Forensic Focus – Articles
Steganography
Simple Steganography on NTFS when using the NSRL
First published October 2009 Adam Hurwitz ahurwitz@biaprotect.com Business Intelligence Associates, Inc. 39 Broadway, NYC, NY 10006 Abstract NTFS is structured so that there can be a physical separation of the data that comprises a file and the properties or metadata of the file. One side-effect of this is that when a file is hashed on … Continue reading
Real-Time Steganalysis
First published October 2005 A Key Component of a Comprehensive Insider Threat Solution James E. Wingate, CISSP-ISSEP, CISM, IAM Director, Steganography Analysis & Research Center (SARC) and Vice President for West Virginia Operations Backbone Security.Com and Chad W. Davis, CCE Computer Security Engineer Backbone Security.Com Introduction “Ignorance is bliss.” “What you don’t know can’t hurt … Continue reading
An Analytical Approach to Steganalysis
First published August 2005 by James E. Wingate, CISSP-ISSEP, CISM, IAM Director, Steganography Analysis & Research Center http://www.sarc-wv.com Chad W. Davis Computer Security Engineer Backbone Security.Com http://www.backbonesecurity.com Introduction Rapidly evolving computer and networking technology coupled with a dramatic expansion in communications and information exchange capability within government organizations, public and private corporations and even our … Continue reading
Steganography: Implications for the Prosecutor and Computer Forensics Examiner
First published May 2005 by Gary C. Kessler April 2004 [An edited version of this paper will appear in the June 2004 issue of the National District Attorney's Association Newsletter.] “Steganography,” my colleague asked, “is that a dinosaur or an icicle hanging down in a cave?” Steganography is the science of “covered writing” and is … Continue reading
