An Overview of Steganography for the Computer Forensics Examiner

Steganography is the art of covered or hidden writing. The purpose of steganography is covert communication-to hide the existence of a message from a third party. This paper is intended as a high-level technical introduction to steganography for those unfamiliar with the field. It is directed at forensic computer examiners who need a practical understanding of steganography without delving into the mathematics, although references are provided to some of the ongoing research for the person who needs or wants additional detail. Although this paper provides a historical context for steganography, the emphasis is on digital applications, focusing on hiding information in online image or audio files. Examples of software tools that employ steganography to hide data inside of other files as well as software to detect such hidden files will also be presented.

[1]  Adi Shamir,et al.  The Steganographic File System , 1998, Information Hiding.

[2]  J. Fridrich,et al.  Attacking the OutGuess , 2002 .

[3]  Friedrich L. Bauer,et al.  Decrypted secrets - methods and maxims of cryptology , 1997 .

[4]  Niels Provos,et al.  Detecting Steganographic Content on the Internet , 2002, NDSS.

[5]  Kevin Curran,et al.  An evaluation of image based steganography methods using visual inspection and automated detection techniques , 2006, Multimedia Tools and Applications.

[6]  Warren G. Kruse,et al.  Computer Forensics: Incident Response Essentials , 2001 .

[7]  Bruce Fries,et al.  The Mp3 and Internet Audio Handbook: Your Guide to the Digital Music Revolution , 2000 .

[8]  Sushil Jajodia,et al.  Information Hiding: Steganography and Watermarking-Attacks and Countermeasures , 2000, Advances in Information Security.

[9]  Sushil Jajodia,et al.  Steganalysis of Images Created Using Current Steganography Software , 1998, Information Hiding.

[10]  Hany Farid,et al.  Detecting Steganographic Messages in Digital Images , 2001 .

[11]  Xuan Zhou,et al.  STEGANOGRAPHIC FILE SYSTEM , 2005 .

[12]  Friedrich L. Bauer,et al.  Decrypted secrets - methods and maxims of cryptology (4. ed.) , 2002 .

[13]  V. Rich Personal communication , 1989, Nature.

[14]  J. R. Martin,et al.  Information retrieval in digital watermarking , 2001, IEEE Commun. Mag..

[15]  Sai Ho Kwok,et al.  Watermark-based copyright protection system security , 2003, CACM.

[16]  Orin S. Kerr,et al.  Searching and Seizing Computers and Obtaining Electronic Evidence , 2002 .

[17]  Markus G. Kuhn,et al.  StegFS: A Steganographic File System for Linux , 1999, Information Hiding.

[18]  Rajarathnam Chandramouli,et al.  Mathematical approach to steganalysis , 2002, IS&T/SPIE Electronic Imaging.

[19]  Edward J. Delp,et al.  Watermark embedding: hiding a signal within a cover image , 2001, IEEE Commun. Mag..

[20]  Jessica J. Fridrich,et al.  Practical steganalysis of digital images: state of the art , 2002, IS&T/SPIE Electronic Imaging.

[21]  D. Kahn The codebreakers : the story of secret writing , 1968 .

[22]  Miroslav Goljan,et al.  Steganalysis based on JPEG compatibility , 2001, SPIE ITCom.

[23]  Edward J. Delp,et al.  Communications approach to image steganography , 2002, IS&T/SPIE Electronic Imaging.

[24]  Craig H. Rowland,et al.  Covert Channels in the TCP/IP Protocol Suite , 1997, First Monday.

[25]  Jack Seward,et al.  The Debtor's Digital Reckonings , 2003, Int. J. Digit. EVid..

[26]  Jessica J. Fridrich,et al.  New methodology for breaking steganographic techniques for JPEGs , 2003, IS&T/SPIE Electronic Imaging.

[27]  Gregg H. Gunsch,et al.  Blind Stenanography Detection Using a Computational Immune System: A Work in Progress , 2003, Int. J. Digit. EVid..

[28]  R. F. Rey,et al.  Engineering and Operations in the Bell System , 1983 .

[29]  Nasir D. Memon,et al.  Steganalysis of audio based on audio quality metrics , 2003, IS&T/SPIE Electronic Imaging.

[30]  Jiri Fridrich,et al.  Secure Steganographic Methods for Palette Images , 1999, Information Hiding.

[31]  Jessica J. Fridrich,et al.  Steganalysis of JPEG Images: Breaking the F5 Algorithm , 2002, Information Hiding.

[32]  H. Marshall Jarrett,et al.  Searching and Seizing Computers and Obtaining Electronic Evidence in Criminal Investigations , 1979 .

[33]  Siwei Lyu,et al.  Higher-order Wavelet Statistics and their Application to Digital Forensics , 2003, 2003 Conference on Computer Vision and Pattern Recognition Workshop.

[34]  Bill Nelson,et al.  Guide to Computer Forensics and Investigations , 2003 .

[35]  D. Artz,et al.  Digital steganography: hiding data within data , 2001 .

[36]  Niels Provos,et al.  Hide and Seek: An Introduction to Steganography , 2003, IEEE Secur. Priv..

[37]  Jessica J. Fridrich,et al.  Quantitative steganalysis of digital images: estimating the secret message length , 2003, Multimedia Systems.

[38]  Sushil Jajodia,et al.  Exploring steganography: Seeing the unseen , 1998, Computer.

[39]  S. Pereira,et al.  Attacks on digital watermarks: classification, estimation based attacks, and benchmarks , 2001, IEEE Communications Magazine.

[40]  Gustavus J. Simmons,et al.  The Prisoners' Problem and the Subliminal Channel , 1983, CRYPTO.

[41]  Stephen D. Wolthusen,et al.  Techniques and Applications of Digital Watermarking and Content Protection , 2003, Artech House computer security series.

[42]  Jeremy Callinan Donald Kemick,et al.  Detecting Steganographic Content in Images Found on the Internet , 2003 .

[43]  Kevin Curran,et al.  An evaluation of image based steganography methods , 2006, Multimedia Tools and Applications.