HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 47 guests and 1 member online
 
Advertisement

You are here: Home arrow Ethical Hacking Discussions and Related Certificationsarrow Forensicsarrow Steganography in the Forensics Field
EH-Net
May 21, 2013, 06:10:55 AM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Go back to The Ethical Hacker Network Online Magazine Home Page
 
   Home   Help Calendar Login Register  
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: Steganography in the Forensics Field  (Read 5416 times)
0 Members and 1 Guest are viewing this topic.
harky
Newbie
*
Offline Offline

Posts: 10

Hard-working IT professional relocating to NE IL


View Profile
« on: April 21, 2008, 02:03:59 PM »
My name is Daniel Harkness. I am a graduate student at Iowa State University. I have a strong interest in Computer Forensics, and am currently enrolled in a steganography (information hiding) course. For my term project I am doing some background research for a possible funding proposal to create a steganography toolkit geared towards the Computer Forensics field. As part of this background research, I would like to get an idea of how much (if any) steganography has been seen in the field thus far, and what your opinions on the topic are.

I have created a brief, anonymous survey and would appreciate your assistance. The questions on the survey ask about your experiences with steganography and what you think will be important or useful in the future. The survey consists of 10 questions (although some have multiple parts) and are a mixture of multiple choice and short answer questions. I would expect that the survey could take from 1 - 30 minutes depending on whether you have experienced steganography or not and how much detail you go into. All questions are optional and you are invited to participate even if you have no experience with steganography. No personal data will be collected.

The survey can be accessed at:
http://www.questionpro.com/akira/TakeSurvey?id=943751
(To moderator: If direct links are not allowed, please remove the link and let me know.)

Thank you very much for your time, you can PM me if you have any questions.
Logged
Daniel Harkness
MCSA, MCSE, CCE
MS - CprE and InfAs
BS - CprE
BS - ComS
pseud0
Recruiters
Full Member
*
Offline Offline

Posts: 208



View Profile
« Reply #1 on: April 21, 2008, 03:13:42 PM »
When I was still doing investigations we would encounter this from time to time.  We had some tools that would give each file on a system a score from 1 to 5 (1 low to 5 high) that would estimate the likelihood that the file contained information obscured by steg.  It wasn't common, but it wasn't rare, to find such files.  Anything that scored a 4 or 5 got sent to No Such Agency.  Interestingly enough, it wasn't used to hide classified data, it was used to hide child pr0n.
Logged
CISSP, CISM, CISA, GCIH, GREM, CEH, HMFIC, KTHXBIROFLCOPTER
Artful Dodger
Newbie
*
Offline Offline

Posts: 43


View Profile
« Reply #2 on: April 29, 2008, 09:06:52 AM »
Ive never personally come across it.  I imagine that has alot to do with the types of issues ive worked with.  That takes a certain amount of skill and understanding.  Personally, I think it is something that may get bigger in the future if someone comes up with a poular tool to make it understandable and easy for the dodgey folks.

Cheers!
Shane
Logged
CISSP, C|HFI, Security+, Network+, XYZ...blah.
shakuni
Jr. Member
**
Offline Offline

Posts: 80


View Profile
« Reply #3 on: May 28, 2008, 01:40:07 AM »
Quote
For my term project I am doing some background research for a possible funding proposal to create a steganography toolkit geared towards the Computer Forensics field.
It is very easy to implement tools that hide data in image files, mp3 file or any other kind of file. It's just a matter of understanding the file format and then finding the bits in the format whose change will not effect the real work of file significantly. For example, data can be hidden in the LSBs(Least significant bits) of bmp files pixel info bits without effecting the bmp file.

But detecting good steganography is really difficult . So I suggest research further in steganalysis and statistical analysis because it is really needed to detect the covert channels of criminals.
Logged
There is no rule, law or tradition that apply universally... including this one.
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.18 | SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.076 seconds with 22 queries.
 
Exclusive Deal

sansfire13_245x90_cw90.jpg
SANSFIRE 2013
June 15 - 22

5% Off w/ Code: EHN_5

SANS Deals 4 EH-Netters
5% OFF Any SANS Course in Any Format!
Coupon Code: EHN_5 Including SANS Rocky Mountain 2013 & SANS Boston 2013
Polls
Compared to this year, 2013 will be:
 
Recent Forum Topics
EH-Net News Feeds
Latest Additions
 
         
Advertisement

© 2013 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.