News > SARC Press Releases
Digital Forensic Tool Passes DCCI Test
StegAlyzerAS Effective for Law Enforcement and Forensic Use
PRESS RELEASE
February 4, 2008
WASHINGTON, DC - Backbone Security, the market leader in advanced digital steganalysis
tools, proudly announced their industry leading steganography application detection
tool, Steganography Analyzer Artifact Scanner,
passed rigorous testing by the Defense Cyber Crime Institute (DCCI) at the opening
of The Computer Forensics Show today.
Developed in Backbone's Steganography Analysis and Research Center (SARC), StegAlyzerAS
is the most comprehensive and accurate steganography application detection tool
available on the commercial market. Capable of detecting file and Windows registry
artifacts associated with 650 steganography applications, StegAlyzerAS v3.0 is the
digital forensic examiner's tool of choice for detecting use of steganography to
conceal evidence of criminal activity.
The DCCI test report states that StegAlyzerAS was able to: 1) identify the hash
values of a significant number of files in the distribution libraries of a considerable
number of steganography programs, 2) minimize the number of false positives by ignoring
files typically associated with steganography applications but are also used in
versions of the Windows operating system and popular software applications not associated
with steganography, and 3) identify, with a high degree of accuracy, steganography
programs that have been installed on suspect media even though only a small number
of files associated with the programs currently reside on the media.
The SARC was established in June, 2004, to create a national repository of steganography
applications and fingerprints, i.e. hash values that could be consulted by Federal,
state, and local law enforcement; intelligence community; and private sector investigators
when conducting forensic analysis of a seized computer. A hash value is a numeric
representation of a file computed with a complex mathematical algorithm that essentially
yields the fingerprint of the file.
StegAlyzerAS is the only commercially available tool that includes the capability
to scan the Windows registry for artifacts, in the form of registry keys or values,
exclusive to steganography applications. DCCI's test report indicated that the StegAlyzerAS
registry artifact analysis feature was able to detect steganography programs "without
producing any false or misleading indicators."
Ultimately, "DCCI testing found both the hash set and registry analysis features
of StegAlyzerAS are effective for law enforcement and forensic use."
The report from December 2007 is available on the SARC web site,
http://www.sarc-wv.com.
About the SARC - The SARC is a Center of Excellence in digital steganography research and development within Backbone Security. The SARC has established the worlds largest commercially available repository of digital steganography applications, fingerprints, and signatures and has developed industry leading computer forensics and network security steganalysis tools for detecting and extracting information hidden with digital steganography applications.
About Backbone Security - In addition to the world class digital steganography research and development conducted in the SARC, Backbone is an Approved Scanning Vender (ASV) certified by the Payment Card Industry-(PCI) Security Standards Council to conduct automated PCI Data Security Standard compliance assessments with a One-Stop Scanning Solution.