NSA, Pentagon, police fund research into steganography detection

Declan McCullagh lists at politechbot.com
Tue Feb 20 08:13:23 PST 2001 



http://www.wired.com/news/politics/0,1283,41861,00.html

   Secret Messages Come in .Wavs
   by Declan McCullagh (declan at wired.com)

   2:00 a.m. Feb. 20, 2001 PST
   FAIRFAX, Virginia -- Neil Johnson has a job that's nothing if not
   unusual: He investigates how to uncover concealed messages embedded in
   sound and video files.
   
   A researcher at Virginia's George Mason University, Johnson is one of
   a small but growing number of digital detectives working in the field
   of computer steganalysis -- the science of detecting hidden
   communications.
   
   "I analyze stego tools," said the 32-year-old security specialist who
   is the associate director of GMU's Center for Secure Information
   Systems. "I try to find out what can be detected or disabled. I see
   what their limitations are."
   
   The tools he's talking about include programs such as Steghide, which
   can embed a message in .bmp, .wav and .au files; and Hide and Seek,
   which works with .gif images.
   
   Most computer-based steganography tools have one thing in common: They
   conceal information in digitized information -- typically audio, video
   or still image files -- in a way that prevents a casual observer from
   learning that anything unusual is taking place.
   
   The surprising news, according to Johnson and other researchers:
   Current stego programs don't work well at all. Nearly all leave behind
   fingerprints that tip off a careful observer that something unusual is
   going on.
   
   Johnson's work on steganalysis may seem obscure, but it has important
   law enforcement and military applications. The National Security
   Agency and police agencies have underwritten his research -- his
   center's graduate program at GMU is even certified by the NSA.
   
   The Pentagon funds related research at other institutions, and the
   Naval Research Laboratory is helping to organize the fourth annual
   Information Hiding Workshop in Pittsburgh from April 25 to 27.
   
   Earlier this month, news reports said U.S. officials were worried that
   operatives of accused terrorist Osama bin Laden now use steganographic
   applications to pass messages through sports chat rooms, sexually
   explicit bulletin boards and other sites. That complicates the NSA's
   mission of "sigint," or signals intelligence, which relies on
   intercepting communications traffic.
   
   [...]

   WetStone's "Steganography Detection and Recovery Toolkit" is being
   developed for the Air Force Research Laboratory in Rome, New York. The
   project overview, according to the company, is "to develop a set of
   statistical tests capable of detecting secret messages in computer
   files and electronic transmissions, as well as attempting to identify
   the underlying steganographic method. An important part of the
   research is the development of blind steganography detection methods
   for algorithms."

   Gordon said the effort arose from a study the Air Force commissioned
   from WetStone on forensic information warfare in 1998. The company was
   asked to identify technologies that the Air Force needed to guard
   against and it highlighted steganography as one of them.

   In addition to the NSA and the eavesdrop establishment, military
   installations, government agencies, and private employers could be
   affected by steganography. An employee or contractor could send
   sensitive information via e-mail that, if hidden, would not arouse
   suspicion.

   [...]


-Declan
http://www.mccullagh.org/

More information about the cypherpunks-legacy mailing list