The term ‘Steganography’ refers to ‘covered writing’ and encompasses methods of transmitting secret messages through innocuous cover carriers in a manner that their existence is undetectable. Johnson & Jojodia (1998). For years hackers have been finding more innovative ways of hiding data within existing systems usually for the purpose of transporting it to a target destination. The term ‘carrier’ often refers to a type of common file that covert information can be embedded in unknowingly to anyone else. Kessler (2007) discusses the fact that any form of digital information can be stored inside many types of carrier files, including image, audio, video and executable files. Digital forensics tools can be used to scan carriers to determine whether or not suspicious information lies underneath the surface.
Another method of hiding data can be accomplished through the use of covert channels. This occurs when illegitimate hidden information or data is sent secretly via a legitimate communication channel. The process occurs through the manipulation of communications medium in an unconventional way in order to transmit data that is unseen in everyday operations. Thyer (2008). Johnson & Sallee (2008) discuss the application of Steganalysis, uncovering hidden data in covert channels through analysis and examination. They look at ways to detect information hidden within a stream of data when transmitted from one system to another. Criminals will continue to find ways to hide information using existing day to day technologies and as such the field of digital forensics will continue to evolve in order to detect and use such evidence in legal cases.
References:
Johnson, N. F., & Jajodia, S. (1998, September). Steganalysis: The investigation of hidden information. In Information Technology Conference, 1998. IEEE (pp. 113-116). IEEE.
Johnson, N. F., & Sallee, P. A. (2008). Detection of hidden information, covert channels and information flows. Wiley Handbook of Science and Technology for Homeland Security.
Kessler, G. C. (2007, March). Anti-forensics and the digital investigator. In Australian Digital Forensics Conference (p. 1).
Thyer, J. (2008). Covert Data Storage Channel Using IP Packet Headers. Retrieved from: https://www.sans.org/reading-room/whitepapers/covert/covert-data-storage-channel-ip-packet-headers-2093