Backbone Security is pleased to announce the Defense Cyber Crime Institute (DCCI), an element of the Department of Defense (DoD) Cyber Crime Center (DC3), has published a Validation Report for Backbone's Steganography Analyzer Real-Time Scanner (StegAlyzerRTS), a network security appliance for monitoring inbound and outbound network traffic in real-time for the presence of digital steganography applications and signatures.
Digital steganography is the Internet era version of an ancient information hiding technique that dates back to the days of Ancient Greece. Using digital steganography, a file can be embedded within, or appended to, another file in such a way that it cannot be seen or heard. Unlike cryptography, which translates information into an unintelligible sequence of letters and numbers, steganography conceals the very existence of the information.
DCCI provides legally and scientifically accepted standards, techniques, methodologies, research, tools, and technologies on computer forensics and related technologies to meet the current and future needs of the DoD counterintelligence, intelligence, information assurance, information operations, and law enforcement communities.
StegAlyzerRTS was validated by DCCI to determine the extent and circumstances under which computer crime investigating agents assigned to Defense Criminal Investigative Organizations may employ the appliance for digital forensic investigation and analysis.
The Validation Report reflects that expected results were obtained for all tests and all requirements outlined in the report were satisfied. For example, the report indicated that StegAlyzerRTS accurately detected supported steganography applications and did not affect network throughput while capturing and processing copies of all packets entering and leaving the network.
StegAlyzerRTS was developed in Backbone's Steganography Analysis and Research Center (SARC), as a countermeasure to the threat of trusted insiders using digital steganography to exfiltrate sensitive or classified information from enterprise networks.
With more than 1,000 applications available as freeware or shareware on web sites across the Internet, digital steganography is a real and growing threat in the hands of trusted insiders with malicious intent.