期刊名称:Journal of Digital Forensics, Security and Law
印刷版ISSN:1558-7215
电子版ISSN:1558-7223
出版年度:2009
期号:1702
页码:5-26
出版社:Association of Digital Forensics, Security and Law
摘要:Steganography is the art and science of hiding information within information so that an observer does not know that communication is taking place. Bad actors passing information using steganography are of concern to the national security establishment and law enforcement. An attempt was made to determine if steganography was being used by criminals to communicate information. Web crawling technology was used and images were downloaded from Web sites that were considered as likely candidates for containing information hidden using steganographic techniques. A detection tool was used to analyze these images. The research failed to demonstrate that steganography was prevalent on the public Internet. The probable reasons included the growth and availability of large number of steganography-producing tools and the limited capacity of the detection tools to cope with them. Thus, a redirection was introduced in the methodology and the detection focus was shifted from the analysis of the product of the steganography-producing software; viz. the images, to the artifacts left by the steganography-producing software while it is being used to generate steganographic images. This approach was based on the concept of Stego-Usage Timeline. As a proof of concept, a sample set of criminal computers was scanned for the remnants of steganography-producing software. The results demonstrated that the problem of the detection of the usage of steganography could be addressed by the approach adopted after the research redirection and that certain steganographic software was popular among the criminals. Thus, the contribution of the research was in demonstrating that the limitations of the tools based on the signature detection of steganographically altered images can be overcome by focusing the detection effort on detecting the artifacts of the steganography-producing tools.
