DETECTION OF HIDDEN INFORMATION, COVERT CHANNELS, AND INFORMATION FLOWS

NEIL F. JOHNSON AND PHIL A. SALLEE

Booz Allen Hamilton, McLean, Virginia

1 INTRODUCTION

The oldest form of protecting information is to conceal its existence—hide it. Numerous methods for hiding information have been developed through the years, ranging from physical concealment of objects which are “hidden in plain sight” to high-tech methods for covert communications in digital media. Some examples of hiding information include hidden tattoos, covered writing, invisible inks, microdots, grille and null ciphers, code words, digital signatures, covert channels and spread-spectrum communications, to name but a few [1–5].

Steganography is used to conceal the existence of hidden messages within seemingly innocuous carriers. Common techniques in digital steganography usually camouflage the intended message within another object or media, referred to as either the cover or carrier. By far, the most common steganography tools embed information within image files. However, hidden information can be embedded within nearly any type of digital media or information flow. Research also extends beyond digital media such as DNA [6–8], chemical compounds [9], and circuit boards [10–12]. The focus in this article is on digital steganography: hiding in electronic files and media.

Covert channels, though not necessarily designed for communication, provide a means to communicate through the misuse of another mechanism, typically ...