stegdetect - How re...
 
Notifications
Clear all

stegdetect - How reliable?

14 Posts
4 Users
0 Likes
1,142 Views
(@olddawg)
Posts: 108
Estimable Member
Topic starter
 

I just ran stegdetect on a bunch of jpg files for a case I'm working on and got hundreds of hits. I ran it because I noticed many versions of the same pictures with slight changes such as clarity, color tone, etc. Anybody else here use stegdetect?

 
Posted : 06/12/2006 12:37 am
skip
 skip
(@skip)
Posts: 57
Trusted Member
 

What is your question?

Do you want to know if its any good? Does it give a lot of false positives?

I think the answer to your question is "yes."

What I think you should do if you are in doubt about its capabilites is go and get a different Stego Finder and compare the results…

Skip

 
Posted : 06/12/2006 2:18 am
(@olddawg)
Posts: 108
Estimable Member
Topic starter
 

Well, I suppose there are two questions.

The first one is the title of this thread, "Stegdetect - How reliable"?

The second one is the last sentence of the original post, and is "Anybody else here use stegdetect"?

So, if I can extrapolate from your post, I *think* you are saying that it is reliable but might have false positives.

Question Is the last statement above correct? roll

 
Posted : 06/12/2006 4:00 am
(@forensicon)
Posts: 17
Active Member
 

I agree with the last two posts, are you saying it is reliable or not? If you are questioning reliability you should try and compare it to another tool for stego detection. StegoSuite, from Wetstone, is another tool that you could compare it to. I don't know the differences really between the two but at least it would offer you a good comparison for both.

I'm kind of new to the field, so hopefully this is at least helps and isn't a totally useless reply… roll

I do enjoy the forum though, keep up the good work guys

 
Posted : 06/12/2006 7:49 pm
(@olddawg)
Posts: 108
Estimable Member
Topic starter
 

I agree with the last two posts, are you saying it is reliable or not? If you are questioning reliability you should try and compare it to another tool for stego detection. StegoSuite, from Wetstone, is another tool that you could compare it to. I don't know the differences really between the two but at least it would offer you a good comparison for both.

I'm kind of new to the field, so hopefully this is at least helps and isn't a totally useless reply… roll

I do enjoy the forum though, keep up the good work guys

 
Posted : 07/12/2006 12:00 pm
(@olddawg)
Posts: 108
Estimable Member
Topic starter
 

You ever get caught in a time warp or a twisting of the space/time continuum??? roll

I in no way questioned the reliability of stegdetect. Prove to me where I said that roll

Geez.

I only asked if anyone else has experience with this software and how reliable they thought it was. Don't read all sorts of life-questions into it.

- Has anyone here used this software?
- How reliable did you find it?

I cannot make my questions any more brief or to the point and anyone who wishes to read anything into them needs to take a pill D

Nate! You ever use this stuff? Help me here, bro!

 
Posted : 07/12/2006 12:04 pm
MrStego
(@mrstego)
Posts: 16
Active Member
 

Stegdetect can give a lot of false positives. JPG files are pretty limited in their payload size, so depending on what you are looking for, would depend on whether you could discount them.

 
Posted : 14/12/2006 6:07 pm
skip
 skip
(@skip)
Posts: 57
Trusted Member
 

Stegdetect can give a lot of false positives. JPG files are pretty limited in their payload size, so depending on what you are looking for, would depend on whether you could discount them.

True…but is it reliable?

That is the question here.

Skip

 
Posted : 14/12/2006 9:21 pm
MrStego
(@mrstego)
Posts: 16
Active Member
 

True…but is it reliable?

That is the question here.

For detecting steganograpic material appended to the end of the file - Yes

For detecting DCT embedded material from known programs that use a signature, for example jsteg - Yes

For all others, I would say No. The reason is that when I tested it, it gave a lot of false positives. It also missed some DCT embedded stego by an unknown program that does not use a signature.

 
Posted : 15/12/2006 5:04 am
skip
 skip
(@skip)
Posts: 57
Trusted Member
 

True…but is it reliable?

That is the question here.

For detecting steganograpic material appended to the end of the file - Yes

For detecting DCT embedded material from known programs that use a signature, for example jsteg - Yes

For all others, I would say No. The reason is that when I tested it, it gave a lot of false positives. It also missed some DCT embedded stego by an unknown program that does not use a signature.

So you are saying you can "depend" on it to NOT detect steg when it is done with cosine trans from an unknown program.
So, you can "rely" on it to miss those and get the others….

Skip

 
Posted : 19/12/2006 2:45 am
Page 1 / 2
Share: