Steganography, literally meaning "covered writing," has been used throughout history for secret communications. Criminals, to include terrorists, have always sought ways to conceal their activity in real, or physical space. The same is true in virtual, or cyber space. Digital steganography represents a particularly significant threat today because of the large number of digital steganography applications freely available on the Internet that can be used to hide any digital file inside of another digital file. Use of these data-hiding applications, which are both easy to obtain and simple to use, allows criminals to conceal their activities in cyber space. Thus, steganography presents a significant challenge to law enforcement as well as the intelligence community because detecting hidden information and then extracting that information using traditional methods is very difficult and may be impossible in some cases. The Steganography Analysis and Research Center (SARC) was developed in June 2004 by Backbone Security.Com with the fundamental goal of collecting steganography, watermarking, and other data-hiding applications from various sources and incorporating file profiles computed from them into the Steganography Application Fingerprint Database (SAFDB). The SAFDB can be used by federal, state, and local law enforcement and the intelligence community to review files on seized media by matching file profiles in the SAFDB. To date, the SAFDB contains 14,000 file profiles associated with 200 data-hiding applications. The file profiles contain identifying information such as filename, associated application name, and several unique hash values: CRC-32, MD5, SHA-1, and SHA-256. These hash values may be used to determine the presence of a steganography application or artifact of a steganography application on the media being examined. The SARC has also developed tools, techniques, and procedures to find and extract hidden information and has rapidly evolved into a high-value law enforcement, homeland security, and national security asset in the global war on terrorism and effort to combat cyber crime. The SAFDB is available for download in formats compatible with most of the popular digital forensic tools and utilities: ILook, HashKeeper, Forensic Toolkit (FTK), and Encase. Please log on to the SARC website at http://www.sarc-wv.com <http://www.sarc-wv.com/> and register to download the Steganography Application Fingerprint Database today! Chad W. Davis Computer Security Engineer Backbone Security.Com 320 Adams Street Suite 105 Fairmont, WV 26554 Tel: 304-333-2028 Fax: 304-366-9161 http://www.backbonesecurity.com <http://www.backbonesecurity.com/> Steganography Analysis and Research Center http://www.sarc-wv.com <http://www.sarc-wv.com/>
This archive was generated by hypermail 2.1.3 : Thu Mar 31 2005 - 07:20:53 PST