What are some nefarious purposes that stenography could be used for in the commission of a cybercrime? Do you think that stenography is a major security conce
What are some nefarious purposes that stenography could be used for in the commission of a cybercrime? Do you think that stenography is a major security concern? Explain why or why not. Discuss what legitimate reasons a person would have for hiding data inside of an image, video, or audio track.
Reference
Easttom, C. (2022). Digital forensics, investigation, and response (4th ed.). Jones & Bartlett Learning. https://online.vitalsource.com/#/books/9781284226065
FRN 4301, Principles of Digital Forensics 1
Course Learning Outcomes for Unit V Upon completion of this unit, students should be able to:
2. Perform data reconnaissance activities. 2.2 Detect steganography. 2.3 Perform general cryptanalysis techniques.
3. Explain methods for using forensic tools.
3.6 Retrieve files from damaged drives.
Required Unit Resources Chapter 5: Understanding Techniques for Hiding and Scrambling Information Chapter 6: Recovering Data
Unit Lesson
Techniques for Hiding and Scrambling Information In Unit IV, we looked at laws and statutes legislated in the United States and around the world that help control the spread of cybercrime. Regardless of the cybercrime legislation added to the books, cybercriminals will always believe they are smarter than those trying to catch them. Cybercriminals have a need to hide and conceal their information since they have information that could be used against them in a court of law if it were easily available to law enforcement professionals. Thus, cybercriminals will go to extraordinary means to conceal the evidence of their crime(s). Two such techniques of masking information include steganography and cryptography (Soni & Wasankar, 2013).
Steganography Steganography is the method of concealing a file, image, message, or video within a different file type. The term, steganography comes from two Greek words: steganos meaning "covered, concealed, or protected," and graphein meaning "writing." American Revolutionary War spies used steganography by using invisible ink to conceal their secret messages in plain sight (Newman, 2017). Methods of Steganography There are several ways to hide messages. The most well-known methods include:
• Least Significant Bytes (LSB): LSB, also known as the substitution method, is when the last bit or least significant bit is used to store data. Changes made in the last bit could alter the data completely as the data is stored in bits and bytes. Colored pixels in a computer are stored in bits. This method has proven to be successful in image steganography.
• Injection: Injection involves directly inserting secret information into the carrier file.
• Generation: The generation technique, unlike injection and substitution, requires only a covert file, as it is used to create the unconcealed file (Mehboob & Faruqui, 2008).
UNIT V STUDY GUIDE
Techniques for Hiding and Scrambling Information
FRN 4301, Principles of Digital Forensics 2
UNIT x STUDY GUIDE
Title
Types of Steganography A wide range of carriers are used for steganography, thus preventing the exposure of sensitive information to cybercriminals (UKEssays, 2018).
• Image steganography: This is the practice of hiding information of various types inside of an image. In image steganography, LSB insertion modifies the LSB of each color in 24-bit images or the LSBs of the 8-bit value for 8-bit images. Other types in this medium include masking and filtering, redundant pattern encoding, encrypt and scatter, and algorithms and transformations (Kaur & Rani, 2016). When converting an analog image to digital format, there are three different methods of representing colors, which are represented in the graphic below.
• Video steganography: This is the method of hiding the presence of a sensitive communique inside the sound or video track. The different approaches in this method include LSB and real-time video steganography (UKEssays, 2018).
• Audio steganography: This is the most challenging due to the vibrant range of the human auditory system (HAS). The major weakness of HAS is the differentiation between sounds, which could ultimately be utilized in encoding secret messages in audio without detection (UKEssays, 2018).
• Document steganography: This method involves altering some of the characteristics of the document. This could be an alteration of text or the text formatting. This can be done by encoding a message in neutral sentences or by storing secrets inside of text using a publically available cover source, book, newspaper and setting the background color and font color (UKEssays, 2018).
Cryptography
Cryptography is the study of techniques for securing sensitive data in the presence of adversaries by using codes that are created using preset mathematical computations called algorithms (Maldonado, 2018). The practice of manipulating data for secure transmission is cryptography; in contrast, the act of manipulating this data is termed as encryption, and the data being manipulated is known as encrypted data. Encrypted data needs to go through a reverse process, known as decryption, to attain its original form. An encryption key is used to decrypt data (Computer Hope, 2020). To safeguard and protect the data shared over the internet, use strong encryption algorithms to avoid any loss of privacy.
24-bit color
•Every pixel can have one in 2^24 colors.
•It is represented as different quantities of
three basic colors: red (R), green (G), blue (B), given by 8
bits (256 values) each.
8-bit color
•Every pixel can have one in 256 (2^8)
colors chosen from a palette or a table of
colors.
8-bit gray scale
•Every pixel can have one in 256 (2^8) shades of gray
FRN 4301, Principles of Digital Forensics 3
UNIT x STUDY GUIDE
Title
Encryption Algorithms
Cryptography is classified into two encryption algorithms, described in more detail below. Symmetric Key Cryptography This encryption system uses the same single key for encrypting and decrypting the messages. The same key is treated as a shared secret between two more individuals. The Data Encryption Standard (DES) is the standard symmetric key algorithm used with symmetric key cryptography. This system is further divided into classical cryptography. This method includes the elements listed below.
• Transposition ciphers are plaintext characters shifted according to a predetermined interval. • Substitution ciphers are individual plaintext characters replaced by a set of predetermined characters.
• Stream ciphers entail a secret-key encryption algorithm that encrypts a single bit at a time. With a stream cipher, the same plaintext bit or byte will encrypt to a different bit or byte every time it is encrypted.
• Block ciphers use a deterministic algorithm and symmetric key that encrypts a portion of the text, as opposed to one bit at a time as in stream ciphers.
Asymmetric key cryptography: Asymmetric key cryptography uses both a private and public key to encrypt and decrypt messages sent in plaintext. RSA (Rivest–Shamir–Adleman) is mostly used for an asymmetric key system (Shashank, 2019).
Steganography Versus Cryptography
Steganography
Cryptography
Steganography is known as covered writing, and it involves secure and undetectable communication.
Cryptography means secret writing, and its goal is to protect data by making it readable to only the target recipient.
Steganography can be employed on any medium such as via text, audio, video, and images.
Cryptography is implemented only on the text file.
Secret data is measured by the key length which makes the algorithm strong.
Cryptography does not rely on key lengths to make the algorithm stronger.
Spatial domain, transform domain embedding, and model-based are some of the algorithms used in steganography.
Cryptography uses techniques named as transposition, substitution, stream, and block ciphers.
Steganography is less powerful than cryptography. Cryptography is a more powerful technique.
Steganography provides only confidentiality and authentication of information.
Cryptography provides two types of authentication: (1) integrity showing the data has not been tampered with and (2) source authentication used to verify the source of the data.
Recovering Data After Deletion
Recovering deleted files from a computer after it has been seized is typically a trivial task. In some cases, depending on the skills of the perpetrator, recovering data can be quite challenging. However, there may be remnants of information that can be useful for the forensic examiner. Criminals often believe that they have deleted every trace of evidence from their system, but they are wrong. There really is not an effective method to delete data from storage drives. Often, the data can be restored with the help of professional forensic or recovery tools, even when the drive has been reformatted (Arntz, 2017).
FRN 4301, Principles of Digital Forensics 4
UNIT x STUDY GUIDE
Title
Hard Drive Sector 1
Undeleting Files Data is stored on hard drives in the form of sectors, which is an area of the disc platter defined by two radii. Modern hard drives are composed of Advanced Format, which has a 4096-byte sector. Files that are deleted remain on the storage medium until they have been overwritten. The file system overwrites clusters rather than sectors when overwriting. Clusters can consist of 1 to 128 sectors (Woodford, n.d.). Deleting files makes the cluster available for overwriting. Thus, if a suspect deletes evidence that is not overwritten by the file system, then the data is available for recovery (Occupy The Web, 2016). Recovering Information From Damaged Media Any error caused by hardware or software can lead to data loss. Damaged data is not easily read from storage media. There are two types of damage associated with damaged media, which are listed below.
• Physical damage: Physical damage results from human error or disaster (e.g., CD-ROMs have had their metallic substrate or dye layer scratched off). Hard disks can suffer from a multitude of mechanical failures, such as head crashes and failed motors, or the tapes can break. Recovery may be required due to physical damage to a storage device, preventing the device from being mounted by the host’s operating system. There are multiple techniques to recovering data from physically damaged hardware. Some damage can be repaired by replacing parts in the hard disk. This could cause the disk to become usable with logical damage. After saving the image on a reliable medium, it is time to analyze it for logical damage. This will potentially allow much of the original file system to be reconstructed (Wiener, 2018).
• Logical damage: Logical damage affects the software. Files can become unreadable due to issues related to a damaged file system or partitioned tables. File damage can also be caused by bad logical sectors and intermittent media errors. Common causes of logical file damage include the deleting and formatting of system data as well as loss of data from drives. Loss of system data causes problems with data loss and system crashes. Tools are available to help in the recovery of lost partitions and to reconstruct corrupted partition tables (Burchiam, 2017). Consistency checking and zero-knowledge analysis are two important techniques for recovering data lost from logical damage (Wiener, 2018).
File Carving File carving extracts partially deleted or damaged data. Most file carving utilities operate by looking for the file headers, which annotate the starting point of the file and the footers that annotate the ending point of the file. The file carving utility tries to pull the data that is found between these two boundaries. Various techniques involved in file craving include file structure-based carving, content-based carving, and header-footer craving.
FRN 4301, Principles of Digital Forensics 5
UNIT x STUDY GUIDE
Title
Summary We have looked at the different ways that data can be hidden, deleted, and recovered. We learned about steganography and cryptography and how they can be used to hide evidence of ongoing criminal activity. Regardless of the crime, criminals will also try to hide their tracks by deleting incriminating evidence. One part of what we do as digital forensic investigators is file carving, and we extract small fragments of data from within a much larger set. As a digital forensic investigator, you will be called upon to recover data that has been deleted and extract data that has been hidden and encrypted.
References Arntz, P. (2017, October 24). Digital forensics: How to recover deleted files. Malwarebytes Labs.
https://blog.malwarebytes.com/security-world/2017/10/digital-forensics-recovering-deleted-files/ Burchiam. (2017, March 1). Logical data recovery vs physical laboratory data recovery explained. Computer
Fixperts. https://computer-fixperts.com/data-recovery/logical-vs-physical-dr/ Computer Hope. (2020, December 31). Cryptography. https://www.computerhope.com/jargon/c/cryptogr.htm Kaur, H., & Rani, J. (2016, May). A survey on different techniques of steganography. MATEC Web of
Conferences, 57, Article 02003. https://www.matec- conferences.org/articles/matecconf/pdf/2016/20/matecconf_icaet2016_02003.pdf
Maldonado, F. (2018, April 23). Cryptography in forensics [Prezi slides]. Prezi.
https://prezi.com/rgolgdt14zbe/cryptography-in-forensics/ Mehboob, B., & Faruqui, R. A. (2008, April 23–24). A steganography implementation. In Institute of Electrical
and Electronics Engineers, 2008 International Symposium on Biometrics and Security Technologies [Symposium]. Islamabad, Pakistan. https://ieeexplore.ieee.org/document/4547669
Newman, L. H. (2017, June 26). Hacker lexicon: What is steganography? Wired.
https://www.wired.com/story/steganography-hacker-lexicon/ Occupy The Web. (2016, October 10). Digital forensics, part 3: Recovering deleted files. Hackers Arise.
https://hackers-arise.net/2023/11/05/digital-forensics-part-3-recovering-deleted-files/ Shashank. (2019, February 18). What is cryptography? – An introduction to cryptographic algorithms.
Edureka. https://www.edureka.co/blog/what-is-cryptography/ Soni, P. D., & Wasankar, P. P. (2013). Methods for hiding the data in computer forensics. International
Journal of Computer Technology & Applications, 4(1), 133–135. http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.645.4017&rep=rep1&type=pdf
UKEssays. (2018, November). The types and techniques of steganography.
https://www.ukessays.com/essays/computer-science/the-types-and-techniques-of-steganography- computer-science-essay.php?vref=1
Wiener, J. (2018, February 5). How to recover data files from a broken smartphone. All Top 9.
https://www.alltop9.com/recover-data-files-from-broken-screen-smartpohone/ Woodford, C. (n.d.). How does a hard drive work? Explain That Stuff.
https://www.explainthatstuff.com/harddrive.html
Collepals.com Plagiarism Free Papers
Are you looking for custom essay writing service or even dissertation writing services? Just request for our write my paper service, and we'll match you with the best essay writer in your subject! With an exceptional team of professional academic experts in a wide range of subjects, we can guarantee you an unrivaled quality of custom-written papers.
Get ZERO PLAGIARISM, HUMAN WRITTEN ESSAYS
Why Hire Collepals.com writers to do your paper?
Quality- We are experienced and have access to ample research materials.
We write plagiarism Free Content
Confidential- We never share or sell your personal information to third parties.
Support-Chat with us today! We are always waiting to answer all your questions.