Stenography free essay sample

The third level consists of four sublevels two under the heading of semagrams (visual and text) and two under the heading of open codes (jargon and covered ciphers). The fourth level consists of two ciphers that are found under the subheading of covered ciphers: null and grille. Now that the different levels have been identified it’s time to determine how the information is hidden using these stenographic components (Kessler 2004). Technical stenography is based on the scientific methods of hiding messages with invisible ink or microdots. The smaller the information can be made the harder it will be to find and the easier it is to hide. Linguistic stenography hides messages in the carrier waves and is broken into two additional areas semagrams and open codes. Symbols/signs are the key to using semagrams. Objects that we see every day are used in such a way to convey a hidden message. We will write a custom essay sample on Stenography or any similar topic specifically for you Do Not WasteYour Time HIRE WRITER Only 13.90 / page It can be something as simple as the arrangement on a picture of a dinner table. Text semagram hides messages through the modification of carrier text. Once again the changes are very subtle and if you don’t know what to look for them you will miss it. These enhancements can be font size and font type (Kessler 2004). Authentic carrier messages can be embedded with open codes that would not be readily detected by the average person. Within this area there are sections known as jargon and covered ciphers. We all know what pig Latin is but not everyone knows how to speak it. This is the same concept with jargon, the select group that has hidden in the information have also created their own type of language that would seem meaningless to anyone outsider. Typically this is one of the best ways to hide a message because it is often perceived as simply junk and ignored. Jargon can also have one additional section known as cue codes that are prearranged phrases that have special meanings. Covered ciphers utilize an open carrier medium basically hiding it in plain sight for those who know what to look for. Once again the average person would not suspect anything (Kessler 2004). The last two subsections to be examined are grille cipher and null cipher. The grille cipher uses a template to hide the message so the opening of the template is actually the secret message. Have you ever received instructions in school to read all the instructions before taking a test? Once you’ve ready all the instructions you find that the teacher only wants you to complete the odd number problems. This is exactly how the null cipher works. The group that has decided to use this method simply establishes a set of instructions for retrieving the hidden message from what could be a jumble of unidentifiable streams of numbers and letters. Since the hidden messages are in the graphics I will look for symbols and arrangements within the pictures that might lead to the message itself. If there is any type of text that is included with the picture I will check the font size and the font type (Kessler 2004). Also, I will look at the context of the text to see if any additional patterns emerge such as every 12th letter in the sentences reveals the hidden message. All of my investigation searching will not be done manually because it will take too much time and also as a human there are pieces of information that I might miss. I will use Stegdetect to speed up the process. Stegdetect is an automated tool for detecting steganographic content in images. It is capable of detecting several different steganographic methods to embed hidden information in JPEG images (Provos 2004). Case Project 9-3: A drive that you are investigating contains several password-protected files and other files with headers that do not match the extension. What procedures would you need to follow to retrieve the evidence? Identify the mismatched file headers to extensions and discuss techniques you can apply to recover passwords from the protected files. In a previous investigation the subject was using stenography to hide secret messages. In this case there is a section that has mismatched file headers. This could possibly be the makings of a grille cipher. Basically, a cipher is part of the sublevel covered ciphers under the sublevel of open codes. Long story short the hidden message is located in the header itself but it is not extremely obvious (Kessler 2004). Those that don’t know what to look for would automatically pass it up. I know exactly what to look for plus I have Stegdetect as a type of software alert that will reveal any hidden essages that might be located on the file names themselves (Provos 2004). There are also issues with passwords that need to be recovered so that the protected files can be opened. This is a delicate process because some suspects in order to keep from getting caught will create a failsafe for their files. The objective of the failsafe is to allow only a certain number of tries to get the correct password before all the files are deleted from the system. At the very least thi s is simply a time consumer problem to solve. There are different ways to retrieve deleted information either completely or partially depending upon the level of physical damage. If the files are too corrupted then it will be almost impossible to retrieve the needed evidence. There are some tools that can be used in order to retrieve lost passwords: OutlookPasswordDecryptor and WebBrowserPassView. Both tools are freeware which can be used with Microsoft systems. OutlookPasswordDecryptor enables recover of forgotten Outlook e-mail account passwords that are stored in the Outlook account settings but hidden behind asterisk characters. WebBrowserPassView is a password recovery tool that enables you to view all website logins and passwords that are stored in Internet Explorer, Firefox, Opera and Google Chrome browsers (Snapfiles. com 2007). References Kessler, Gary C. (2004 February). An Overview of Steganography for the Computer Forensics Examiner. Retrieved March 30, 2011, from Provos, Niels. (2004 September 5). Steganography Detection with Stegdetect. Retrieved March 30, 2011, from http://www. outguess. org/detection. php Snapfiles. com. (2007). Password Recovery. Retrieved March 30, 2011, from http://www. snapfiles. com/freeware/security/fwpasswordrecovery. html