Available:*
Library | Item Barcode | Call Number | Material Type | Item Category 1 | Status |
|---|---|---|---|---|---|
Searching... | 30000010321872 | QA76.9.A25 R346 2013 | Open Access Book | Book | Searching... |
On Order
Summary
Summary
As data hiding detection and forensic techniques have matured, people are creating more advanced stealth methods for spying, corporate espionage, terrorism, and cyber warfare all to avoid detection. Data Hiding provides an exploration into the present day and next generation of tools and techniques used in covert communications, advanced malware methods and data concealment tactics. The hiding techniques outlined include the latest technologies including mobile devices, multimedia, virtualization and others. These concepts provide corporate, goverment and military personnel with the knowledge to investigate and defend against insider threats, spy techniques, espionage, advanced malware and secret communications. By understanding the plethora of threats, you will gain an understanding of the methods to defend oneself from these threats through detection, investigation, mitigation and prevention.
Author Notes
Michael Raggo (CISSP, NSA-IAM, CCSI, SCSA, ACE, CSI) has over 20 years of information security and forensic experiences as a consultant and trainer.
Chet Hosmer is the Chief Scientist Sr. Vice President at Allen Corporation.
Table of Contents
| Dedication | p. V |
| Raggo Acknowledgments | p. VII |
| Hosmer Acknowledgments | p. IX |
| About the Authors | p. XV |
| About the Techical Editor | p. XVII |
| Preface | p. XIX |
| Chapter 1 History of Secret Writing | p. 1 |
| Introduction | p. 1 |
| Cryptology | p. 2 |
| Substitution Cipher | p. 3 |
| Transposition Cipher | p. 8 |
| The Difference Between Substitution Ciphers and Transposition Ciphers | p. 10 |
| Steganography | p. 10 |
| Cardano's Grille | p. 11 |
| Summary | p. 17 |
| References | p. 17 |
| Chapter 2 Four Easy Data Hiding Exercises | p. 19 |
| Hiding Data in Microsoft Word | p. 20 |
| Image Metadata | p. 26 |
| Mobile Device Data Hiding | p. 29 |
| File Compression Tool Data Hiding | p. 33 |
| Summary | p. 38 |
| References | p. 39 |
| Chapter 3 Steganography | p. 41 |
| Introduction | p. 41 |
| Steganographic Techniques | p. 42 |
| Insertion Methods | p. 43 |
| Modification | p. 46 |
| Hiding in PDFs (Insertion Meets LSB) | p. 49 |
| Hiding in Executables (Hydan) | p. 52 |
| Hiding in HTML | p. 54 |
| Steganalysis | p. 55 |
| Anomalous Analysis | p. 58 |
| Steganalysis Tools | p. 59 |
| Freeware Tools | p. 59 |
| Summary | p. 66 |
| References | p. 67 |
| Chapter 4 Multimedia Data Hiding | p. 69 |
| Multimedia Overview | p. 69 |
| Data Hiding in Digital Audio | p. 70 |
| Simple Audio File Embedding (Imperceptible Approach) | p. 70 |
| Data hiding in a .wav file | p. 73 |
| StegAnalysis of LSB Wave Data Hiding | p. 78 |
| Advanced Audio File Embedding | p. 79 |
| Audio Summary | p. 79 |
| Data Hiding in Digital Video | p. 80 |
| MSU Stego | p. 80 |
| TCStego | p. 83 |
| Summary | p. 89 |
| References | p. 90 |
| Chapter 5 Data Hiding Among Android Mobile Devices | p. 91 |
| Android Overview | p. 91 |
| Android ImgHid and Reveal App | p. 91 |
| Analysis of the Resulting ImgHid Data Hiding Operation | p. 95 |
| Android My Secret App | p. 98 |
| Stego Analysis of the Resulting My Secret Images | p. 100 |
| Summary | p. 101 |
| StegDroid | p. 102 |
| Using the Android Application | p. 103 |
| Summary | p. 106 |
| References | p. 106 |
| Chapter 6 Apple iOS Data Hiding | p. 107 |
| Introduction | p. 107 |
| Mobile Device Data Hiding Applications | p. 107 |
| Spy Pix Analysis | p. 110 |
| Stego Sec Analysis | p. 116 |
| InvisiLetter Analysis | p. 125 |
| Summary | p. 130 |
| References | p. 131 |
| Chapter 7 Operating System Data Hiding | p. 133 |
| Windows Data Hiding | p. 135 |
| Alternate Data Streams Reviewed | p. 135 |
| Stealth Alternate Data Streams | p. 138 |
| Volume Shadowing | p. 140 |
| Linux Data Hiding | p. 150 |
| Linux Filename Trickery | p. 150 |
| Extended Filesystem Data Hiding | p. 151 |
| TrueCrypt | p. 157 |
| References | p. 166 |
| Chapter 8 Virtual Data Hiding | p. 167 |
| Introduction | p. 167 |
| Hiding a Virtual Environment | p. 168 |
| Getting Started | p. 168 |
| A Review of Virtual Environments | p. 171 |
| VMware Files | p. 172 |
| Hiding Data in a VMware Image | p. 172 |
| Summary | p. 179 |
| References | p. 179 |
| Chapter 9 Data Hiding in Network Protocols | p. 181 |
| Introduction | p. 181 |
| VoIP Data Hiding | p. 184 |
| Delayed Packet Modification Method | p. 187 |
| IP Layer Data Hiding, The TTL Field | p. 188 |
| Investigating Protocol Data Hiding | p. 190 |
| Summary | p. 191 |
| References | p. 191 |
| Chapter 10 Forensics and Anti-Forensics | p. 193 |
| Introduction | p. 193 |
| Anti-Forensics-Hiding your tracks | p. 194 |
| Data Hiding Passwords | p. 194 |
| Hiding Your Tracks | p. 195 |
| Forensics | p. 197 |
| Looking for Data Hiding Software | p. 198 |
| Finding Remaining Artifacts | p. 199 |
| Identifying and View Cached Images (Cache Auditing Tools) | p. 203 |
| Evidence in Thumbnails | p. 204 |
| Searching for Hidden Directories and Files | p. 208 |
| Network IDS | p. 209 |
| Summary | p. 211 |
| References | p. 211 |
| Chapter 11 Mitigation Strategies | p. 213 |
| Forensic Investigation | p. 213 |
| Step 1 Steganography Use Discovery | p. 213 |
| Step 2 Steganography Carrier Discovery | p. 215 |
| Step 3 Hidden Content Extraction | p. 215 |
| Mitigation | p. 216 |
| Network Technologies for detecting Data Hiding | p. 219 |
| Endpoint Technologies for detecting Data Hiding | p. 223 |
| Summary | p. 225 |
| References | p. 227 |
| Chapter 12 Futures | p. 229 |
| The Future, and the Past | p. 229 |
| Future Threats | p. 230 |
| Steganography as a Countermeasure | p. 233 |
| Current and Futuristic Combined Threats | p. 235 |
| Summary | p. 236 |
| Index | p. 237 |
