Hiding in Plain Sight: Steganography and the Art of Covert Communication

Overview

These days, encryption of confidential data and communications is an increasingly important part of doing business. But steganography can take data confidentiality to a whole new level, since it hides encrypted messages in ordinary-looking data files, making the very existence of the messages practically undetectable. Although steganography is not a new field and has played a critical part in secret communication throughout history, few people understand exactly how it works today. This detailed, practical guide ...
See more details below
Available through our Marketplace sellers.
Other sellers (Paperback)
  • All (9) from $9.15   
  • New (3) from $132.12   
  • Used (6) from $9.15   
Close
Sort by
Page 1 of 1
Showing All
Note: Marketplace items are not eligible for any BN.com coupons and promotions
$132.12
Seller since 2014

Feedback rating:

(227)

Condition:

New — never opened or used in original packaging.

Like New — packaging may have been opened. A "Like New" item is suitable to give as a gift.

Very Good — may have minor signs of wear on packaging but item works perfectly and has no damage.

Good — item is in good condition but packaging may have signs of shelf wear/aging or torn packaging. All specific defects should be noted in the Comments section associated with each item.

Acceptable — item is in working order but may show signs of wear such as scratches or torn packaging. All specific defects should be noted in the Comments section associated with each item.

Used — An item that has been opened and may show signs of wear. All specific defects should be noted in the Comments section associated with each item.

Refurbished — A used item that has been renewed or updated and verified to be in proper working condition. Not necessarily completed by the original manufacturer.

New
Brand New Item.

Ships from: Chatham, NJ

Usually ships in 1-2 business days

  • Canadian
  • International
  • Standard, 48 States
  • Standard (AK, HI)
  • Express, 48 States
  • Express (AK, HI)
$145.00
Seller since 2014

Feedback rating:

(113)

Condition: New
Brand new.

Ships from: acton, MA

Usually ships in 1-2 business days

  • Standard, 48 States
  • Standard (AK, HI)
$155.00
Seller since 2014

Feedback rating:

(113)

Condition: New
Brand new.

Ships from: acton, MA

Usually ships in 1-2 business days

  • Standard, 48 States
  • Standard (AK, HI)
Page 1 of 1
Showing All
Close
Sort by
Sending request ...

Overview

These days, encryption of confidential data and communications is an increasingly important part of doing business. But steganography can take data confidentiality to a whole new level, since it hides encrypted messages in ordinary-looking data files, making the very existence of the messages practically undetectable. Although steganography is not a new field and has played a critical part in secret communication throughout history, few people understand exactly how it works today. This detailed, practical guide changes that -- whether your goal is to add an extra level of security to business or government communications or to detect and counter steganography when it's used by criminals or terrorists.
Read More Show Less

Editorial Reviews

From Barnes & Noble
The Barnes & Noble Review
Where would you hide something if you never wanted it to be found? In plain sight, of course. (A familiar idea if you’ve ever read Edgar Allan Poe’s The Purloined Letter -- or, for that matter, misplaced your TV remote.) “Hiding in plain sight” is the principle behind one of the most exciting -- and controversial -- fields in computer security: steganography.

In steganography, secret information is embedded within routine, apparently innocuous communications of any kind -- JPEGs of your vacation photos, MP3 music files, you name it. Since nobody’s looking there, your message passes undetected, no matter how closely you’re being watched.

How does it work? How would you use it? How would you detect it if someone were using it against you? Those are the subjects of Hiding in Plain Sight by Eric Cole.

Cole is one of the field’s leading experts -- in fact, his doctoral dissertation covers stego. His security career has taken him from the SANS Institute (where he served as Director of the Cyber Defense Initiative) to the CIA (where he identified security holes in the agency’s Web servers, earning several “Exceptional Performance Awards” along the way). Who better to explain state-of-the-art security technologies to you?

It’s often been speculated that the 9/11 terrorists used stego. Nobody’s sure, but here’s Cole’s educated opinion: “I believe the terrorists did use stego because they had the technical savvy, the money, access to the technology, and images to hide data in. Perhaps most importantly, they had not only the means, but the motive for hiding information.” Possibly an even better reason to suspect Al Qaeda’s use of stego is that, based on Cole’s research, it’s used far more widely than most people imagine.

In Hiding in Plain Sight, Cole begins by placing stego in historical and technological context, and then explaining how it works, in simple English. He then explains today’s least ominous and most widespread application of steganography: digital watermarking. Next, you’ll dive more deeply into this “hidden realm,” understanding traditional insertion-based, algorithmic-based, and grammar-based forms of steganography, as well as newer substitution- and generation-based approaches.

Cole offers step-by-step instructions for utilizing S-Tools, stego software that will both encrypt your message and embed it into files for you. He then introduces a wide variety of stego tools -- including Hide and Seek, Jsteg, EZ-Stego, Image Hide, Digital Picture Envelope, Camouflage, Gif Shuffle, and Spam Mimic. If you’re a programmer, you’ll appreciate his detailed coverage of “rolling your own” stego software for embedding messages in everything from WAV audio files to HTML white space. He also presents a full chapter on sending stego files across a network (including techniques hiding data in email attachments -- or even IP and TCP message headers).

The book’s final section offers detailed techniques for identifying and cracking stego -- including ways to recognize files coded with each of the leading stego tools. Cole concludes by presenting high-level security strategies that take stego into account. If you’re a security professional, you need to know about this stuff. Even if you’re not, you may still want to read this book, just for the sheer fascination of it. Bill Camarda

Bill Camarda is a consultant, writer, and web/multimedia content developer. His 15 books include Special Edition Using Word 2000 and Upgrading & Fixing Networks for Dummies, Second Edition.

Read More Show Less

Product Details

  • ISBN-13: 9780471444497
  • Publisher: Wiley, John & Sons, Incorporated
  • Publication date: 4/11/2003
  • Edition number: 1
  • Pages: 360
  • Product dimensions: 7.38 (w) x 9.22 (h) x 0.78 (d)

Meet the Author

ERIC COLE is currently Chief Scientist for The Sytex Group's Information Warfare Center, where he heads up cutting-edge research in steganography and network security. Prior to this, Cole worked for more than five years in security for the CIA, during which time he earned six achievement awards and led a team of security professionals in the design and deployment of secure communications systems. Cole continues to consult for many government agencies. He holds several professional certifications and helped develop several of the SANS GIAC security certifications and corresponding courses. He has appeared on CNN, CBS News, and 60 Minutes.
Read More Show Less

Table of Contents

Acknowledgments xiii
Introduction xvii
Part 1 Exploring the World of Covert Communication 1
Chapter 1 Covert Communication: It's All Around You 3
What Is Steganography? 5
Where Hidden Data Hides 5
Where Did It Come From? 6
Where Is It Going? 7
When Steganography Inspires Terror 8
Who Is Using Stego? 9
Protecting Your Rights 10
Keeping Your Business Secure 10
Looking Ahead 12
Chapter 2 Cryptography Explained 13
Cryptography Defined 15
Crypto 101 15
Crypto Lingo 16
Early Cryptography 17
How We Got to Modern Cryptography 18
Cryptography and Network Security 19
Confidentiality 19
Integrity 20
Availability 21
Authentication and Non-Repudiation 22
Authentication 22
Non-repudiation 23
Principles of Cryptography 24
You Cannot Prove Crypto Is Secure 24
Algorithm versus Implementation 25
Never Trust Proprietary 26
The Strength of an Algorithm Is in the Key 28
Cryptography Stays in Place 28
Cryptography Must Be Designed In 29
All Cryptography Is Crackable, in Time 29
Security Becomes Obsolete 31
Types of Cryptography 32
Symmetric 32
Diffie-Hellman Key Exchange 32
Common Implementations of Symmetric Encryption 34
Asymmetric 38
Hash 38
Putting the Pieces Together 39
Using Cryptography Tools 40
Working with PGP 41
Generating a Privacy Key with PGP 41
How PGP Works with Email 44
Using SSH 45
Looking Ahead 50
Chapter 3 Hiding the Goods with Steganography 51
Overview of Steganography 52
The Growth of Steganography 53
Steganography in Use 54
Flaws of Steganography 55
Variations on Stego 56
Trojan Horses 56
Covert Channels 57
Easter Eggs 58
Hardware Keys 58
Security and Steganography 59
Confidentiality 59
Survivability 59
No Detection 60
Visibility 60
Principles of Steganography 61
Types of Steganography 61
File Type 61
Method of Hiding 62
Hands-on Steganography 62
Putting All the Pieces Together 63
Looking Ahead 66
Chapter 4 Digital Watermarking 67
What Is Digital Watermarking? 68
Exploring Uses for Digital Watermarking 69
Properties of Digital Watermarking 71
Types of Digital Watermarking 73
Invisible Watermarking 74
Visible Watermarking 77
Goals of Digital Watermarking 78
Digital Watermarking and Stego 79
Uses of Digital Watermarking 80
Removing Digital Watermarks 81
Looking Ahead 87
Part 2 The Hidden Realm of Steganography 89
Chapter 5 Steganography at Large 91
The Internet: A Climate for Deceit 93
The End of the Paper Trail 93
Your Jurisdiction or Mine? 94
Searching for Identity 95
Corporate Espionage 97
Who's Playing? 97
Information Attacks 98
System Attacks 99
Playing Spy 99
Big Brother--With an Attitude 99
Information Crime and the Law 101
Who's Watching Whom? 101
Protecting Ideas 101
Enforcement: A Tough Nut 102
The Challenge 103
Enforcing the Unenforceable 103
The Growing Science of Computer Forensics 104
Looking Ahead 105
Chapter 6 Nuts and Bolts of Steganography 107
Types of Steganography 108
Original Classification Scheme 109
Insertion-Based 109
Algorithmic-Based 109
Grammar-Based 110
New Classification Scheme 111
Insertion-Based 111
Substitution-Based 112
Generation-Based 112
Color Tables 113
Products That Implement Steganography 114
S-Tools 115
Using S-Tools with Image Files 115
Using S-Tools with Sound Files 116
S-Tools Step-by-Step 117
Hide and Seek 118
J-Steg 119
EZ Stego 121
Image Hide 122
Digital Picture Envelop 123
Camouflage 126
Gif Shuffle 127
Spam Mimic 127
Rolling Your Own Stego 129
Comprehensive Stego Program 130
Technique Structure 132
WAV Creation 132
Overview 132
Idea 133
Details 133
Logic Flow 134
Areas for Improvement 135
wav-Sine Creation 135
Overview 135
Idea 135
Details 135
Logic Flow 135
Areas for Improvement 136
WAV Twiddle 137
Overview 137
Idea 137
Details 137
Logic Flow 137
Areas for Improvement 139
Doc Stuffer 139
Overview 139
Idea 139
Details 139
Logic Flow 140
Areas for Improvement 141
EXE Stuffer 141
Overview 142
Idea 143
Details 143
Logic Flow 143
Areas for Improvement 143
HTML White Space 144
Overview 145
Idea 145
Details 145
Logic Flow 147
Areas for Improvement 147
HTML White Space Variable 147
Overview 147
Idea 148
Details 149
Logic Flow 149
Areas for Improvement 149
RTF Insertion 149
Overview 149
Idea 150
Details 151
Logic Flow 151
Areas for Improvement 151
War 151
Overview 151
Idea 151
Details 152
Logic Flow 153
Areas for Improvement 153
Looking Ahead 153
Chapter 7 Sending Stego Files Across a Network 155
Uses and Techniques of Network Stego 155
Hiding in Network Traffic 156
Stego Combined with Viruses 156
Tracking Internet Usage 156
Network Stego Techniques 157
Hiding in an Attachment 157
Hiding Data in an Email Attachment 157
Transmitting Hidden Data with FTP 157
Posting Stego to a Web Site 158
Hiding in a Transmission 158
Using Invisible Secrets to Hide and Transmit Data 158
Embedding Hidden Data with Invisible Secrets 159
Decrypting and Extracting Data with Invisible Secrets 164
CameraShy 167
Hiding Data in Network Headers 169
Networking and TCP/IP: The Basics 169
Using IP and TCP Headers for Stego 169
UDP and ICMP Headers 171
Covert TCP 171
How Covert TCP Works 172
Running Covert TCP 173
Hiding in an Overt Protocol 179
Looking Ahead 181
Part 3 Making Your Own Communications Secure 183
Chapter 8 Cracking Stego and Crypto 185
Who's Cracking What? 186
Cracking Analysis 187
Cryptanalysts 187
Steganalysts 188
The Role of Detection 188
Detecting Encryption 188
Randomness and Compression 190
Detection and Image Files 190
Building a Program for Detection 191
Cracking Cryptography 194
General Attacks 195
Ciphertext-Only Attack (COA) 195
Known Plaintext Attack (KPA) 196
Chosen Plaintext Attack (CTA) 197
Chosen Ciphertext Attack (CCA) 197
Specific Attacks 197
Brute-Force Attack 197
Replay Attack 198
Man-in-the-Middle Attack 199
Meet-in-the-Middle Attack 199
Birthday Attack 200
Cracking Steganography 201
Specific Techniques 201
S-Tools Version 4.0 202
Hide and Seek 205
J-Steg 205
EZ Stego 207
StegDetect 208
General Techniques for Detecting Stego 211
Looking Ahead 216
Chapter 9 Developing Your Secure Communications Strategy 217
Secure versus Secret 218
Setting Communication Goals 219
The Roles of Crypto and Stego in Business 220
Why You Need Both Stego and Crypto 220
Crypto and Stego in Business Today 221
How Crypto and Stego Make You More Secure 221
Developing a Strategy 222
Common Problems with Secure Technologies 222
Looking Ahead 225
Chapter 10 The Future of Steganography 227
Improving the Techniques 229
Improved Resistance to Analysis 229
How Much Can You Hide? 229
Improved Attack Tools 230
New and Improved Ways to Use Stego 230
Law Enforcement 230
Corporate Uses 230
Illegal Uses 231
Where Will Stego Tools Reside? 231
Appendix A Steganography Source Code 233
Appendix B What's on the CD-ROM 315
Index 321
Read More Show Less

Customer Reviews

Be the first to write a review
( 0 )
Rating Distribution

5 Star

(0)

4 Star

(0)

3 Star

(0)

2 Star

(0)

1 Star

(0)

Your Rating:

Your Name: Create a Pen Name or

Barnes & Noble.com Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & Noble.com that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & Noble.com does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at BN.com or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation

Reminder:

  • - By submitting a review, you grant to Barnes & Noble.com and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Noble.com Terms of Use.
  • - Barnes & Noble.com reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & Noble.com also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on BN.com. It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

 
Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously

    If you find inappropriate content, please report it to Barnes & Noble
    Why is this product inappropriate?
    Comments (optional)