Top Banner

Click here to load reader

STEGANOGRAPHIC COMPUTER WARFARE - · PDF file STEGANOGRAPHIC COMPUTER WARFARE THESIS ... Steganography's goal is to conceal information, in plain sight. Although ... dependent organizations

Apr 13, 2020

ReportDownload

Documents

others

  • STEGANOGRAPHIC COMPUTER WARFARE

    THESIS

    Jordon T. Cochran, Captain, USAF

    AFIT/GCS/ENG/00M-03

    DEPARTMENT OF THE AIR FORCE AIR UNIVERSITY

    AIR FORCE INSTITUTE OF TECHNOLOGY

    Wright-Patterson Air Force Base, Ohio

    APPROVED FOR PUBLIC RELEASE; DISTRIBUTION UNLIMITED

  • The views expressed in this thesis are those of the author and do not necessarily

    reflect the official policy or position of the United States Air Force, Department of

    Defense, or the United States Government.

  • AFIT/GCS/ENG/00M-03

    STEGANOGRAPHIC COMPUTER WARFARE

    THESIS

    Presented to the Faculty of the Graduate School of Engineering and Management

    Of the Air Force Institute of Technology

    In Partial Fulfillment of the

    Requirements for the Degree of

    Master of Science in Computer Systems

    Jordon T. Cochran, B.S.

    Captain, USAF

    March 2000

    Approved for public release, distribution unlimited

  • iii

    Acknowledgments

    I would like to express my sincere appreciation to my research advisor, Dr. Henry

    Potoczny, for giving me incredible freedom to explore the subject of virus steganography

    and perform research that I felt was important. His wit and encouragement made a

    seemingly impossible task well worth the effort. I thank my committee members, Dr.

    Gregg Gunsch and Lieutenant Colonel Tim Jacobs, for their interest and support of this

    excursion into the unique field of information hiding. Also, to the fellow academic

    researchers who shared their insights with me to help me get started, I thank you.

    Finally, and most importantly, I would like to express my most heartfelt

    appreciation to my wife and best friend, Kathy, and our "children", Jenny Joy and

    Precious. Their love and understanding was the greatest support and comfort to me

    during the ceaseless academic course work. Without them in my corner, my research

    most likely would not have been possible.

    Jordon T. Cochran

  • iv

    Table of Contents

    Page

    Acknowledgments............................................................................................................... iii

    Table of Contents................................................................................................................ iv

    List of Figures ....................................................................................................................viii

    List of Tables .......................................................................................................................x

    Abstract ............................................................................................................................... xi

    STEGANOGRAPHIC COMPUTER WARFARE ..............................................................1

    I Introduction............................................................................................................. 1

    1.1 Executive Summary...................................................................................... 1

    1.2 Specific Problem .......................................................................................... 3

    1.3 Research Objectives ..................................................................................... 5

    1.4 Scope ............................................................................................................ 6

    1.5 Research Need .............................................................................................. 7

    1.6 Document Sequence ..................................................................................... 7

    II Steganography......................................................................................................... 9

    2.1 Introduction .................................................................................................. 9

    2.2 Historical Perspective ................................................................................. 10 2.2.1 Security through obscurity............................................................ 11 2.2.2 Camouflage ................................................................................... 11 2.2.3 Hiding the location of the embedded information........................ 13 2.2.4 Spreading the hidden information................................................. 13

  • v

    2.3 Terminology ............................................................................................... 14 2.3.1 Message File ................................................................................. 15 2.3.2 Cover File...................................................................................... 15 2.3.3 Steganography vs. Cryptography.................................................. 15

    2.4 Steganographic Methods ............................................................................ 18

    2.5 Research Areas ........................................................................................... 19

    2.6 Summary..................................................................................................... 21

    III Methodology ......................................................................................................... 22

    3.1 Introduction ................................................................................................ 22 3.1.1 Problem Definition........................................................................ 22 3.1.2 Problem Statement ........................................................................ 23 3.1.3 Scope............................................................................................. 23

    3.1.3.1 Selected Strategies ........................................................... 23 3.1.3.2 File Format ...................................................................... 23 3.1.3.3 Image Library.................................................................. 24

    3.2 Steganography Tools Overview ................................................................. 27 3.2.1 Contraband HE.............................................................................. 27 3.2.2 Encrypt Pic .................................................................................... 27 3.2.3 FFEncode ...................................................................................... 28 3.2.4 Gifshuffle ...................................................................................... 28 3.2.5 HideSeek ....................................................................................... 28 3.2.6 In The Picture................................................................................ 28 3.2.7 JSteg Shell..................................................................................... 29 3.2.8 Pretty Good Envelope ................................................................... 29 3.2.9 S-Tools .......................................................................................... 29 3.2.10 Snow.............................................................................................. 30 3.2.11 SteganoGifPaletteOrder ................................................................ 30 3.2.12 Steganos ........................................................................................ 30 3.2.13 Steghide......................................................................................... 31 3.2.14 wbStego......................................................................................... 31

    3.3 Method of Evaluation................................................................................. 32 3.3.1 Process Overview.......................................................................... 32 3.3.2 Cover and Message File Controls ................................................. 32 3.3.3 Steganography Tools ..................................................................... 32

    3.4 Method of Delivery .................................................................................... 34 3.4.1 Network Propagation System Analysis ........................................ 34 3.4.2 Methods of Transmission.............................................................. 35 3.4.3 Trouble with Propagation Timing................................................. 37

    3.5 Anti-Virus Programs .................................................................................. 39 3.5.1 McAfee VirusScan........................................................................ 41

  • vi

    3.5.2 Norton Anti-Virus ......................................................................... 41 3.5.3 PC-cillin ........................................................................................ 41 3.5.4 InoculateIT.................................................................................... 42

    3.6 The Real Threat .......................................................................................... 42

    3.7 Summary..................................................................................................... 43

    IV Analysis and Results ............................................................................................. 44

    4.1 Introduction ................................................................................................ 44

    4.2 Steganography Tool Test....