Everand Logo

Welcome to Everand!

  • Discover millions of ebooks, audiobooks, and so much more with a free trial

    Only $11.99/month after trial. Cancel anytime.

    Data Hiding: Exposing Concealed Data in Multimedia, Operating Systems, Mobile Devices and Network Protocols
    Data Hiding: Exposing Concealed Data in Multimedia, Operating Systems, Mobile Devices and Network Protocols
    Data Hiding: Exposing Concealed Data in Multimedia, Operating Systems, Mobile Devices and Network Protocols
    Ebook426 pages8 hours

    Data Hiding: Exposing Concealed Data in Multimedia, Operating Systems, Mobile Devices and Network Protocols

    By Michael T. Raggo and Chet Hosmer

    4.5/5

    ()

    Read preview

    About this ebook

    As data hiding detection and forensic techniques have matured, people are creating more advanced stealth methods for spying, corporate espionage, terrorism, and cyber warfare all to avoid detection. Data Hiding provides an exploration into the present day and next generation of tools and techniques used in covert communications, advanced malware methods and data concealment tactics. The hiding techniques outlined include the latest technologies including mobile devices, multimedia, virtualization and others. These concepts provide corporate, goverment and military personnel with the knowledge to investigate and defend against insider threats, spy techniques, espionage, advanced malware and secret communications. By understanding the plethora of threats, you will gain an understanding of the methods to defend oneself from these threats through detection, investigation, mitigation and prevention.
    • Provides many real-world examples of data concealment on the latest technologies including iOS, Android, VMware, MacOS X, Linux and Windows 7
    • Dives deep into the less known approaches to data hiding, covert communications, and advanced malware
    • Includes never before published information about next generation methods of data hiding
    • Outlines a well-defined methodology for countering threats
    • Looks ahead at future predictions for data hiding
    LanguageEnglish
    PublisherElsevier Science
    Release dateDec 31, 2012
    ISBN9781597497411
    Data Hiding: Exposing Concealed Data in Multimedia, Operating Systems, Mobile Devices and Network Protocols
    Author

    Michael T. Raggo

    Michael Raggo (CISSP, NSA-IAM, ACE, CSI) has over 20 years of security research experience. His current focus is threats and countermeasures for the mobile enterprise. Michael is the author of “Data Hiding: Exposing Concealed Data in Multimedia, Operating Systems, Mobile Devices and Network Protocols” for Syngress Books. A former security trainer, Michael has briefed international defense agencies including the FBI and Pentagon, is a participating member of the PCI Mobile Task Force, and is a frequent presenter at security conferences, including Black Hat, DEF CON, DoD Cyber Crime, InfoSec, SANS, and OWASP.

    Related to Data Hiding

    Related ebooks

    Security For You

    View More
    View More

    Related podcast episodes

    Related articles

    • Article

      “Someone Who Under Takes A Ransomware Attack Isn’t A Hacker, They’re An Attacker”

      Aug 12, 2021

      If you’ve ever attended an infosec or cybersecurity event, you will no doubt have noticed the preponderance of “Hacking is NOT a Crime” stickers. In 2018, some 500 such stickers were handed out at the DEF CON 26 event, the following year 5,000 were d

      7 min read

    • Article

      Sherlock

      May 31, 2022

      Sherlock
      1 min read

    • Article

      Rise Of The Robots

      Jan 12, 2021

      Rise Of The Robots
      7 min read

    • Article

      Use Home Assistant NodeRED devices

      May 31, 2022

      NodeRED is an open source graphical programming environment that can be used to complete a large number of tasks. Graphical programming languages tend to be more intuitive than textual programming languages and can be easier to learn. Support is buil

      5 min read

    • Article

      Tsurugi Linux 2019.1

      Sep 24, 2019

      Tsurugi Linux 2019.1
      2 min read

    • Article

      Hacker’s Manual

      Nov 17, 2020

      Hacker’s Manual
      1 min read

    • Article

      Hack The Planet/Parrot

      May 31, 2022

      Hack The Planet/Parrot
      2 min read

    • Article

      Hacker Distributions

      Nov 17, 2020

      Hacker Distributions
      1 min read

    • Article

      Nmap Deep Dive

      May 31, 2022

      Nmap Deep Dive
      5 min read

    • Article

      ‘Open Ports’ Leave a Hole in Smartphone Security

      May 8, 2017

      Smartphone apps that use “open ports” to share and receive data are more vulnerable to security breaches than previously thought, mainly due to the their widespread use in internet communication, a new study suggests. The vulnerability the researcher

      3 min read

    • Article

      Lint Hub

      Jul 27, 2021

      Pylint – a comprehensive linter that focuses on standards compliance and error detection. It’s likely built into your favourite IDE. Pycodestyle (formerly known as PEP8) – focuses on validating code formatting PEPs, has some overlap with Pylint. Pyfl

      1 min read

    • Article

      Data Recovery

      Mar 21, 2022

      Data Recovery
      12 min read

    • Article

      Airwave Autonomy

      Aug 10, 2021

      Airwave Autonomy
      7 min read

    • Article

      Plugins For Nnn

      Aug 10, 2020

      Nnn is tiny but highly extensible. There are several plugins available in the Git repo (check out the list at https://github.com/jarun/nnn/tree/ master/plugins, which also shows their dependencies), and even a script to install them easily. You can r

      1 min read

    • Article

      Introducing Kali

      Nov 17, 2020

      Introducing Kali
      4 min read

    • Article

      Introducing Kali

      Mar 2, 2021

      Introducing Kali
      4 min read

    • Article

      Hacker’s Toolkit 2o22

      May 31, 2022

      Hacker’s Toolkit 2o22
      1 min read

    Related categories

    Reviews for Data Hiding

    4.5/5

    3 ratings0 reviews

    What did you think?

    Tap to rate

    Review must be at least 10 words

      Book preview

      Data Hiding - Michael T. Raggo

      culture.

      Preface

      It’s 4 AM at Spika, a small cramped Internet Café in downtown Prague. A young student is sipping a coffee in the back corner of the café. He enters a blog and posts a photograph with the caption Zhelayu vsego khoroshego or (wishing you the best). At precisely 6 A.M. dozens of Botnet operators visit the same blog page automatically retrieving the photograph posted as instructed. The operators have repeated this operation for months, as done many times before, the bot operators save the image and copy down the caption. They extract the first 8 Fibonacci characters from the caption Zhelayu vsego khoroshego (1,1,2,3,5,8,13,21) that yield ZZhea oh. Next they load the image into a steganography program named JPHS, and use the Fibonacci extracted pass phrase ZZhea oh. However, unlike days before, the program asks for the name of a file to store the hidden contents. Normally it rudely reports incorrect pass phrase …. But not today.

      As instructed the bot operator’s type in attack.txt and press Enter. The file attack.txt is then created. It contains a simple list of 2,047 IP addresses along with the date of May 9, 2007. The bot operators activate their team of zombies that are spread across the globe dutifully awaiting orders. They provide the attack list and set the attack date to May 9th, 2007. On the morning of May 9th, one of the most wired countries in Europe has instantly become and island, as 100,000+ zombies surgically attack their country’s infrastructure with a relentless distributed Denial of Service attack that lasts over a week, thereby isolating this small country 300 miles east of Stockholm. Most of us in the western world have never heard of this country, but it’s one we won’t soon forget.

      The zombies are now asleep, but the bot operators continue to wait for new images with lists of the next victims to attack with their even larger army of zombies.

      Obviously, this is a factious and sensationalized rendering of how the cyber attacks on this small but now well-known country of Estonia began. Or is it?

      The use of steganography and hidden codes has been part of warfare for over 3,000 years now. The success or failure of missions in many cases depends on the ability to securely and covertly command, control and communicate. When the mission is international espionage, communication with agents abroad, communication within criminal and/or terrorist organizations, or advanced persistent cyber threats, the requirement for this type of communication only increases. The goals of covert communications haven’t changed much in the last 3,000 years, however, the methods and techniques continue to evolve as new means of hiding data appear.

      Over the past decade data hiding has steadily moved from digital images to multimedia files, then to network protocols, and now Smart mobile devices. As the capabilities of our computing platforms and the bandwidth of our networks increases, and the mobility of our communication device of choice accelerates, so does the means to leak information or covertly communicate anywhere and anytime.

      Taking a snap-shot in time, this book examines the trends, latest threats, methods and techniques employed by those hiding data and covertly communicating. The book also examines methods to detect, analyze and uncover such methods, while looking toward the future to extrapolate what might be next.

      Chapter 1

      History of Secret Writing

      Information in this chapter:

       Introduction

       Cryptology

       Steganography

      Introduction

      Data Hiding transcends nearly every aspect of our daily lives, whether it be for good intent or evil. It stemmed from secret writing thousands of years ago, as cited by David Kahn and many historians. It originated in Egyptian civilization in the form of hieroglyphs, intended as symbolic representations of historical timelines for particular lords. Other cultures of the time, such as the Chinese, took a more physical approach to hiding messages by writing them on silk or paper, rolling it into ball, and covering it with wax to communicate political or military secrets. For added security measures, the ball was even be swallowed during transit. As civilization evolved, forms of covert communications became more sophisticated and cryptograms and anagrams advanced.

      David Kahn’s The Codebreakers is arguably the most comprehensive historical book about Secret Communications through the ages. Below is a timeline of some of the most notable innovations over the centuries dating back to Egypt and China (see Figure 1.1).

      Figure 1.1 Data Hiding, Concealment, and Steganography Timeline

      As evident throughout history, secret writing evolved from the need for covert communications. And what is used by our own militaries today to protect us from evil intent, is also used by our enemies to attack our well being. As technology has evolved, so have the ways in which data hiding is used. Today, it is commonly used in corporate espionage, spy communication, malware, child exploitation, and terrorism. Malicious data hiding occurs daily all around us, and many times undetected.

      In this book we hope to enlighten you, the reader, with information about the many ways in which data hiding is used, from physical mediums to digital mediums. Although there is the ongoing threat of criminal activity, data hiding is actually a very interesting and fun hobby and for some people, a career. Let’s begin by reviewing the history behind what brought us to digital data hiding, by reviewing many of the techniques of our ancestors and the basis behind cryptography and steganography.

      Cryptology

      Cryptograms and anagrams are commonly found in newspapers and puzzle books. Cryptograms substitute one character for another. In terms of the alphabet, one letter is substituted for another. The goal of the cryptogram is for the individual to determine what letters are substitutes for others, and use this substitution to reveal the original message. In anagrams, the characters that make-up a message are rearranged rather than substituted.

      In either case, the message is made secret by the method or algorithm used to scramble it. There is typically also a key known only to the sender and receiver, such that no one else can read or decipher the message. This secret message is commonly referred to as a cipher text. An eavesdropper cannot read the message unless they determine the algorithm and key. The process of decoding the message is referred to as cryptanalysis (see Figure 1.2).

      Figure 1.2 Cryptography

      Substitution Cipher

      In cryptography, a substitution cipher is a method of encryption in which plaintext is substituted with cipher text using a particular method or algorithm. The plaintext can be replaced by letters, numbers, symbols, etc. The algorithm defines how the substitution will occur and is based upon a key. Therefore, the recipient of the message must know the algorithm and the key (or keying mechanism) in order to decipher the message. When the recipient receives the encrypted message, he/she will use this known substitution algorithm, to decipher the message to reveal the plaintext message.

      Caesar

      Julius Caesar (100–44 B.C.) initially created a substitution cipher for military purposes that involved substituting Greek letters for Roman letters, thereby making the message unreadable to the enemy. Caesar later created the more commonly known Shift Cipher. Caesar simply shifted the letters of the alphabet by a specified amount. This shifted alphabet was then used for the substitution cipher. In both cases, the original alphabet was substituted by a different character substitution, also referred to as a cipher alphabet or monoalphabetic cipher. For example:

      A B C D E F G H I J K L M N O P Q R S T U V W X Y

      Enjoying the preview?
      Page 1 of 1