pLAtfoRms) projects.

Moreover, the extended versions of all accepted papers will be considered for publication in a special issue of the Journal of Cyber Security and Mobility (Indexed in Scopus,

Workshop Chairs

Wojciech Mazurczyk
Warsaw University of Technology, Poland

Philipp Amann
Europol, European Cybercrime Centre, The Netherlands

Jart Armin
CyberDefcon, The Netherlands

Angelo Consoli
Scuola universitaria professionale della Svizzera italiana (SUPSI), Switzerland

Peter Kieseberg
FH St. Pölten, Austria

Joerg Keller
FernUniversität in Hagen, Germany


Milad Taleby Ahvanooey, Nanjing University, China
Soumya Banerjee, CNAM-CEDRIC LAB, INRIA-EVA, Paris, France
Krzysztof Cabaj, Warsaw University of Technology, Poland
Luca Caviglione, IMATI CNR, Italy+
Michal Choras, Bydgoszcz University of Science and Technology, Poland
Marco Cremonini, University of Milan, Italy
Jana Dittmann, Otto-von-Guericke University Magdeburg, Germany
Mattia Epifani, CNR, Italy
Mordechai Guri, Ben-Gurion University of the Negev, Israel
Stefan Katzenbeisser, TU Darmstadt, Germany
Zbigniew Kotulski, Warsaw University of Technology, Poland
Rafal Kozik, Bydgoszcz University of Science and Technology, Poland
Christian Kraetzer, Otto-von-Guericke University Magdeburg, Germany
Minoru Kuribayashi, Okayama University, Japan
Jean-Francois Lalande, CentraleSupélec, France
Daniel Lerch-Hostalot, Universitat Oberta de Catalunya, Spain
Shujun Li, University of Kent, UK
David Megias, Universitat Oberta de Catalunya, Spain
Aleksandra Mileva, University Goce Delcev, Republic of Macedonia
Marek Pawlicki, Bydgoszcz University of Science and Technology, Poland
Zbigniew Piotrowski, Military University of Technology, Poland
Pawel Rajba, University of Wroclaw, Poland
Martin Steinebach, Fraunhofer SIT, Germany
Hui Tian, National Huaqiao University, China
Steffen Wendzel, Worms University of Applied Sciences and Fraunhofer FKIE, Germany
Tanja Zseby, Vienna University of Technology, Austria

Martin Steinebach

© Martin Steinebach

Prof. Martin Steinebach
Fraunhofer Institute, Germany

Error Rates in Multimedia Forensics

The keynote will address the critical importance of false positive rates in multimedia forensics, a field dedicated to the identification, classification, and authentication of digital content. While the field has historically focused on true positives, this talk aims to highlight the importance of false positives and their impact on forensic investigations and other applications.
The talk will explore the causes of false positives, including limitations of forensic techniques, algorithmic biases, and the inherent complexity of multimedia analysis. It will emphasize the trade-off between false positives and false negatives, and the need for a balanced approach that is appropriate for a given application. The requirements can be very different between monitoring solutions such as upload filters or chat control on the one hand and individual analysis on the other. Steganalysis is another good example: error rates and their consequences depend heavily on the goals of a steganalysis application. While searching for occurrences of the use of simple steganographic tools may allow acceptable error rates, broad monitoring of state-of-the-art embedders with realistic payloads and usage frequencies seems to be at least challenging.
Overall, this talk aims to raise awareness of the importance of false positive rates in multimedia security and to inspire the audience to contribute to the advancement of reliable and fair forensic practices in an increasingly digital world.

Martin Steinebach heads the Media Security and IT Forensics department at the Fraunhofer Institute for Secure Information Technology SIT. He studied computer science at the TU Darmstadt from 1992 to 1999. In 2003, he received his PhD in Computer Science from the TU Darmstadt with the topic of digital audio watermarking. In March 2002, he became head of the MERIT department at Fraunhofer IPSI, which dealt with media data security, and of the C4M Competence Center for Media Security.
In 2007, following the dissolution of Fraunhofer IPSI, he moved to Fraunhofer SIT, where he first headed a group on media security and then became head of the Media Security and Forensics department in January 2010. Since November 2016, he has been an honorary professor at TU Darmstadt. Since 2019, Martin Steinebach has also been Principal Investigator at the National Research Center for Applied Cyber Security ATHENE, where he leads the research areas “Reliable and Verifiable Information through Secure Media (REVISE)” and “Security and Privacy in Artificial Intelligence (SenPAI)”. With his work on the ForBild project, Martin Steinebach and his colleagues won second place in the 2012 IT Security Award of the Horst Görtz Foundation. He leads numerous projects on IT forensics and media security for industry and the public sector. He is the author of more than 250 technical publications.