|
Welcome to the Steganography Analysis and Research Center
A Backbone Security Center of Excellence
Products > Steganography Application Fingerprint Database
(SAFDB)

Download a data sheet for SAFDB
Product Description:
A fundamental goal of the Steganography Analysis and Research Center (SARC) is to
expand the repository of digital steganography, watermarking, and other data-hiding
applications acquired from various sources and add the hash values, or fingerprints,
of all file artifacts associated with those applications to the Steganography Application
Fingerprint Database (SAFDB). A file artifact is simply a file known to be associated
with a particular steganography application.
The database can be used to determine whether any files on the suspect computer’s
storage media, or a forensic image of the storage media, is associated with a particular
steganography or other data-hiding application.
The database contains a profile of each file artifact that contains identifying
information such as file name, file size, associated application name, and seven
unique hash values: CRC-32, MD5, SHA-1, SHA-224, SHA-256, SHA-384, and SHA-512.
These hash values may be used to verify the presence of a steganography or other
data-hiding application on the media being examined.
If a digital forensic examination reveals that a steganography application is, or
was, on the storage media, it should be assumed the application was used to hide
something. Accordingly, identifying the steganography or other data-hiding application
used to hide information is the critical first step toward attempts to find and
extract information that may have been hidden with the application. Identifying
the application used to hide information allows the examiner to focus efforts on
locating the carrier files that may have been manipulated by that application.
With the hash values of all file artifacts associated with 725 digital steganography,
watermarking, and other data-hiding applications, SAFDB is the most extensive steganography
application hash set publicly available anywhere.
SAFDB is included with the Steganography Analyzer Artifact Scanner (StegAlyzerAS),
a digital forensic analysis tool that detects file and Microsoft Windows® Registry
artifacts of digital steganography applications. Additionally, a version of SAFDB
is currently available in a format compatible with the following digital forensic
tools and utilities:
- EnCase
- Forensic Toolkit (FTK)
- HashKeeper
- ILook
- ProDiscover
Future versions of SAFDB will include additional hash values for all the file artifacts
associated with additional steganography, watermarking, and other data-hiding applications.
SAFDB is available for a license fee of $250.00.
Volume license discounts available. The license includes all product updates for
one year from date of license purchase.
Order SAFDB for EnCase
Order SAFDB for Forensic Toolkit (FTK)
Order SAFDB for HashKeeper
Order SAFDB for ILook
Order SAFDB for ProDiscover
Free SAFDB - A free version of SAFDB is available to qualifying law enforcement, intelligence,
government, and military users. Click here for additional information.
|