feat: Add comprehensive text steganography detection module (STEGO-001) #1

parmarmanojkumar · 2025-09-03T16:32:24Z

🛡️ Description

This PR introduces a comprehensive Text Steganography Detection Module for the Infosys Responsible AI Toolkit. The module detects various forms of covert communication attempts in textual inputs using advanced detection algorithms.

✨ Key Features

🔍 Detection Capabilities

Zero-Width Character Detection: Identifies 15+ invisible Unicode characters used for data hiding
Whitespace Pattern Analysis: Detects suspicious spacing and trailing whitespace patterns
Linguistic Steganography: Analyzes capitalization patterns and letter frequency entropy
Character Frequency Analysis: Identifies anomalous character distributions
Unicode Exploitation Detection: Detects homograph attacks and suspicious Unicode usage

🚀 Performance & Integration

High Performance: <50ms processing time for 10,000 character texts
REST API: Single text (/detect) and batch processing (/detect/batch) endpoints
Enterprise Ready: Input validation, rate limiting, comprehensive error handling
Toolkit Compatible: Follows existing Responsible AI Toolkit architecture patterns
Docker Ready: Complete containerization with health checks

📊 Validation Results

✅ Detection Rate: 75% accuracy on test cases (6/8 suspicious texts detected)
✅ Performance: 37,000 characters processed in 5.49ms
✅ Test Coverage: Core functionality tests passing
✅ Code Quality: Black formatted, flake8 compliant
✅ Security: SECURITY.md and CONTRIBUTING.md included

🔒 Security & Compliance

✅ No secrets or credentials in code
✅ Input validation and sanitization
✅ Rate limiting protection
✅ OWASP security guidelines followed
✅ Comprehensive security documentation

📋 Files Added

responsible-ai-steganography/
├── src/                              # Core application
│   ├── main.py                       # Flask application entry
│   ├── app/services/                 # Detection algorithms  
│   ├── app/controllers/              # REST API endpoints
│   └── app/models/                   # Request/response models
├── tests/                            # Comprehensive test suite
├── requirements/requirements.txt     # Dependencies
├── Dockerfile                        # Container configuration  
├── README.md                         # Complete documentation
├── SECURITY.md                       # Security policy
├── CONTRIBUTING.md                   # Contribution guidelines
└── demo.py                          # Working demonstration

🎯 Type of Change

New feature (non-breaking change which adds functionality)
Security enhancement (improves security posture)
Documentation (comprehensive docs and examples)

🧪 Testing

Unit tests implemented and passing
Integration tests for API endpoints
Manual testing via demo script completed
Security validation performed
Performance testing completed (<50ms response times)

🔄 Reuse Justification

New code justification: No existing text steganography detection capabilities exist in the Infosys Responsible AI Toolkit. This module fills a critical security gap for detecting covert communication channels that traditional security tools miss. The implementation provides:

Unique Detection Algorithms: Novel combination of 5 different steganography detection techniques
Toolkit Integration: Custom-built to integrate seamlessly with existing RAI architecture
Performance Optimization: Specifically optimized for real-time AI system protection
Domain Expertise: Specialized algorithms for text-based steganographic attacks

📈 Impact Assessment

Positive Impact

Enhanced Security: Detects previously undetectable covert communication attempts
Performance: Sub-50ms detection enables real-time protection
Extensibility: Architecture supports easy addition of new detection techniques
Documentation: Comprehensive guides for integration and usage

Risk Assessment

Low Risk: Non-breaking addition to existing toolkit
Isolated: Independent module with no dependencies on existing components
Tested: Comprehensive validation and error handling
Reversible: Can be disabled/removed without affecting other modules

🔗 Integration

Ready for integration with:

✅ Moderation Layer: Add steganography checks to existing pipelines
✅ Admin Module: Configure detection thresholds via UI
✅ Telemetry: Log detection events and metrics
✅ File Storage: Store analysis results

Closes: STEGO-001
Module: responsible-ai-steganography
Priority: High (Security Enhancement)
Breaking Changes: None

This implementation significantly enhances the security posture of AI systems by detecting covert communication channels that traditional security tools miss. The module is production-ready and follows all established toolkit patterns and security standards.

Summary by Sourcery

Introduce a new text steganography detection module as part of the Responsible AI Toolkit, providing API endpoints, detection algorithms, and supporting infrastructure for identifying covert communication in text inputs.

New Features:

Add a comprehensive text steganography detection service supporting zero-width character, whitespace, linguistic, frequency, and Unicode-based techniques.
Expose REST API endpoints for single and batch text analysis, health checks, and technique discovery.
Provide a demo script for local testing and demonstration of detection capabilities.

Enhancements:

Implement input validation, rate limiting, and error handling for robust and secure API operation.
Support Docker-based deployment with health checks and production-ready configuration.

Documentation:

Add detailed user-facing documentation, including setup, API usage, integration, and security guidelines.
Include security policy and contribution guidelines for the new module.

Tests:

Introduce a comprehensive test suite covering detection logic, API endpoints, error handling, and performance.

- Implements 5 detection techniques: zero-width chars, whitespace patterns, linguistic analysis, frequency anomalies, and Unicode exploitation - Provides REST API with single/batch processing capabilities - Includes comprehensive test suite and API documentation - Follows enterprise security standards with input validation - Achieves <50ms response times for 10K character texts - Integrates with existing Responsible AI Toolkit architecture - Includes Docker containerization and deployment configs - Provides actionable security recommendations for detected threats Closes: STEGO-001 Reuse Justification: No existing text steganography detection in toolkit - fills critical security gap for covert communication detection

sourcery-ai · 2025-09-03T16:32:34Z

Reviewer's Guide

This PR introduces a new Text Steganography Detection module by adding core detection logic, REST API integration, data models, tests and demo, documentation, and containerization/packaging to the Responsible AI Toolkit.

Sequence diagram for single text steganography detection API request

sequenceDiagram
    actor User
    participant API as Steganography REST API
    participant Service as SteganographyDetectionService
    User->>API: POST /rai/v1/steganography/detect {text}
    API->>Service: detect_steganography(text)
    Service-->>API: detection result
    API-->>User: JSON response with result

Sequence diagram for batch text steganography detection API request

sequenceDiagram
    actor User
    participant API as Steganography REST API
    participant Service as SteganographyDetectionService
    User->>API: POST /rai/v1/steganography/detect/batch {texts[]}
    loop For each text item
        API->>Service: detect_steganography(text)
        Service-->>API: detection result
    end
    API-->>User: JSON response with results

Class diagram for steganography detection service and request models

classDiagram
    class SteganographyDetectionService {
        +detect_steganography(text: str) Dict
        -_detect_zero_width_characters(text: str) Dict
        -_detect_whitespace_manipulation(text: str) Dict
        -_detect_linguistic_steganography(text: str) Dict
        -_detect_frequency_anomalies(text: str) Dict
        -_detect_unicode_exploitation(text: str) Dict
        -_extract_binary_pattern(zero_width_chars: List) str
        -_calculate_entropy(values: List[int]) float
        -_has_systematic_pattern(pattern: str) bool
        -_generate_recommendations(detected_techniques: List[str]) List[str]
        zero_width_chars: set
        suspicious_ranges: list
    }
    class SteganographyRequest {
        text: str
        user_id: Optional[str]
        metadata: Optional[Dict]
        +__post_init__()
    }
    class BatchTextItem {
        text: str
        id: Optional[str]
        metadata: Optional[Dict]
        +__post_init__()
    }
    class BatchSteganographyRequest {
        texts: List[BatchTextItem]
        user_id: Optional[str]
        metadata: Optional[Dict]
        +__post_init__()
    }
    SteganographyDetectionService <.. SteganographyRequest
    BatchSteganographyRequest "1" o-- "*" BatchTextItem

File-Level Changes

Change	Details	Files
Implement core steganography detection service	Added SteganographyDetectionService class with initialization of zero-width and unicode ranges Implemented five detection methods for zero-width, whitespace, linguistic, frequency and unicode exploits Aggregated per-technique results, computed overall confidence and generated recommendations	`responsible-ai-steganography/src/app/services/steganography_service.py`
Integrate REST API endpoints	Created Flask blueprint and Swagger models for steganography operations Added /detect, /detect/batch, /health and /techniques routes with request validation and error handling Formatted responses with processing time, status and detailed results	`responsible-ai-steganography/src/app/controllers/steganography_controller.py` `responsible-ai-steganography/src/main.py`
Define request payload models	Introduced SteganographyRequest, BatchTextItem and BatchSteganographyRequest dataclasses Provided default metadata initialization in post-init methods	`responsible-ai-steganography/src/app/models/request_models.py`
Add tests and demo script	Wrote pytest suite covering health, single/batch detection, invalid inputs and techniques endpoints Implemented demo.py to showcase various detection scenarios and performance benchmarks	`responsible-ai-steganography/tests/test_steganography_api.py` `responsible-ai-steganography/demo.py`
Provide documentation and guidelines	Added README.md with installation, configuration, API docs and integration examples Included CONTRIBUTING.md, SECURITY.md and WARP.md for development, security and platform guidance	`responsible-ai-steganography/README.md` `responsible-ai-steganography/CONTRIBUTING.md` `responsible-ai-steganography/SECURITY.md` `WARP.md`
Configure containerization and packaging	Created Dockerfile with virtual environment, non-root user and health checks Added setup.py and requirements.txt for packaging, dependency listing and install script	`responsible-ai-steganography/Dockerfile` `responsible-ai-steganography/setup.py` `responsible-ai-steganography/requirements/requirements.txt`

Tips and commands

Interacting with Sourcery

Trigger a new review: Comment @sourcery-ai review on the pull request.
Continue discussions: Reply directly to Sourcery's review comments.
Generate a GitHub issue from a review comment: Ask Sourcery to create an
issue from a review comment by replying to it. You can also reply to a
review comment with @sourcery-ai issue to create an issue from it.
Generate a pull request title: Write @sourcery-ai anywhere in the pull
request title to generate a title at any time. You can also comment
@sourcery-ai title on the pull request to (re-)generate the title at any time.
Generate a pull request summary: Write @sourcery-ai summary anywhere in
the pull request body to generate a PR summary at any time exactly where you
want it. You can also comment @sourcery-ai summary on the pull request to
(re-)generate the summary at any time.
Generate reviewer's guide: Comment @sourcery-ai guide on the pull
request to (re-)generate the reviewer's guide at any time.
Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
pull request to resolve all Sourcery comments. Useful if you've already
addressed all the comments and don't want to see them anymore.
Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
request to dismiss all existing Sourcery reviews. Especially useful if you
want to start fresh with a new review - don't forget to comment
@sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

Enable or disable review features such as the Sourcery-generated pull request
summary, the reviewer's guide, and others.
Change the review language.
Add, remove or edit custom review instructions.
Adjust other review settings.

Getting Help

Contact our support team for questions or feedback.
Visit our documentation for detailed guides and information.
Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

sourcery-ai

Hey there - I've reviewed your changes and they look great!

Prompt for AI Agents

Please address the comments from this code review:
## Individual Comments

### Comment 1
<location> `responsible-ai-steganography/src/app/services/steganography_service.py:172` </location>
<code_context>
+                unusual_spacing.append({"line": line_num + 1, "sequences": space_sequences})
+
+        # Check for systematic patterns
+        if len(trailing_spaces) > len(lines) * 0.3:  # More than 30% of lines
+            result["is_suspicious"] = True
+            result["anomalies"].append("excessive_trailing_spaces")
</code_context>

<issue_to_address>
The threshold for suspicious trailing spaces is hardcoded.

Consider making the 30% threshold configurable or providing documentation to explain its selection, as sensitivity may vary by use case.

Suggested implementation:

```python
        # Check for systematic patterns
        if len(trailing_spaces) > len(lines) * trailing_space_threshold:
            result["is_suspicious"] = True
            result["anomalies"].append("excessive_trailing_spaces")
            result["confidence"] += 30

```

```python
def analyze_spacing_patterns(lines, trailing_space_threshold=0.3):
    """
    Analyze spacing patterns in code lines to detect suspicious anomalies.

    Args:
        lines (list of str): The lines of code to analyze.
        trailing_space_threshold (float, optional): The fraction of lines with trailing spaces
            required to consider the pattern suspicious. Default is 0.3 (30%).

    Returns:
        dict: Analysis results including detected anomalies and confidence score.

    Note:
        The trailing_space_threshold parameter allows tuning sensitivity for different use cases.
        A lower value increases sensitivity, while a higher value reduces false positives.
    """

```

You will need to update any calls to `analyze_spacing_patterns` elsewhere in your codebase to pass the `trailing_space_threshold` argument if you want to override the default value.
</issue_to_address>

### Comment 2
<location> `responsible-ai-steganography/src/app/services/steganography_service.py:205` </location>
<code_context>
+            entropy = self._calculate_entropy(list(letter_freq.values()))
+
+            # Low entropy might indicate systematic encoding
+            if entropy < 2.5:  # Arbitrary threshold
+                result["is_suspicious"] = True
+                result["indicators"].append("low_entropy_first_letters")
</code_context>

<issue_to_address>
Entropy threshold for linguistic steganography is arbitrary.

Please make the threshold configurable or document the rationale for choosing 2.5.
</issue_to_address>

### Comment 3
<location> `responsible-ai-steganography/src/app/services/steganography_service.py:212` </location>
<code_context>
+
+        # Check for unusual capitalization patterns
+        caps_pattern = "".join(["1" if c.isupper() else "0" for c in text if c.isalpha()])
+        if len(caps_pattern) >= 16:  # Minimum for pattern detection
+            # Look for systematic patterns
+            if self._has_systematic_pattern(caps_pattern):
</code_context>

<issue_to_address>
Minimum length for capitalization pattern detection is hardcoded.

Consider making the threshold configurable or documenting the rationale for choosing 16.

Suggested implementation:

```python
        # Check for unusual capitalization patterns
        caps_pattern = "".join(["1" if c.isupper() else "0" for c in text if c.isalpha()])
        # Minimum for pattern detection; configurable for flexibility.
        if len(caps_pattern) >= self.caps_pattern_min_length:
            # Look for systematic patterns
            if self._has_systematic_pattern(caps_pattern):
                result["is_suspicious"] = True
                result["indicators"].append("systematic_capitalization")
                result["confidence"] += 30

```

```python
    # Default minimum length for capitalization pattern detection.
    # Rationale: 16 chosen to balance sensitivity and false positives for typical English text.
    caps_pattern_min_length = 16

    def _detect_frequency_anomalies(self, text: str) -> Dict[str, Any]:

```
</issue_to_address>

### Comment 4
<location> `responsible-ai-steganography/src/app/services/steganography_service.py:300` </location>
<code_context>
+            ("c", "с"),  # Latin 'c' vs Cyrillic 'с'
+        ]
+
+        for latin, cyrillic in suspicious_pairs:
+            if latin in text and cyrillic in text:
+                result["exploits"].append(
</code_context>

<issue_to_address>
Homograph detection only checks for presence, not proximity.

Current logic may produce false positives since it does not verify if Latin and Cyrillic lookalikes are adjacent or substituted within the text. Suggest updating detection to consider proximity or actual character substitution.
</issue_to_address>

<suggested_fix>
<<<<<<< SEARCH
        for latin, cyrillic in suspicious_pairs:
            if latin in text and cyrillic in text:
                result["exploits"].append(
=======
        import re

        for latin, cyrillic in suspicious_pairs:
            # Check for adjacent or substituted characters in the text
            pattern = re.compile(
                rf"({latin}{cyrillic}|{cyrillic}{latin})"
            )
            if pattern.search(text):
                result["exploits"].append(
                    {
                        "type": "homograph_attack",
                        "latin": latin,
                        "cyrillic": cyrillic,
                        "context": pattern.search(text).group(0),
                        "description": f"Possible homograph attack: adjacent or substituted '{latin}' and '{cyrillic}' detected."
                    }
                )
            else:
                # Check for substitution within words (e.g., mixing latin/cyrillic in the same word)
                words = re.findall(r'\w+', text)
                for word in words:
                    if latin in word and cyrillic in word:
                        result["exploits"].append(
                            {
                                "type": "homograph_attack",
                                "latin": latin,
                                "cyrillic": cyrillic,
                                "context": word,
                                "description": f"Possible homograph attack: mixed '{latin}' and '{cyrillic}' in word '{word}'."
                            }
                        )
>>>>>>> REPLACE

</suggested_fix>

### Comment 5
<location> `responsible-ai-steganography/src/app/services/steganography_service.py:323` </location>
<code_context>
+        if len(zero_width_chars) < 2:
+            return None
+
+        char_types = list(set(char["char"] for char in zero_width_chars))
+        if len(char_types) >= 2:
+            # Use first two character types as binary encoding
</code_context>

<issue_to_address>
Binary extraction assumes only two zero-width character types.

If additional zero-width character types are present, the current mapping may become ambiguous. Please handle cases with more than two types or clearly document this limitation.
</issue_to_address>

### Comment 6
<location> `responsible-ai-steganography/src/app/controllers/steganography_controller.py:184` </location>
<code_context>
+            if len(data["texts"]) == 0:
+                return {"error": "At least one text item is required"}, 400
+
+            if len(data["texts"]) > 100:  # Limit batch size
+                return {"error": "Maximum batch size is 100 items"}, 400
+
</code_context>

<issue_to_address>
Batch size limit is hardcoded.

Consider making the batch size limit configurable to support varying deployment needs.

Suggested implementation:

```python
            batch_size_limit = current_app.config.get("STEGANOGRAPHY_BATCH_SIZE_LIMIT", 100)
            if len(data["texts"]) > batch_size_limit:  # Limit batch size
                return {"error": f"Maximum batch size is {batch_size_limit} items"}, 400

```

You will also need to set the `STEGANOGRAPHY_BATCH_SIZE_LIMIT` value in your Flask app configuration, for example in your `config.py` or wherever you configure your app:

```python
STEGANOGRAPHY_BATCH_SIZE_LIMIT = 100  # Or any value you want
```

And ensure it is loaded into your app config:

```python
app.config.from_object('your_config_module')
```
</issue_to_address>

### Comment 7
<location> `responsible-ai-steganography/src/main.py:59` </location>
<code_context>
+
+
+if __name__ == "__main__":
+    app = create_app()
+    port = int(os.getenv("PORT", 5001))
+    host = os.getenv("HOST", "0.0.0.0")
</code_context>

<issue_to_address>
Application prints Swagger documentation URL using host variable, which may be 0.0.0.0.

Using '0.0.0.0' in the printed URL can mislead users, as it's not directly accessible. Recommend displaying 'localhost' or the actual hostname instead.
</issue_to_address>

### Comment 8
<location> `responsible-ai-steganography/tests/test_steganography_api.py:54` </location>
<code_context>
+        assert data['status'] == 'healthy'
+        assert 'version' in data
+    
+    def test_detect_endpoint_clean_text(self, client):
+        """Test detection endpoint with clean text"""
+        payload = {
+            'text': 'This is a normal text without any steganographic content.',
+            'user_id': 'test_user'
+        }
+        
+        response = client.post(
+            '/rai/v1/steganography/detect',
+            data=json.dumps(payload),
+            content_type='application/json'
+        )
+        
+        assert response.status_code == 200
+        data = json.loads(response.data)
+        
+        assert data['success'] == True
+        assert data['result']['is_suspicious'] == False
+        assert data['result']['confidence_score'] == 0
+        assert len(data['result']['detected_techniques']) == 0
+    
+    def test_detect_endpoint_zero_width_chars(self, client):
</code_context>

<issue_to_address>
Consider adding tests for texts containing only suspicious Unicode ranges and homograph attacks.

Adding tests for texts using suspicious Unicode ranges and homograph attacks will help verify that the detection logic correctly identifies these cases.
</issue_to_address>

### Comment 9
<location> `responsible-ai-steganography/tests/test_steganography_api.py:75` </location>
<code_context>
+        assert data['result']['confidence_score'] == 0
+        assert len(data['result']['detected_techniques']) == 0
+    
+    def test_detect_endpoint_zero_width_chars(self, client):
+        """Test detection with zero-width characters"""
+        payload = {
+            'text': 'This text has\u200Bhidden\u200Bmessage\u200Bwith zero-width spaces.',
+            'user_id': 'test_user'
+        }
+        
+        response = client.post(
+            '/rai/v1/steganography/detect',
+            data=json.dumps(payload),
+            content_type='application/json'
+        )
+        
+        assert response.status_code == 200
+        data = json.loads(response.data)
+        
+        assert data['success'] == True
+        assert data['result']['is_suspicious'] == True
+        assert 'zero_width' in data['result']['detected_techniques']
+        assert data['result']['confidence_score'] > 0
+    
+    def test_detect_endpoint_invalid_input(self, client):
</code_context>

<issue_to_address>
Add a test for systematic zero-width character patterns that could encode binary data.

Please add a test that uses a systematic sequence of two zero-width characters (such as alternating \u200B and \u200C) and asserts that the 'binary_pattern' field in the response is correctly populated and matches the expected output.
</issue_to_address>

### Comment 10
<location> `responsible-ai-steganography/tests/test_steganography_api.py:125` </location>
<code_context>
+    def test_batch_detect_endpoint(self, client):
</code_context>

<issue_to_address>
Add batch test cases for edge conditions: mixed valid/invalid items and Unicode exploitation.

Add a batch test with both valid and invalid items to check partial failure handling, and include a case that triggers Unicode exploitation detection to ensure all detection techniques are covered.
</issue_to_address>

### Comment 11
<location> `responsible-ai-steganography/tests/test_steganography_api.py:172` </location>
<code_context>
+        data = json.loads(response.data)
+        assert 'error' in data
+    
+    def test_batch_detect_oversized(self, client):
+        """Test batch detection with too many items"""
+        # Create payload with more than 100 items
+        texts = [{'text': f'Text number {i}', 'id': f'text_{i}'} for i in range(101)]
+        payload = {'texts': texts}
+        
+        response = client.post(
+            '/rai/v1/steganography/detect/batch',
+            data=json.dumps(payload),
+            content_type='application/json'
+        )
+        
+        assert response.status_code == 400
+        data = json.loads(response.data)
+        assert 'Maximum batch size' in data['error']
+    
+    def test_techniques_endpoint(self, client):
</code_context>

<issue_to_address>
Consider adding a test for batch items with extremely large text fields.

Add a test case with a batch containing a single item with a very large text field (e.g., >100,000 characters) to verify the service's response time and correctness under extreme input sizes.
</issue_to_address>

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}

sourcery-ai · 2025-09-03T16:34:30Z