Steganography Resou...
 
Notifications
Clear all

Steganography Resources

8 Posts
3 Users
0 Likes
491 Views
(@laforensics)
Posts: 30
Eminent Member
Topic starter
 

Hi all,

I am interested in learning more about Steganography so I turned to Amazon to browse what written material was available on the subject. I am absolutely floored 😯 to see the price range that these books go for, even used. Here are some examples

Investigator's Guide to Steganography - by Gregory Kipper ($71.20)

Information Hiding Steganography and Watermarking - Attacks and Countermeasures - by Neil Johnson, Zoran Duric and Sushil Jajodia ($84.15)

Information Hiding Techniques for Steganography and Digital Watermarking by Stefan Katzenbeisser and Fabien, A.P. Peticolas ($86.70)

Multimedia Security Steganography and Digital Watermarking Techniques for Protection of Intellectual Property by Chun-Shien Lu ($74.95)

Security, Steganography and Watermarking of Multimedia Contents VII (Proceedings of SPIE) by Edward J. Delp ($130)

Security, Steganography and Watermarking of Multimedia Contents VI (Proceedings of SPIE) by Edward J. Delp ($140)

There are a number of others in addition to these but I didn't want this message to ramble (too late I fear). If you don't see your favorite listed, please respond with one you feel should have been.

A quick background, I am footing the bill on my computer forensics education and I am hesitant to spend money the wrong way. Can someone steer me towards the a) the best buy (money for content) and/or b) the best book on steganography? I would much appreciate it.

Thanks,
John

 
Posted : 10/05/2007 9:17 pm
 ddow
(@ddow)
Posts: 278
Reputable Member
 

Well, maybe we can start an informa poll here. I'd say it just depends on your view of forensics and how you plan to use stego. For 80% of us, a couple of online articles and playing with one of the free tools is all we'd ever need. Better to spend the money on forensic or incident response books.

 
Posted : 10/05/2007 10:06 pm
keydet89
(@keydet89)
Posts: 3568
Famed Member
 

I think that there are some pretty common misconceptions about steganography within the forensics community.

First off, I've spoken at several LEO conferences, and each person I talk to says the same thing…they don't *look* for stego unless they have a reason to…the suspect makes claims of using stego, they find stego tools, etc.

Second, how does one detect stego as having been used? S-Tools will prompt you for a password regardless of whether the file has anything hidden in it or not. Having an original and comparing hashes doesn't work because hashes will be different if you do some little as flipping a single bit.

There have been tools written (Niels Provos) to detect steganography in use (stegdetect), but these tools will only be able to give you the probability that a certain, specific algorithm was used to hide the data.

I think that the best way to use your time and money is to download some of the freeware stego tools for your platform and being working with them, looking for artifacts, etc.

HTH,

H

 
Posted : 10/05/2007 11:19 pm
(@laforensics)
Posts: 30
Eminent Member
Topic starter
 

Well, that's two votes for me to save my $$$ and not spend it on a Stego book. I'm new to forensics so I don't know how often investigators run into these issues.

I know there's a new forensics book from Syngress, I think my money would be better spent in that direction.

Thanks all,
John

PS - I'm going to do another post with my current forensics library to see if there are any "musts" that I'm missing there. I hope to do that tomorrow.

 
Posted : 11/05/2007 1:38 am
keydet89
(@keydet89)
Posts: 3568
Famed Member
 

It's not a matter of running into issues as much as it is putting some critical thought into what it is you're pursuing.

> I know there's a new forensics book from Syngress, I think my money would be better spent in that direction.

I'd have to say that that is a GREAT decision! 😉

Re forensics libraries…you're going to get a great deal of opinions regarding "musts", I'm sure…and there's nothing wrong with that. It's just that all of the reading in the world won't prepare you to actually work an investigation…

H

 
Posted : 11/05/2007 4:52 am
 ddow
(@ddow)
Posts: 278
Reputable Member
 

LAforensics, it'll also help to know a bit about your background and where you want to go. The books that someone with an IT background looking to go into forensics would be different that an accounting major wanting to do incident response.

 
Posted : 11/05/2007 8:47 am
(@laforensics)
Posts: 30
Eminent Member
Topic starter
 

Great point ddow. I do have a technical background having worked in the IT field for the past 20 years in different capacities. I've purchased the UTK and have taken the Access Data Boot Camp receiving the little acknowledgement on the cert that I passed the small test at the end. Basically it proves that I was awake. )

I went to last year's CEIC and a discussion or two dealt with Stego so I assumed it was a bit more prevalent in the real world than it appears to be.

At this point I have a ton of book learning under my belt but that and $6 will buy me a Starbucks coffee. ) I have to get actual experience.

J

 
Posted : 11/05/2007 7:18 pm
 ddow
(@ddow)
Posts: 278
Reputable Member
 

Ahhh, OK. LAforensics. So, now we know your not high school kid with an allowance. Check with local PDs, sheriff, and "for profit" examainers to see if you can volunteer your time. May or may not work. Volunteer to do "pro bono" work for public defenders or non-profit organizations on HR cases.

While waiting, build your own evidence or work with others to swap built evidence for practice examinations.

 
Posted : 11/05/2007 9:17 pm
Share: