Forums
Main Category
General (Technical,...
Steganography in th...
 
Notifications
Clear all

Steganography in the Forensics Field

 
General (Technical, Procedural, Software, Hardware etc.)
Last Post by harky 17 years ago
7 Posts
3 Users
0 Reactions
812 Views
RSS
 harky
(@harky)
Active Member
Joined: 17 years ago
Posts: 9
Topic starter 22/04/2008 1:05 am  

My name is Daniel Harkness. I am a graduate student at Iowa State University. I have a strong interest in Computer Forensics, and am currently enrolled in a steganography (information hiding) course. For my term project I am doing some background research for a possible funding proposal to create a steganography toolkit geared towards the Computer Forensics field. As part of this background research, I would like to get an idea of how much (if any) steganography has been seen in the field thus far, and what your opinions on the topic are.

I have created a brief, anonymous survey and would appreciate your assistance. The questions on the survey ask about your experiences with steganography and what you think will be important or useful in the future. The survey consists of 10 questions (although some have multiple parts) and are a mixture of multiple choice and short answer questions. I would expect that the survey could take from 1 - 30 minutes depending on whether you have experienced steganography or not and how much detail you go into. All questions are optional and you are invited to participate even if you have no experience with steganography. No personal data will be collected.

The survey can be accessed at
http//www.questionpro.com/akira/TakeSurvey?id=943751
(To moderator If direct links are not allowed, please remove the link and let me know.)

Thank you very much for your time, you can PM me if you have any questions.


   
Quote
 BitHead
(@bithead)
Noble Member
Joined: 20 years ago
Posts: 1206
22/04/2008 1:42 am  

Do you anticipate differences between what you are planning to create and what SARC has created?


   
ReplyQuote
 harky
(@harky)
Active Member
Joined: 17 years ago
Posts: 9
Topic starter 22/04/2008 1:53 am  

Do you anticipate differences between what you are planning to create and what SARC has created?

What I am looking at is basically performing a feasibility study to see if there is even a need for such a tool and what the needs would be. I was not aware that anything existed, as all the resources that I have talked to so far have had very limited knowledge on what is available (including the professor of the course). So, even if all that I find out is that software already exists (I will check out the link to SARC you posted), that is great.

The other thing I am trying to find out is, if software already exists are there any features that are missing for forensics use? Or should there be a push for increased education about what is already available? etc.

I actually don't plan on being around long enough to implement (or even plan) anything new. So, I am just trying to see whether it is something worth pursuing additional funding to get new graduate students involved with.


   
ReplyQuote
 BitHead
(@bithead)
Noble Member
Joined: 20 years ago
Posts: 1206
22/04/2008 2:39 am  

I was not aware that anything existed, as all the resources that I have talked to so far have had very limited knowledge on what is available (including the professor of the course).

Just curious who you have talked to about steg? SARC & WetStone are the big names in the business, but there are other tools such as OutGuess and numerous papers on steg detection and analysis from Utica, Purdue, Michigan State, etc..

I would be concerned about what you are learning if your professor does not know about these resources, unless he is just challenging your ability to search, in which case how did you miss references to SARC and WetStone? Almost any Google search about steg will turn up their names.

Not trying to be a wet blanket, just trying to figure out your handle on steg.


   
ReplyQuote
 harky
(@harky)
Active Member
Joined: 17 years ago
Posts: 9
Topic starter 22/04/2008 8:59 pm  

Just curious who you have talked to about steg? SARC & WetStone are the big names in the business, but there are other tools such as OutGuess and numerous papers on steg detection and analysis from Utica, Purdue, Michigan State, etc.. … I would be concerned about what you are learning if your professor does not know about these resources,

Thus far, the only people that I have talked to are two professors and one law enforcement officer. The professor who teaches the course is a Math professor, who is big into the algorithms behind steg and steganalysis, however seems to be far removed (as, unfortunately, has been my experience in other classes) from anything relating to what is actually being put into practice.

The other professor is also a CFCE, but has not really experienced anything with steg, and I have gathered has some interest in it, but I don't believe has really looked into it at all. Luckily, he does tend to tie in more practical/real-world use into his work. He would be the one that I would be suggesting pursues funding depending on what I find about the existing state of steganography (and tools) in the forensics field.

My law enforcement contact (also a CFCE) has no experience with steg.

The common thread among all of these contacts has been that they are completely unaware of anyone in the field who has actually experienced steg being used anywhere outside of research. And another common belief (although not universal, as my survey has begun showing) that I have heard is a belief that most criminals (child pornographers, in particular) have a "i want it now" attitude and won't permit anything to slow them down (encryption, steganography, etc).

All of this, along with my own personal belief that will be (and likely already is in some rings) an issue, led me to the feeling that I wasn't going to find much without some pointed help, and why I decided to put out a survey before spending too much time on research on my own. Also, I figured that if steg was being encountered in forensics, it would be nice to see what those who are encountering it are seeing vs. marketing from those who are making tools.


   
ReplyQuote
 ddow
(@ddow)
Reputable Member
Joined: 21 years ago
Posts: 278
22/04/2008 11:45 pm  

Daniel, when all is said and done, if you could come back and post a link to your research results. I'd be interested in reading what you've done, etc.


   
ReplyQuote
 harky
(@harky)
Active Member
Joined: 17 years ago
Posts: 9
Topic starter 23/04/2008 12:24 am  

I would be happy to do so. And would like to thank the members of this forum for their help and acceptance of my posting a link. As I have found, not all forums are as accepting of attempts to perform research.


   
ReplyQuote
Forum Jump:
  Previous Topic
Next Topic  
Share: