Backbone Security’s Steganography Analysis and Research Center (SARC) has released version 2.0 of StegAlyzerAS (Steganography Analyzer Artifact Scanner) and StegAlyzerSS (Steganography Analyzer Signature Scanner). The new versions have significant new improvements including the ability to scan images of seized storage media in various formats and an enhanced user interface…Steganography, which literally meaning “covered writing,” has been used throughout history for secret communications. Digital steganography represents a particularly significant threat today because of the large number of digital steganography applications freely available on the Internet that can be used to hide any digital file inside of another digital file. Use of these applications, which are both easy to obtain and simple to use, allows criminals to conceal their activities in cyber space.
StegAlyzerAS gives computer forensic examiners the ability to scan either the entire file system, or individual directories, on the suspect storage media or EnCase, Raw(dd), or SMART-formatted images of the suspect storage media for fingerprints (hash values) of steganography application artifacts (files associated with steganography applications). And, unlike other popular forensic tools, this product offers the option to search the Windows Registry(TM) to determine if any Registry keys exist that are associated with particular steganography applications.
StegAlyzerSS gives computer forensic examiners the ability to scan every file on the suspect storage media for the presence of hexadecimal byte patterns, known as signatures, associated with particular steganography applications. If a known signature is detected, extraction of the hidden information may be possible directly within the application using automated steganography extraction algorithms, by using the associated steganography application, or by using more advanced and complex techniques. In addition to user interface and performance enhancements, Version 2.0 provides the capability to scan for signatures in files in EnCase, Raw (dd), or SMART-formatted images of suspect storage media.
Glenn Watt, President and CEO of Backbone Security, summed up the new product improvements by saying “These new and improved versions of our popular forensic software tools will greatly assist the efforts of federal, state, and local law enforcement officials in their ability to detect the use of steganography to distribute child pornography and successfully prosecute the perpetrators. We have consistently worked in partnership with all levels of law enforcement officials to make our products more robust and easier for their computer forensic examiners to use. Our tools allow them to discover evidence of criminal activity concealed in innocent looking files. The fact that child pornography is heinous and is being perpetrated on our most vulnerable citizens, makes me proud that Backbone Security’s SARC is making a valuable contribution to the efforts of law enforcement in fighting this despicable crime.”
Backbone Security is a privately owned small business specializing in computer security and training with the principal office in Stroudsburg, PA and satellite offices Fairmont WV, and Sudbury, MA.
The SARC was established in June 2004 as a Center of Excellence within Backbone Security focused exclusively on steganography research and development. The SARC has established a national repository of steganography applications, fingerprints, and signatures as well as state-of-the-art steganography detection and hidden information extraction tools that address the needs of cyber crime investigators and computer forensic examiners in law enforcement, government, military, intelligence, and the private sector.