From ForensicsWiki
Revision as of 02:41, 21 July 2008 by Tookiewana (Talk | contribs)

Jump to: navigation, search

External links


  • Steganography Analysis and Research Center The Steganography Analysis and Research Center is a Center of Excellence within Backbone Security focused exclusively on steganography research and the development of various steganalysis products and services.

Steganalysis Training

Algorithms and Tools

  • Steganography Application Fingerprint Database A fundamental goal of the SARC is to collect steganography, watermarking, and other data-hiding applications from various sources and incorporate file profiles computed from them into the SAFDB. The SAFDB can be used to review files on seized media by matching file profiles in the SAFDB. SAFDB is the most extensive steganography hash set publicly available. The file profiles contain identifying information such as filename, associated application name, file size, and several unique hash values. These hash values may be used to determine the presence of a steganography application or artifact of a steganography application on the media being examined. The SAFDB is available for download in formats compatible with most of the popular digital forensic tools and utilities: EnCase, Forensic Toolkit (FTK), HashKeeper, ILook, and ProDiscover. MD5 extracts of SAFDB are freely available for law enforcement. Contact the SARC for details.
  • Steganography Analyzer Artifact Scanner (StegAlyzerAS) StegAlyzerAS gives you the capability to scan the entire file system, or individual directories, on suspect media for the presence of steganography application artifacts. And, unlike other popular forensic tools, you can perform an automated or manual search of the Windows Registry to determine whether or not any Registry keys or values exist that can be associated with a particular steganography application.
  • Steganography Analyzer Signature Scanner (StegAlyzerSS) StegAlyzerSS gives you the capability to scan every file on the suspect media for the presence of hexadecimal byte patterns, or signatures, of particular steganography applications in the files. If a known signature is detected, it may be possible to extract information hidden with the steganography application associated with the signature.
  • Steganography Analyzer Real-Time Scanner (StegAlyzerRTS) StegAlyzerRTS is the first commercially available network security appliance in the world capable of detecting the fingerprints and signatures of digital steganography applications in real-time.