What a Digital Forensics Investigator should know about Steganalysis of Digital Content

Modified: 8th Feb 2020
Wordcount: 5746 words

Disclaimer: This is an example of a student written essay. Click here for sample essays written by our professional writers.
Any opinions, findings, conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of UKEssays.ae.

Cite This

Table of Contents

Introduction

Background

Aim, Objectives and Research questions

Literature Review

Digital Steganography

What a digital forensics Investigator should know about steganalysis of digital content?

Steganalysis

Digital Forensics

Digital Security Issues

Legal Issues and Challenges

Discussion

Conclusion

References

Introduction

Background

Internet has been explicitly used for transfer of data and information from one place to another place. Data transfer can be done between families, friends, corporates and different groups in a legal manner. However, there can be illegal way too for data transfer. Therefore, this can be threat-full for society and corporates. Steganography deals with secrecy and communication conversion into hidden format (Lin 2018). The word steganography has been derived from Greek word ‘steganos’ and ‘graphein’ means masked writing. Steganography include various techniques that are not directly linked to computer. In computer science, steganography has been refereed to hiding data with non-secret data. Steganography is based on a fact that files and data can be altered without losing its originality so that human senses cannot distinguish changes.

Figure 1: Simple presentation of the principle of steganography

(Source: Cogranne, Sedighi and Fridrich, 2017)

The above figure represents an example of steganography. A carrier image is chosen and the secret message is embedded into carrier using stenographic algorithm so that it does not change the original image. The resultant new image is the stego-image that is not visible different from original. This technique has been different from cryptography as the resultant image is visible for the user. In case of cryptography, resultant data is encrypted into a packet with a key that cannot be accessed by any user (Cogranne, Sedighi and Fridrich, 2017). There are various classification of steganography. The below figure describes about classification of steganography.

Figure 2: Classification of steganography

(Source: Manimegalai et al. 2014)

Technical steganography focuses on scientific approaches for hiding a message including the use of undetectable ink or microdots.

Forensic science is a technology developed for uncovering scientific evidence in variety of fields. Digital forensics refers to investigating crimes with proper possibility of digital evidence. It is use of scientific driven and proven methods towards preservation, identification, collection and interpretation of data arranged from digital sources to restrict criminal activities and planned illegal works (Manimegalai et al. 2014). Computer crimes have been increased in recent years that have been creating bug challenges in the market. Therefore, digital forensics is an investigation of crime in an organization done by criminal. Digital forensics is done to examine and resolve the flaws in the steganography. Various criminals are using steganography for transferring hidden messages for increasing crime. Therefore, digital forensics investigators need to know details about steganalysis. 

 

 

 

Aim, Objectives and Research questions

The aim of the research is about what a digital forensics Investigator should know about steganalysis of digital of digital content.

The objectives of the research have been mentioned below:

  • To investigate issues in steganography
  • To implement steganalysis for defeating steganography
  • To identify what a digital forensics Investigator should know about steganalysis of digital of digital content

The research questions are mentioned below:

  • What are the issues in steganography?
  • How to defeat steganography using steganalysis?
  • What a digital forensics Investigator should know about steganalysis of digital of digital content?

Literature Review

Digital Steganography

Technology has been helping in hiding messages easily and efficiently in the modern computer age. Computerized tools have been helping in encoding messages and hide within another file. According to Srivastava et al. (2018), steganography is an art of concealing existence of information technology within carriers. The goal of the technology is that the message exists in first place that helps in intercepting file would not be able to view the hidden message in the carrier. Steganography help in hiding the existence of message, cryptography helps in making it impossible to understand for outsiders.

There are three types of steganography techniques that has been discussed below:

Injection techniques: Concealing of data in original files have been occurring in computer applications. IS conferences and journals have been routinely instructing authors for removing identified data in order not to compromise in blind review process (Chaumont 2018). The general view of the webpage does not include content, however, source view reveals <input type=” hidden”> tag. Therefore, utilizing space without any kind of alteration to carrier file as there is a limited space.

Substitution Techniques:Limited volume of data and information of carrier file has been replaced with coded representation of hidden message in substitution techniques. In this technique a Least Significant Bit (LSB) has been taken with binary representation of each picture element in graphic element.

10010101 00001101 11001001

10010110 00001111 11001010

10011111 00010000 11001011

The LSB algorithm can hide the following nine bits 101101101 by changing the last bit in each octet as needed. This results in

10010101 00001100 11001001

10010111 00001110 11001011

10011111 00010000 11001011

This example represents about the process of hiding nine bits of information and algorithm needed for changing four of nine least significant bits in these nine bytes. Changing last bit helps in creating small change in color of a pixel. Therefore, change in image is not perceptible in front of human eye (Yu, Cheng and Zhang 2016).

Figure 3: Block diagram of Steganography

(Source: Boroumand and Fridrich, 2017)

File Creation:In final stage, stego message has been used for generating a completely new file. Using Spam Mimic, a short message used to hide in text which appears to be a spam. Therefore, a normal might understand this message as spam and ignore the same. However, the receiver can decode the message. However, this technique has been inefficient as evidenced by modification of three words “steganography is interesting” to text with a word count of 574.

Figure 4: Steganographic Procedure

(Source: Boroumand and Fridrich, 2017)

What a digital forensics Investigator should know about steganalysis of digital content?

Steganalysis

Steganalysis is process of detecting small changes in patterns of a file that helps in detecting presence of hidden messages (Boroumand and Fridrich, 2017). There are various types of steganalysis as mentioned below:

  • Stego only attack- stego object has been available during analysis;
  • Known cover attack- stego object and cover have been available both;
  • Chosen stego attack- the stego object and algorithm have been available for analysis;
  • Chosen message attack- a regular message has been selected and converted to stego message for further analysis;
  • Known stego attack- the algorithm, stego message and cover message have been available for analysis.

However, steganalysis has been becoming more efficient in the market.  The complexity level of process has been reduced gradually. Therefore, detection of steganography has been based on comparison of stego file with help of detection files.  The size of the detection file has been larger in size than that of stego file (Li, Huang and Shi, 2012).  Therefore, original files are not available in the public sources. Various steganography techniques have been increased in their size of the digital carrier file.  The stego message structure has been superimposed on digital carrier data with proper analysis of properties.

Digital Forensics

Digital Forensics has been focusing in preservation of digital evidence. As commented by Song et al. (2017), digital forensics have been use of keywords, validation, identification and documentation of digital proof depicted from digital sources. The computing world has helped in the enhancement of digital media in the world.  Advanced crime scene investigation is done to look at and resolve the imperfections in the steganography (Sushith and Keerthana 2018). The use of the digital communication has been helping in enhancing the media over the internet.  Therefore, there has been various threats in the data transfer. Digital forensics deals with the investigation of threats and risks s involved in the digital world over the internet. Digital forensic experts have an idea of different type of steganalysis that have been helping in detecting several hidden messages. 

There have been various approaches to the implementation of digital forensics in the steganalysis. Some of them are discussed below:

Detection of software:

There are various cases in which steganography software itself discover its presence in the computer for investigation. The steganography application fingerprint database (SAFDB) include identification information on 625 applications that are linked with steganography. The National Institute of Standard and Technology (NIST) helps in maintaining a list of digital signatures in National Software Reference Library in which steganography software include (AL-Salhi and Lu 2016). However, traces might be found in windows registry even after removal of software. After installation of steganography software, harmful intent can be assumed until it is proven.

Detecting pairs of carrier files and stego files:

However, if some of files are deleted, it can be recovered from Recycle Bin or other file recovery software. Accordingly, advanced legal sciences is an examination of wrongdoing in an association done by criminal. Different offenders are utilizing steganography for exchanging concealed messages for expanding wrongdoing. Thusly, an advanced crime scene investigation needs to know insights about steganalysis.

Using Keywords:

There is another method of detection by using keywords for file names and content in program files. Therefore, list needs to be specific in related to steganography. For example, searching term “steg” can be used for detecting steganography (Shih 2017). Therefore, effectiveness process has been false positives and negatives depending on keyword dictionary. Most of stenographic tools used to target specific applications in the past.

Physical crime scene investigation:

The last one is the physical crime scene investigation that can be useful for gathering information.  There are various passwords used for tools printed on notes and stuck under environmental objects which helps in generating clues for potential passwords.

Digital Security Issues

Steganography tools have been used in order to maintain a legitimate approach to the security of corporate information during transfer. Steganography tools have been becoming widely available and easier to use in illicit use with legitimate use as a new challenge. There have been various cases in which unapproved applications have been installed by employees of various organizations.  These applications include instant messaging clients, screen savers and other peer-to-peer software (Song et al. 2015). It is use of scientific driven and proven methods towards preservation, identification, collection and interpretation of data derived from digital sources to restrict criminal activities and planned illegal works. Computer crimes have been increased in recent years that have been creating bug challenges in the market. Acceptable use polices have been excluded from steganography software as it is not included under banned software for legitimate issues.

Find Out How UKEssays.com Can Help You!

Our academic experts are ready and waiting to assist with any writing project you may have. From simple essay plans, through to full dissertations, you can guarantee we have a service perfectly matched to your needs.

View our academic writing services

The use of intrusion software helps in detecting abnormal transfer of graphics files. Most of the business practices do not include high level of graphic file use and traffic over internet have been increased. Information exchange should be possible between families, companions, corporates and distinctive gatherings in a lawful way. In any case, there can be illicit much too for information exchange. Accordingly, this can be risk full for society and corporates. Steganography manages mystery and correspondence change into shrouded design. Steganography incorporate different procedures that are not straightforwardly connected to PC. Therefore, the use of the stego files over the internet can be a great for the organization.  The stego files have been detected in the networked computers that can be isolated within emails.

Steganography has been a threat to the security for an organization.  The hidden message in the content material cannot be read by naked human eyes. Therefore, there might be illegal information being sent to the organization without any permit (Dutta 2016). Therefore, there is a need of proper monitoring and checking of messages being send in and out of the organization.  Therefore, both active and passive tools are required for monitoring the stenographic activates in the organizations.

Legal Issues and Challenges

Various laws have been involving in the technological aspect of the steganography that are difficult for enact in the Internet age. There are various stenographic internet communications that are done at international borders in which no jurisdictions are imposed. In 1952, The US enacted Section 1343 of the Federal Criminal Code that include wire fraud provision (Wu, Zhong and Liu 2016). This act has been linked with the Internet. Court orders have been approved on the telephonic conversations as this order has been applied on mobile communications only. As argued by Alattar, Memon and Heitzenrater (2015), criminals have been easily bypassing this law by using disposable phones. Several technologies including voice over Internet Protocol (VoIP) has been creating new challenges. Internet Telephony helps in breaking phone conversations into data packets and send them over internet. Therefore, for monitoring this kind of traffic include various destinations. Therefore, monitoring this traffic various central locations have been able to set up their voice streams in copying their intended destinations. Therefore, it might be effective in monitoring right after starting point. All packets are transferred to its required destinations.

There has been a critical balance between loss of personal privacy and different society. Various groups including American Civil Liberties Union (ACLU) have been opposing law enforcement monitoring of communications (Xia et al. 2014). The position of ACLU on technology and privacy in the US has been a risk for surveillance society. The size of the detection file has been larger in size than that of stego file.  Therefore, original files are not available in the public sources. Various steganography techniques have been increased in their size of the digital carrier file. There has been another problem with the new legislation (Denemark, Boroumand and Fridrich 2016). This law has been amended in 2004 as in its real form various technology including steganography has been prohibited. However, the government have tried to mention different approaches in the encryption technology.

Discussion

Measurable science is an innovation produced for revealing logical proof in assortment of fields. Advanced legal sciences allude to exploring wrongdoings with appropriate plausibility of computerized proof. It is the utilization of logical driven and demonstrated strategies towards safeguarding, approval, recognizable proof, gathering and understanding of information got from computerized sources to confine criminal exercises and arranged illicit works. PC wrongdoings have been expanded as of late that have been making bug difficulties in the market. Accordingly, advanced legal sciences are an examination of wrongdoing in an association done by criminal. Advanced crime scene investigation is done to look at and resolve the imperfections in the steganography (Sushith and Keerthana 2018). Different offenders are utilizing steganography for exchanging concealed messages for expanding wrongdoing. Thusly, an advanced crime scene investigation needs to know insights about steganalysis.

With the improvement of PC and growing its use in various everyday issues and work, the issue of data security has turned out to be progressively vital. One of the grounds examined in data security is the trading of data through the cover media. To this end, diverse strategies, for example, cryptography, steganography, coding, and so on have been utilized (Dang-Nguyen et al. 2015). Most steganography employments have been done on pictures, video cuts, writings, music and sounds. Nowadays, utilizing a mix of steganography and alternate techniques, data security has enhanced significantly.

Steganography apparatuses have been utilized with the end goal to keep up an authentic way to deal with the security of corporate data amid exchange. Steganography instruments have been winding up generally accessible and less demanding to use in unlawful use with authentic use as another test. There have been different cases in which unapproved applications have been introduced by workers of different associations (Farid 2018). These applications incorporate texting customers, screen savers and other shared programming. It is the utilization of logical driven and demonstrated strategies towards protection, approval, distinguishing proof, gathering and translation of information got from computerized sources to confine criminal exercises and arranged unlawful works. PC wrongdoings have been expanded as of late that have been making bug difficulties in the market. Adequate utilize polices have been prohibited from steganography programming as it does not fall under restricted programming for genuine issues.

The utilization of interruption programming helps in recognizing irregular exchange of designs records. A large portion of the business rehearses do exclude abnormal state of realistic record utilize and movement over web have been expanded. In this way, the utilization of the stego records over the web can be an incredible for the association (Bossler et al. 2017). The stego records have been distinguished in the organized PCs that can be disconnected inside messages.

Steganography has been a danger to the security for an association. The shrouded message in the substance material cannot be perused by exposed human eyes. In this way, there may be unlawful data being sent to the association with no allow. Along these lines, there is a need of appropriate observing and checking of messages being send all through the association. In this way, both dynamic and aloof devices are required for checking the stenographic enacts in the associations.

The majority of the ways to deal with steganography make them thing in like manner that they shroud the mystery message in physical protest which is sent. The accompanying figure demonstrates the steganography procedure of the cover picture being passed into the inserting capacity with the message to encode bringing about a steganographic picture containing the covered-up message. A key is regularly used to secure the shrouded message. This key is typically a secret phrase, so this key is used to scramble and decode the message when the installing. Insider facts can be covered up inside a wide range of cover data: content, pictures, sound, video and then some. Notwithstanding, there are apparatuses accessible to store insider facts inside a cover source (Watson and Dehghantanha 2016).

Web has been unequivocally utilized for exchange of information and data starting with one place then onto the next place. Information exchange should be possible between families, companions, corporates and distinctive gatherings in a lawful way. In any case, there can be illicit much too for information exchange. Accordingly, this can be risk full for society and corporates. Steganography manages mystery and correspondence change into shrouded design (Bossler et al. 2017). Steganography incorporate different procedures that are not straightforwardly connected to PC. In software engineering, steganography has been refereed to concealing information with non-mystery information. Steganography depends on a reality that documents and information can be adjusted without losing its inventiveness so human faculties cannot recognize changes.

Conclusion

It can be concluded that use of steganography has been helping in sending secret and hidden message with the help of carrier file. Steganography refers to sending hidden message without getting detected with naked human eyes. Steganalysis helps in detecting errors in the steganography. The techniques used in the steganalysis have been discussed in the report. The need of knowledge related to steganalysis by digital forensic experts have been discussed in the report.

References

 

Cite This Work

To export a reference to this article please select a referencing style below:

Give Yourself The Academic Edge Today

  • On-time delivery or your money back
  • A fully qualified writer in your subject
  • In-depth proofreading by our Quality Control Team
  • 100% confidentiality, the work is never re-sold or published
  • Standard 7-day amendment period
  • A paper written to the standard ordered
  • A detailed plagiarism report
  • A comprehensive quality report
Discover more about our
Essay Writing Service

Essay Writing
Service

AED558.00

Approximate costs for Undergraduate 2:2

1000 words

7 day delivery

Order An Essay Today

Delivered on-time or your money back

Reviews.io logo

1858 reviews

Get Academic Help Today!

Encrypted with a 256-bit secure payment provider