Backbone Security Expands Digital Steganography Database

Backbone Security has announced that the latest version of their Steganography Application Fingerprint Database (SAFDB) is now available. SAFDB is the world’s largest commercially available hash set exclusive to digital steganography applications…The database is widely used by US and international law enforcement agencies; the intelligence community; and private sector computer forensic examiners to detect digital steganography applications on seized digital media or in a network traffic stream. Discovery of a steganography application during a computer forensics examination is a strong indication the application has been, or will be, used to conceal evidence of criminal activity.

Developed in Backbone’s Steganography Analysis and Research Center (SARC), SAFDB Version 3.4 contains seven different fingerprints, or hash values, ranging from CRC32 to SHA-512, of every file artifact associated with 768 digital steganography applications.

SAFDB is an integral part of Steganography Analyzer Artifact Scanner, or StegAlyzerAS, a computer forensics tool, and the Steganography Analyzer Real-Time Scanner (StegAlyzerRTS), a network security appliance.

StegAlyzerAS uses the hash values in SAFDB to detect steganography applications. It also offers the unique capability to detect Windows Registryâ„¢ artifacts. This makes it possible to identify a specific steganography application was used even if the user uninstalled the application and deleted the associated files and folders.

StegAlyzerRTS is the world’s only commercially available network security appliance capable of detecting steganography applications in real-time. It uses the hash values in SAFDB to detect steganography applications downloaded by trusted insiders in the inbound packet stream. When a detection event occurs, an alert is immediately sent to the Management Console to notify the administrators monitoring the network.


Get The Latest DFIR News

Join the Forensic Focus newsletter for the best DFIR articles in your inbox every month.

Unsubscribe any time. We respect your privacy - read our privacy policy.


Existing customers may download SAFDB V3.4 by logging into their account on the SARC website.

For additional information about Backbone’s steganalysis tools, please visit www.sarc-wv.com or send email to sarc@backbonesecurity.com.

About the SARC

The SARC is a Center of Excellence in digital steganography research and development within Backbone Security. Established to create and maintain a national repository of steganography applications, fingerprints, and signatures that can be consulted during the forensic examination of seized media, the SARC has created the world’s largest hash set exclusive to digital steganography applications.

About Backbone Security

In addition to being the leading provider of digital steganalysis tools, Backbone is a PCI Data Security Standard (DSS) Approved Scanning Vendor that conducts automated PCI DSS compliance assessments with their industry leading One-Stop Scanning Solution. Backbone also provides real-time intrusion monitoring, vulnerability assessment, penetration testing, and business continuity and disaster recovery planning services.

Contact: Jim Wingate, Vice President and Director, SARC
Voice: (877) 560-SARC, Fax: (304) 366-9163, or E-Mail: jwingate@backbonesecurity.com.

Leave a Comment