1 SANS Technology Institute - Candidate for Master of Science Degree 1 Steganography Then and Now John Hally May 2012 GIAC GSEC, GCIA, GCIH, GCFA, GCWN,

Slides:



Advertisements
Similar presentations
Cryptography Ch-1 prepared by: Diwan.
Advertisements

1 Proofpoint, Inc. Proprietary and Confidential ©2010 Proofpoint Protection/Privacy Offering Proofpoint Privacy Accurately detect ePHI in s Integrated.
1 SANS Technology Institute - Candidate for Master of Science Degree 1 Assessing Privacy Risks of Flash Cookies Kevin Fuller and Stacy Jordan February.
Nathan Labadie Systems Engineer, US-Central FireEye
Palo Alto Networks Jay Flanyak Channel Business Manager
1 | © 2012 V-Key.com – Proprietary and Confidential Bugatti Veyron Super SportBugatti Veyron Super Sport: 267 mph (429 km/h), 0-60 in 2.4 secs.
2  Industry trends and challenges  Windows Server 2012: Modern workstyle, enabled  Access from virtually anywhere, any device  Full Windows experience.
How Cells Obtain Energy from Food
Steganograp hy By : Uday Deep Singh (IT-2 / 7 th Sem) “The Art Of Hiding Content In Images” 1.
SIEM Based Intrusion Detection Jim Beechey May 2010 GSEC, GCIA, GCIH, GCFA, GCWN twitter: jim_beechey.
Information Hiding: Watermarking and Steganography
1 SANS Technology Institute - Candidate for Master of Science Degree 1 Baselining Windows and Comparative Analysis: Quick and Easy Kevin Fuller May 2012.
SANS Technology Institute - Candidate for Master of Science Degree 1 Covert Channels A Primer for Security Professionals Erik Couture GIAC GSEC GCIH GCIA.
1 SANS Technology Institute - Candidate for Master of Science Degree 1 SIEM Based Intrusion Detection Jim Beechey March 2010 GSEC Gold, GCIA Gold, GCIH,
Steganography in digital images. Copyright protection “Signature” or “watermark” of the creator/sender Invisible Hard to remove Robust to processing 64.
1 SANS Technology Institute - Candidate for Master of Science Degree 1 The Afterglow Effect and Peer 2 Peer Networks Jay Radcliffe June 2010 GIAC: GSEC.
Steganography Steganography is the art and science of writing hidden messages in such a way that no one apart from the sender and intended recipient even.
Khan, Mohammed Minhajuddin
Overview of Digital Stenography
Pictures Worth More Than 1000 Words
Steganography Part 2 – Detection and Research. Introduction to Steganalysis What is steganalysis?  The art of detecting messages hidden by steganography.
Steganography Detection Brittnee Morgan December 22, 2004 HPR 108B.
CS 591 C3S C ryptography & S teganography S ecure S ystem By: Osama Khaleel.
Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #12 Computer Forensics Analysis/Validation and Recovering Graphic.
Steganography By Robert Summitt and Jiten Patel. What is Steganography It is the art and science of writing a message in a way to where the only the recipient.
Covert Channels John Dabney. Covert Channels   “... any communication channel that can be exploited by a process to transfer information in a manner.
Steganography Ryan Sacksteder. Overview What is Steganography? History Forms of Steganography Image Based Steganography Steganalysis Steganography’s Future.
1 1 MA201 CMR John Hally January 2012 GIAC GSEC, GCIA, GCIH, GCFA, GCWN, GPEN.
Digital Watermarking Parag Agarwal
Steganography detection Roland Cmorik, Martin Šumák.
APT29 HAMMERTOSS Jayakrishnan M.
Watermarking University of Palestine Eng. Wisam Zaqoot May 2010.
Center for Information Security Technologies, Korea University Digital Image Steganalysis Kwang-Soo Lee.
S TEGANOGRAPHY The Art of Message Hiding. Cryptography: Securing Information in the Digital Age Part 1: Introduction to Steganography Part 2: Hands-on.
Introduction to Steganography & Steganalysis Laura Walters Department of Mathematics Iowa State University Ames, Iowa November 27,
Digital Steganography
University of Palestine University of Palestine Eng. Wisam Zaqoot Eng. Wisam Zaqoot May 2011 May 2011 Steganalysis ITSS 4201 Internet Insurance and Information.
1 SANS Technology Institute - Candidate for Master of Science Degree 1 Investigative Trees – Converting Attack Trees into Guides for Incident Response.
Agenda Definitions Why cryptography is important? Available technologies Benefits & problems.
December 4, 2007 Steganography By: Brittany Bugg and Makenzie Young.
Computer Forensics, Steganography and Cryptography and Related Ethical Issues. Edilasio Pereira Russell Braun Team 8.
1 SANS Technology Institute - Candidate for Master of Science Degree 1 Detecting and Responding to Data Link Layer Attacks With Scapy TJ OConnor September.
1 SANS Technology Institute - Candidate for Master of Science Degree 1 Remote Access Tools Policy John Jarocki May 2010 GIAC GSEC, GCIA, GCIH, GCFW, GPEN.
Johann A. Briffa Mahesh Theru Manohar Das A Robust Method For Imperceptible High- Capacity Information Hiding in Images. INTRODUCTION  The art of Hidden.
Digital Watermarking
Steganography Ed Norris ECE /4/03. Introduction  Undetectable information hiding  Why undetectable?  The message and the communication itself.
STEGANOGRAPHY AND DIGITAL WATERMARKING KAKATIYA INSTITUTE OF TECHNOLOGY AND SCIENCES,WARANGAL.
Implementation of Steganographic Techniques Danny Friedheim pd. 2.
Lisa Fujii Cole, E. (2003). Hiding in Plain Sight: Steganography and the Art of Covert Communication. Indianapolis, Indiana: Wiley Publishing, Inc.
MANAGEMENT OF STEGANOGRAPHY OLALEKAN A. ALABI COSC 454.
Digital Steganography Jared Schmidt. In This Presentation… Digital Steganography Common Methods in Images Network Steganography Uses Steganalysis o Detecting.
FOOTPRINTING STEGANOGRAPHY.
By Colton Delman COSC 316. Greek roots –Steganos : covered –Graphie: writting Hidden communication The hiding of data, information, or messages in many.
STEGANOGRAPHY Sibaka Mahapatra Computer Science 3rd Year, Sec-E
Out of site… Out of Mind. By Fred A. DuBrock COSC-356 Steganography.
Text File Hiding in Audio (WAV) File using Least Significant Bit Encoding Steganography A mini software project demonstration on By Satish Bhalshankar.
Introduction to Steganography
Ikhwannul Kholis Universitas 17 Agustus 1945 Jakarta
Welcome
STEGANOGRAPHY.
Digital Forensics 2 Lecture 2: Understanding steganography in graphic files Presented by : J.Silaa Lecture: FCI Based on Guide to Computer Forensics and.
Model-based Steganography
Steganography.
SPRING DRAGON APT - A CASE STUDY OF TARGETED ATTACKS IN APAC COUNTRIES
Visit for more Learning Resources
Encryption, Cryptography, and Steganography:
Steganography Techniques and their use in Anonymity
Steganography in digital images
Parag Agarwal Digital Watermarking Parag Agarwal
STEGANOGRAPHY IN IMAGES
Presentation transcript:

1 SANS Technology Institute - Candidate for Master of Science Degree 1 Steganography Then and Now John Hally May 2012 GIAC GSEC, GCIA, GCIH, GCFA, GCWN, GPEN

Steganography What it is: Hidden Writing –From Greek words steganos (covered) and graphie (writing). –The goal is to hide that communication is taking place. What it is not: Cryptography –The goal of Cryptography is to make data unreadable by third party. Commonly combined together SANS Technology Institute - Candidate for Master of Science Degree 2

Uses – Then Digital watermarking/copyright protection Corporate espionage Anti-forensics Terrorist cell covert communications SANS Technology Institute - Candidate for Master of Science Degree 3

Tools - Then Then (Circa 2001): –Spammimic –MP3Stego –OutGuess –JPHS (JP Hide and Seek) –Many others: SANS Technology Institute - Candidate for Master of Science Degree 4

Detection - Then Direct comparison using original (visual, statistical) Targeted Detection tools – target popular steganography tools StegDetect General framework - Statistical analysis SANS Technology Institute - Candidate for Master of Science Degree 5

Tools - Now Updates/derivations of original tools Steganography Analysis and Research Center (SARC) – Detection Tools SARC tools: –StegAlyzerAS –StegAlyzerSS –StegAlyzerRTS 3 rd Party tool Integration (Fidelis) SANS Technology Institute - Candidate for Master of Science Degree 6

Detection - Now Signature-based solutions are prevalent AntiVirus/AntiMalware similarities Original Methodologies still relevant Forensic expert consensus – not typically included in investigations SANS Technology Institute - Candidate for Master of Science Degree 7

8 In Use Today Command and Control Operation Shady Rat Espionage Russian Intelligence Illegals Program Terrorism?

SANS Technology Institute - Candidate for Master of Science Degree 9 Operation Shady Rat A multi-year targeted operation by one actor in order to extrude sensitive information from its targets. –71 compromised organizations identified: 21 Government Organizations - including 6 US Federal, 5 State, 3 County 6 Industrial Organizations - Construction/heavy industry, Steel, Solar, Energy 13 Technology-based Organizations – including 2 Security organizations 13 Defense Contractors, many others. –3 Stage targeted attack: Spear Phishing Command and Control (C&C) Information Exfiltration

SANS Technology Institute - Candidate for Master of Science Degree 10 Shady Rat C & C Trojan exploit code used steganography Commands embedded in HTML and image files HTML files used encryption and encoding for obfuscation Impregnated commands in images

SANS Technology Institute - Candidate for Master of Science Degree 11 Examples of Steganographic Files

SANS Technology Institute - Candidate for Master of Science Degree 12 Espionage United States vs. Anna Chapman and Mikhail Semenko Illegals Program – Investigation of Russian sleeper agents operating in the U.S. Main goal was to infiltrate the United States policy making circles. Agents were to hide connections between themselves and the Russian Intelligence Federation

SANS Technology Institute - Candidate for Master of Science Degree 13 Espionage: Covert Communications Investigation revealed the use of steganography for communications back to Russia Custom steganography program used to embed data in images Communications also took place via wireless drive-by Additional physical steganograhic methods were used

Enterprise Defenses Know your data Know your traffic Know your people Education Vigilance SANS Technology Institute - Candidate for Master of Science Degree 14

Summary Steganography Art of hiding messages in files for covert communications Tools –Hundreds of tools available, many use the same methods Detection –Detection methods for well known tools –Statistical analysis required for custom tools –Not commonly searched for in typical forensic analysis Uses –Command and Control – Shady Rat –Russian Espionage – Illegals Program Defenses –Know your data, traffic, people –Education and vigilance SANS Technology Institute - Candidate for Master of Science Degree 15

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.