NCJ Number
219118
Journal
Homeland Defense Journal Volume: 5 Issue: 4 Dated: April 2007 Pages: 60-63
Date Published
April 2007
Length
4 pages
Annotation
This article defines digital steganography and how it may be used to steal and secretly transfer digital data; countermeasures are proposed.
Abstract
In order to obtain solid evidence that steganography is being used to steal sensitive information and conceal criminal activity, computer forensic examiners must include steganalysis (procedures for detecting the use of steganography) as a routine component of their computer forensic procedures. This involves using the best available tools for detecting the presence and use of steganography. A comprehensive enterprise security program should include countermeasures to the threat posed by insider use of steganography. The first step is to recognize that the threat exists by developing and implementing a policy that prohibits users from having steganography applications on their work stations. Both passive and active detection tools and techniques should be used to enforce this policy. In its Federal Plan for Cyber Security and Information Assurance Research and Development, the National Science and Technology Council defines "steganography" as "the art and science of writing hidden messages in such a way that no one apart from the intended recipient knows of the existence of the message." Digital steganography refers to the disguising and transferring of computer data so that the true nature of the data being transferred is hidden from all but the sender and receiver. There are a number of motivations for criminals and terrorists to use digital steganography. Digital steganography can be used to hide Internet communications among conspirators as they plan their criminal activities. Also, insiders who have access to financial or other types of sensitive information in a computer data system can use steganography to conceal the theft and unauthorized transfer of the data to outside sources.