Our new article on Information Hiding – Challenges for Forensic Experts was just recently published in Communications of the ACM
W. Mazurczyk, S. Wendzel: Information Hiding – Challenges for Forensic Experts,
Communications of the ACM, ACM, January 2018.
Currently we observe a rising trend of utilization of various techniques among cybercriminals which allow to thwart or at least to delay the detection of their nefarious activities. One group of such techniques belongs to the information hiding domain. Information hiding incorporates a variety of methods focused on making the data difficult to notice by e.g. embedding them into an innocent-looking digital object. In this paper, we discuss this recent phenomenon, i.e. information hiding-related cybercrimes, and its impact on forensic analysis. We also present an initiative called Criminal Use of Information Hiding (CUIng) which recently started in cooperation with the Europol European Cyber Crime Centre (EC3). CUIng tries to serve as an umbrella for improving the education, training, awareness, methodology and information sharing regarding information hiding.
Keywords: Information Hiding, Steganography, Digital Forensics, Cybercrime, Malware
The following video introduces the ideas of the article:
Steffen Wendzel, Wojciech Mazurczyk, Luca Caviglione, Michael Meier:
Hidden and Uncontrolled - On the Emergence of Network Steganography,
Information Security Solutions Europe (ISSE'14), in: Securing Electronic Business Processes, pp. 123-133, Brussels, Springer-Vieweg, 2014.
Steffen Wendzel, Sebastian Zander, Bernhard Fechner, Christian Herdin:
Pattern-Based Survey and Categorization of Network Covert Channel Techniques,
Computing Surveys (CSUR), Vol. 47(3), ACM, 2015.
Wojciech Mazurczyk, Steffen Wendzel, Sebastian Zander, Amir Houmansadr, Krzysztof Szczypiorski:
Information Hiding in Communication Networks: Fundamentals, Mechanisms, and Applications,
IEEE Series on Information and Communication Networks Security,
Wiley, 2016 (cf. Amazon.com).
Also, we published a related newsletter contribution:
Wojciech Mazurczyk, Philipp Amann, Luca Caviglione, Steffen Wendzel:
CUIng: Criminal Use of Information Hiding Initiative [newsletter website],
European CIIP Newsletter, Issue 25 (Vol. 10, No. 3), pp. 31-32, 2016.