StegAlyzerAS
StegAlyzerSS
StegAlyzerRTS

StegAlyzerSS

Product Description:

Steganography Analyzer Signature Scanner (StegAlyzerSS) is a digital forensic analysis tool designed to extend the scope of traditional digital forensic examinations by allowing the examiner to scan files on suspect media, or forensic images of suspect media, for unique hexadecimal byte patterns, or known signatures, left inside files when particular steganography applications are used to embed hidden information within them.

StegAlyzerSS extends the signature scanning capability by also allowing the examiner to use other techniques for detecting whether information may have been appended to, or hidden within, potential carrier files.

StegAlyzerSS has been found to be effective in identifying files that contain hidden steganographic data by the Defense Cyber Crime Institute (DCCI) and the CyberScience Laboratory (CSL).

Product highlights in StegAlyzerSS:

  • Case generation and management
  • Capability to mount and scan forensic images of storage media in EnCase, RAW (dd), or SMART formats
  • Automated scanning of an entire file system, individual directories, or individual files on suspect media for the presence of known signatures of particular steganography applications
  • Identify files that have information appended beyond the file’s end-of-file marker with the Append Analysis feature and analyze the files in a hex editor view to determine the nature of the hidden information
  • Identify files that have information embedded using Least Significant Bit (LSB) image encoding with the LSB Analysis feature and extract and rearrange the LSBs for analysis in a hex editor view to determine if information has been hidden within the file
  • Exclusive Automated Extraction Algorithm functionality for selected steganography applications gives examiners a “point-click-and-extract” interface to easily extract hidden information from suspect files
  • Extensive report generation in HTML format
  • Automated logging of key events and information of potential evidentiary value
  • Export session activity and evidence logs in comma separated value (.csv) format
  • Integrated help feature to explain specific features and functions

Features to be incorporated in a future release of StegAlyzerSS:

  • Expanded signature scanning and recognition capability
  • Expanded blind detection analysis capability
  • Additional Automated Extraction Algorithms