Steganography
Steganography is the practice of concealing information within ordinary-looking documents or electronic files, making it undetectable to anyone except the intended recipients. The term originates from Greek, meaning "covered writing," and it serves as a method to transmit sensitive data without revealing its existence. Unlike cryptography, which obscures the content of information while signaling its hidden presence, steganography disguises the very presence of the information itself. Historically, steganography has been used in various forms, such as during World War II when spies employed invisible ink or microdots to convey messages discreetly.
In contemporary usage, steganography often involves embedding secret information in digital formats like text documents, images, or audio files. Techniques for hiding data typically replace less significant bits in the original file, enhancing the concealment of the hidden message. However, steganalysis, the science of detecting such hidden information, plays a crucial role in forensic investigations, enabling experts to uncover concealed data using specialized software. Despite its potential for illicit use in cybercrime and industrial espionage, steganography's ability to securely convey information remains a significant aspect of digital communication.
On this Page
Subject Terms
Steganography
DEFINITION: Method of hiding information within written documents or electronic files in ways that are not obvious to anyone except the intended recipients.
SIGNIFICANCE: In examining electronic evidence in cases of computer-related crimes, forensic scientists may determine that steganography has been used to pass sensitive information in innocent-looking documents or other electronic files.
The term “steganography” comes from two Greek words: steganos, meaning “covered,” and graphos, meaning “writing.” Thus, steganography is the science of covered, or hidden, writing. Steganography differs from cryptography. In cryptography, the presence of hidden information is clear, even though the information cannot be read easily because it is encoded. In steganography, the presence of hidden information is disguised in an ordinary-looking document that gives no clue to its presence. The hidden information may or may not be encoded; the strength of steganography is that the very presence of the secret information is not apparent. The information does not call attention to itself, and uninitiated viewers simply see the cover document and have no reason to look for additional information in it.
Steganography has a long history. The ancient Greeks are reported to have tattooed secret messages on the shaved heads of slaves, waited for the hair to grow back, and then send the slaves to deliver the hidden messages. During World War II, spies conveyed secret information in ordinary letters by writing between the lines in invisible ink that became visible only when the paper was heated. Photographic microdots were also used during World War II and after, over the course of the Cold War. One of these tiny dots could be substituted for a period at the end of a sentence in a document; the recipient would then remove the dot and enlarge it to retrieve the information it contained.
Modern steganographic techniques involve the insertion of hidden information into computer files. Information can be inserted into text documents, into picture files such as JPEG files, or into audio files such as MP3 files. The secret information is hidden from the ordinary viewer or listener, but the intended recipient can extract the information using a special program and password. Many techniques have been developed for hiding electronic data in computer files using easily available software. The hidden data generally replace irrelevant or relatively unimportant bits in the original file. Data are most successfully hidden when the size of the secret message is small compared with the size of the cover file.
The science of detecting information that has been hidden in this way is called steganalysis. Computer forensics experts can detect data hidden with steganography by using programs designed for this purpose. In their simplest form, these programs compare original (clean-copy) files with altered (data-inserted) files, but many more sophisticated methods of steganalysis have also been developed.
Persons involved in computer-related crime may use steganography to conceal information about their activities from both casual observers and investigators. Also, steganography may be used in industrial espionage to export sensitive information from company computers to competitors. This method of passing hidden messages has many other potential uses as well.
In 2020, steganographic methods were used to carry out several high-profile cybercrimes. In one, criminals embedded skimming malware inside the logo graphics on a Dutch e-commerce checkout page. That same year, another attack used steganography to hide malware inside an image taken from a reputable website. The malware was designed to infect Excel documents and steal Microsoft passwords.
Bibliography
Desoky, Abdelrahman. Noiseless Steganography: The Key to Covert Communications. Boca Raton: CRC, 2012. Print.
Fridrich, Jessica. Steganography in Digital Media: Principles, Algorithms, and Applications. New York: Cambridge UP, 2010. Print.
Katzenbeisser, Stefan, and Fabien A. P. Petitcolas, eds. Information Hiding: Techniques for Steganography and Digital Watermarking. Norwood: Artech, 2000. Print.
Radcliff, Deborah. “Stenography: Hidden Data.” Computerworld. Computerworld, 10 June 2002. Web. 11 Mar. 2015.
Wayner, Peter. Disappearing Cryptography: Information Hiding; Steganography & Watermarking. 3rd ed. Burlington: Morgan, 2009. Print.
"What Is Steganography? Definition and Explanation." Kaspersky, 2024, www.kaspersky.com/resource-center/definitions/what-is-steganography. Accessed 19 Aug. 2024.