Welcome to the Steganography Analysis and Research Center

A Backbone Security Center of Excellence

News > SARC Press Releases

Digital Forensic Tool Passes DCCI Test
StegAlyzerAS Effective for Law Enforcement and Forensic Use

PRESS RELEASE

February 4, 2008

WASHINGTON, DC - Backbone Security, the market leader in advanced digital steganalysis tools, proudly announced their industry leading steganography application detection tool, Steganography Analyzer Artifact Scanner, passed rigorous testing by the Defense Cyber Crime Institute (DCCI) at the opening of The Computer Forensics Show today.

Developed in Backbone's Steganography Analysis and Research Center (SARC), StegAlyzerAS is the most comprehensive and accurate steganography application detection tool available on the commercial market. Capable of detecting file and Windows registry artifacts associated with 650 steganography applications, StegAlyzerAS v3.0 is the digital forensic examiner's tool of choice for detecting use of steganography to conceal evidence of criminal activity.

The DCCI test report states that StegAlyzerAS was able to: 1) identify the hash values of a significant number of files in the distribution libraries of a considerable number of steganography programs, 2) minimize the number of false positives by ignoring files typically associated with steganography applications but are also used in versions of the Windows operating system and popular software applications not associated with steganography, and 3) identify, with a high degree of accuracy, steganography programs that have been installed on suspect media even though only a small number of files associated with the programs currently reside on the media.

The SARC was established in June, 2004, to create a national repository of steganography applications and fingerprints, i.e. hash values that could be consulted by Federal, state, and local law enforcement; intelligence community; and private sector investigators when conducting forensic analysis of a seized computer. A hash value is a numeric representation of a file computed with a complex mathematical algorithm that essentially yields the fingerprint of the file.

StegAlyzerAS is the only commercially available tool that includes the capability to scan the Windows registry for artifacts, in the form of registry keys or values, exclusive to steganography applications. DCCI's test report indicated that the StegAlyzerAS registry artifact analysis feature was able to detect steganography programs "without producing any false or misleading indicators."

Ultimately, "DCCI testing found both the hash set and registry analysis features of StegAlyzerAS are effective for law enforcement and forensic use."

The report from December 2007 is available on the SARC web site, http://www.sarc-wv.com.

About the SARC - The SARC is a Center of Excellence in digital steganography research and development within Backbone Security. The SARC has established the worlds largest commercially available repository of digital steganography applications, fingerprints, and signatures and has developed industry leading computer forensics and network security steganalysis tools for detecting and extracting information hidden with digital steganography applications.

About Backbone Security - In addition to the world class digital steganography research and development conducted in the SARC, Backbone is an Approved Scanning Vender (ASV) certified by the Payment Card Industry-(PCI) Security Standards Council to conduct automated PCI Data Security Standard compliance assessments with a One-Stop Scanning Solution.