Download to read offline
More Related Content
Steganography
- 1. STEGANOGRAPHY Steganography isa useful tool that allows covert transmission of information over an overt communications channel. Combining covert channel exploitation with the encryption methods of substitution ciphers and/or one time pad cryptography, steganography enables the user to transmit information masked inside of a file in plain view. The hidden data is both difficult to detect and when combined with known encryption algorithms, equally difficult to decipher. This paper provides a general overview of the following subject areas: historical cases and examples using steganography, how steganography works, what steganography software is commercially available and what data types are supported, what methods and automated tools are available to aide computer forensic investigators and information security professionals in detecting the use of steganography, after detection has occurred, can the embedded message be reliably extracted, can the embedded data be separated from the carrier revealing the original file, and finally, what are some methods to defeat the use of steganography even if it cannot be reliably detected. INTRODUCTION Within the field of Computer Forensics, investigators should be aware that steganography can be an effective means that enables concealed data to be transferred
- 2. inside of seeminglyinnocuous carrier files. Knowing what software applications are commonly available and how they work gives forensic investigators a greater probability of detecting, recovering, and eventually denying access to the data that mischievous individuals and programs are openly concealing. Generally speaking, steganography brings science to the art of hiding information. The purpose of steganography is to convey a message inside of a conduit of misrepresentation such that the existence of the message is both hidden and difficult to recover when discovered. The word steganography comes from two roots in the Greek language, “Stegos” meaning hidden / covered / or roof, and “Graphia” simply meaning writing . Similar in nature to the slight of hand used in traditional magic, steganography uses the illusion of normality to mask the existence of covert activity. The illusion is manifested through the use of a myriad of forms including written documents, photographs, paintings, music, sounds, physical items, and even the human body. Two parts of the system are required to accomplish the objective, successful masking of the message and keeping the key to its location and/or deciphering a secret. When categorized within one of the two fundamental security mechanisms of computer science (cryptographic protocols and maintaining control of the CPUs instruction pointer), steganography clearly fits within cryptography. It closely mirrors common cryptographic protocols in that the embedded information is revealed in
- 3. much the samemanner as substitution or Bacon cipher mechanisms . This paper will highlight some historical examples, discuss the basic principles of steganography showing how most instances work, identify software that can be used for this purpose, and finally provide an overview of current methods employed to detect and defeat it. TOOLS USED FOR STEGANOGRAPHY StegFS StegFS is a Steganographic File System for Linux. Not only does it encrypt data, it also hides it such that it cannot be proved to be there. Note that this is still 'under development'. It is not bug-free yet. There may be possibly serious problems. In short, if it destroys your computer or your data or causes a minor nuclear holocaust don't blame the programmers. Feel free to try it, but don't get too upset if you have problems. There are still bugs/misfeatures that want fixing. However, it should be stable enough for use. You will need to know how to patch and compile a kernel. It is strongly recommended that you read "StegFS: A Steganographic File System for Linux" before attempting to use this file system. StegFS is distributed as a kernel patch and a tarball containing a set of utilities. You need both to be able to use StegFS. This package contains the utilities.
- 4. BMP Secrets BMPSecrets is another steganography program that allows you to store any information in a bitmap file. One big advantage of BMP Secrets is that it has a very large hiding capacity. Some features include: • The program uses an original steganography method developed by Parallel Worlds that allows you to replace up to 65 percent of the true- color BMP file with your data. You can convert the result image only to lossless format; lossy formats will destroy information inside. If you try to make any changes to the result image, information will also be lost. • You can choose hiding rate. The higher the hiding rate, the lower the quality. However, if you use the highest rate it is difficult to find any differences. • A built-in to encoding compressor that allows the storage of much more text files than binary. • You can hide not only in whole image, but also in part. You can choose a rectangle on the picture where data will be stored. Sometimes you can store two different files in two different squares of one image. It also increases the security level. • You can set an automatic quality option. The program will search for the best quality when the whole file can be stored. • Hiding spreads data all over the image when you provide a password. To withdraw an encoded file and to decode it is very difficult, because nobody except you knows the data-spreading order period. • You can view results of your hiding and compare the original with the result.
- 5. If the wholefile cannot be placed in one picture, the file can be split. When you unhide this file, you can bring parts together into one file, allowing you to hide one big file in several images. It also increases the security level, as far as one needs all parts to extract hidden file.