Steganography Part 2 – Detection and Research. Introduction to Steganalysis What is steganalysis?  The art of detecting messages hidden by steganography.

Slides:



Advertisements
Similar presentations
Applications of one-class classification
Advertisements

1 SANS Technology Institute - Candidate for Master of Science Degree 1 Steganography Then and Now John Hally May 2012 GIAC GSEC, GCIA, GCIH, GCFA, GCWN,
Steganograp hy By : Uday Deep Singh (IT-2 / 7 th Sem) “The Art Of Hiding Content In Images” 1.
File System Analysis.
Mod H-1 Examples of Computer Crimes. Mod H-2 Stuxnet.
Steganography, Steganalysis, & Cryptanalysis
Guide to Computer Forensics and Investigations Fourth Edition
Guide to Computer Forensics and Investigations Fourth Edition
Guide to Computer Forensics and Investigations Third Edition
Steganography Greg Mitchell COS413 Computer Forensics Professor Tony Gauvin.
Module Nine - Steganography Highline Community College Seattle University University of Washington in conjunction with the National Science Foundation.
Steganography Detection Brittnee Morgan December 22, 2004 HPR 108B.
Steganography Rayan Ghamri.
Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #12 Computer Forensics Analysis/Validation and Recovering Graphic.
Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #12 Intelligent Digital Forensics September 30, 2009.
Hands-on: Capturing an Image with AccessData FTK Imager
Passwords, Encryption Forensic Tools
Antivirus Software Detects malware (not just viruses) May eliminate malware as well Often sold with firewalls Two approaches: Dictionary-based - Compares.
1 Chap 10 Malicious Software. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on.
Steganography detection Roland Cmorik, Martin Šumák.
Steganography Steganography refers to any methodology used to hide a message (including text, sound, or picture) in a separate file. Most commonly text.
Chapter 9 Computer Forensics Analysis and Validation Guide to Computer Forensics and Investigations Fourth Edition.
IEEE-WVU, Anchorage  1 The Unseen Challenge Data Sets Anderson Rocha Walter Scheirer Siome Goldenstein Terrance Boult.
Introduction to Steganography & Steganalysis Laura Walters Department of Mathematics Iowa State University Ames, Iowa November 27,
University of Palestine University of Palestine Eng. Wisam Zaqoot Eng. Wisam Zaqoot May 2011 May 2011 Steganalysis ITSS 4201 Internet Insurance and Information.
Data Recovery Techniques Florida State University CIS 4360 – Computer Security Fall 2006 December 6, 2006 Matthew Alberti Horacesio Carmichael.
1 Chap 10 Virus. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on an ever increasing.
December 4, 2007 Steganography By: Brittany Bugg and Makenzie Young.
Virus Detection Mechanisms Final Year Project by Chaitanya kumar CH K.S. Karthik.
Hiding Data in “Plain Sight” Computer Forensics BACS 371.
Seungchan Lee Intelligent Electronic Systems Human and Systems Engineering Department of Electrical and Computer Engineering Software Release and Support.
Professional Encryption Software FINECRYPT 8.1. Contents Introduction Introduction Features Features Installation Installation Tests Tests Results Results.
Timeline Analysis Geoff Black, EnCE, SnortCP Senior Forensic Consultant Professional Services Division Guidance Software, Inc.
IEEE-WVU, Anchorage  1 Steg in the Real World Two examples that move the work of steganalysis out of the lab –The massive data survey of Provos.
Chapter 9 Computer Forensics Analysis and Validation Guide to Computer Forensics and Investigations Fourth Edition.
Guide to Computer Forensics and Investigations, Second Edition Chapter 11 Recovering Image Files.
Steganography Ed Norris ECE /4/03. Introduction  Undetectable information hiding  Why undetectable?  The message and the communication itself.
Introduction to Steganalysis Schemes Multimedia Security.
Implementation of Least Significant Bit Image Steganography and its Steganalaysis By: Deniz Oran Fourth Quarter.
Stego Intrusion Detection System (SIDS) Michael Sieffert Assured Information Security, Inc.
Benchmarking steganographic and steganalysis techniques Electronic Imaging of SPIE 2005 Authors:Kharrazi, Mehdi, Husrev T. Sencar, and Nasir Memon Department.
Oft Repeated Theme: If it is encrypted, you are probably not going to crack it. Look instead at the “end points” and low-hanging fruit (social engineering.
 Forensics  Application of scientific knowledge to a problem  Computer Forensics  Application of the scientific method in reconstructing a sequence.
Forensics Jeff Wang Code Mentor: John Zhu (IT Support)
2007/5/ Digital Forensic Research Workshop (DFRWS) New Orleans, LA 1 Data Hiding in Journaling File Systems Knut Eckstein, Marko Jahnke 報告人:陳晉煒.
Cryptographic Anonymity Project Alan Le
Chao-Hsien Chu, Ph.D. College of Information Sciences and Technology The Pennsylvania State University University Park, PA Search.
Speaker: Po-Kai Shen Advisor: Tsai-Rong Chang Date: 2010/11/16 1 Steganalysis of LSB matching based on statistical modeling of pixel difference distributions.
Lisa Fujii Cole, E. (2003). Hiding in Plain Sight: Steganography and the Art of Covert Communication. Indianapolis, Indiana: Wiley Publishing, Inc.
Implementation of Least Significant Bit Image Steganography and its Steganalaysis By: Deniz Oran Third Quarter.
By: Jeremy Henry. Road Map  What is a cybercrime?  Statistics.  Tools used by an investigator.  Techniques and procedures used.  Specific case.
MANAGEMENT OF STEGANOGRAPHY OLALEKAN A. ALABI COSC 454.
Forensic Investigation Techniques Michael Jones. Overview Purpose People Processes Michael Jones2Digital Forensic Investigations.
Digital Steganography Jared Schmidt. In This Presentation… Digital Steganography Common Methods in Images Network Steganography Uses Steganalysis o Detecting.
Date of download: 6/1/2016 Copyright © 2016 SPIE. All rights reserved. Diagrams of the (a) OC-SVM classifier and (b) MHOC-SVM classifier. Figure Legend:
Forensic Investigation Techniques Michael Jones. Overview Purpose People Processes Michael JonesDigital Forensic Investigations2.
Digital Forensics Anthony Lawrence. Overview Digital forensics is a branch of forensics focusing on investigating electronic devises. Important in for.
bitdefender virus protection
Digital Steganography
STEGANOGRAPHY.
Digital Forensics 2 Lecture 2B: Steg Tools Presented by : J.Silaa
Digital Forensics 2 Lecture 2: Understanding steganography in graphic files Presented by : J.Silaa Lecture: FCI Based on Guide to Computer Forensics and.
Knut Kröger & Reiner Creutzburg
Steganography.
Students: Meiling He Advisor: Prof. Brain Armstrong
Chap 10 Malicious Software.
Visit for more Learning Resources
Deep Learning Hierarchical Representations for Image Steganalysis
Steganography in digital images
Chap 10 Malicious Software.
Presentation transcript:

Steganography Part 2 – Detection and Research

Introduction to Steganalysis What is steganalysis?  The art of detecting messages hidden by steganography  Alternatively, detection of Steganography by a third party  Research and analysis of steganography tools to develop detection methods

Introduction to Steganalysis Why is it important to Computer Forensics?  Steganography allows a person to hide information in a non-obvious way, so potentially tough to find evidence. Harder to spot steganography than encryption.  Steganography is tough to detect. You need a tool to help you.  Time intensive to check images etc for steganography. Need help to narrow down the search

Detection Methods Human Methods  Manually look at the file Extremely hard to detect steg with sight or hearing Looking for anomalies in image or with sound  Only possible when the hidden message is large compared to the carrier.  Look for anomalies in file size etc  All human methods are very time intensive and not reliable.

Detection Methods Computer Forensic Methods  We can use CF techniques to help find evidence of steg usage  Search for evidence of steganography tools Use a tool like EnCase to look for deleted programs Look in start menu's Look for remnants of steg tools in registry  If we can find a tool then we know what steganalysis to run Detection is typically different for each steg tool so we want to reduce the number of steg tools we scan for in our images, mp3s, etc.

Detection Programs Use a specialized tool  Much like a virus scanner Scans disk looking at files for steg “signatures” Can search based on for a specific tool's signature Freeware/Opensource tool  Stegdetect Can detect and crack various JPEG based steg tools  Such as JPHide, Outguess, F5, etc Commerical Products  StegoSuite by Wetstone  StegAnalyzer by SARC

Demo of Stegdetect Command line tool  Usage: stegdetect  Options -q only report images that have steg content -s change the sensitivity of detection -t select which tools to search for  Any combination of j, o, p, i.  j = JSteg, o = OutGuess, p = JPHide, i = Invisible Secrets  Example: stegdetect -q -t jp *.jpg Search all jpeg's in current directory for usage of Jsteg and JPHide and report only those that do have steg.

Detection Tools Blind Steganography Detection  When you don't know the steg tool used. Might even be a steg tool thats not widely known about  Involves statistical techniques Expected values of image compared to actual  File size, noise levels  Chi-Square tests on distribution of DCT values DCT values in a non-steg match a distribution curve Modified DCT values don't fit this curve May give false positives, or false negatives Some steg tools purposely avoid these statistical detection techniques by adjusting other values to fool the Chi-Square test.

Detection Tools Blind Steganography Detection Con't  Once a file is flagged as being steg'd we need to extract the hidden message.  May need to break a password or encryption JPHide uses a password to control how it modifies the JPEG, therefore we need to know the password in order to extract the image. Contained message may be encrypted.  Might have to use brute force to break Can be extremely time consuming for complex passwords.

Steganography Research Finding new ways of detecting steg  Improving blind detection methods Genetic algorithms  Self modifying algorithm  Adapts to find optimal solution In this case, optimal detection of steg Artificial intelligence  Support Vector Machines Consists of classifying an image, steg or non-steg Composed of a feature vector Specific sections or statistics of an image to look at SVM is trained on a series of steg and non-steg images along with its feature vector and learns how to detect steg to a high percentage.

Steganography Research Also finding new ways of steg'ing files MPEG, PNG, etc Tells us if we need to be concerned with steg in certain files Important in order to adapt our practices of what or what not to search for in an investigation.

Steganography Research URI Steganography Research Group  Received a NIJ grant to create a steg detection tool  Combines own SVM along with commercial detection software  Provides a single toolchain to analyze, break, and report. Gives a single interface to forensic examiners Easily extendable to new tools, new file formats without examiner having to learn new tool/technique. Allows examiner to submit files to be checked and allows them to continue their examination.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.