Utilizing ADS
Alternate data streams are used to hide data. End users can hide data using ADSes in that the information that they contain does not contain any information that can be seen to be changed. One example in which this is done is that when there is a change in one of the fields of the information, there will be no change in the size of the file. The functionality of the file will not be changed also. This makes the ADS hidden. This is a destructive feature that ADS has because attackers will make use of this feature to hide their tools. Alternate data streams also enable hacklers to hide their rootkits which they will use in the attack of the system. They will be executed without the notice of the system administrators (Wayner, 2002).
Rootkits as alternative data hiding techniques
Rootkits can be used as alternative techniques for data hiding. One of the ways in which this can be done is hiding intellectual data. This is important data that should be hidden from malicious criminals who might want to steal for their selfish interests. Rootkits can be used to hide intellectual information. Rootkits can also be used to hide data when employees are being monitored. This is an important area when performance is an important aspect of any company. It will be unethical for employees to be monitored because of their privacy concerns. This is the only way in which monitoring can be done without any form of suspicion. Another way is protecting programs from activities of the malware attackers. Programs could be deleted accidentally. Using rootkits to hide these programs from being deleted would be important. There is a need to hide the file and leave only the executable part visible to the users (Cox, Miller, & Bloom, 2008).
Ways of detecting steganography
One of the ways of detecting steganography is starting to check the less complex areas. In most cases, this will be done by checking at the hidden music and image files. The process is to check the simple areas of the information system then the complex areas. It is important to get the tools that are used for steganalysis. One of the tools that are used for undertaking analysis of the steganography includes checking for unusual pattern. One of the tools used in this case is EnCase and ITool Investigator. These tools can be used to recover hidden data. Another tool is the use of filters. These are used to capture packets of TCP/IP which have information which are hidden. There is also the development of firewalls which is greatly being used to recover hidden information. These tools are used by investigators to uncover data which have been hidden (Katzenbeisser, & Petitcolas, 2000).
Tools used to hide information
The steganographic tools that are used for hiding information are categorized into two, which are image domain and transform domain. Image domain tools are the tools that apply least significant bit (LSB) insertion and noise manipulation to alter the content of information. Some of the tools that are used in this category include StegoDos, Stools, Mandelsteg, and Hide and seek. The format of the images in this category cannot be totally distorted because the image can be rearranged so that the original image can be obtained.
The other category is that of transform domain which manage algorithms that are used for hiding data. The tools in this category compress JPEG, MJPEG and MPEG. In this process, the pixel values of the image formats are converted to frequency values.
References
Cox, I., Miller, M., & Bloom, J. (2008). Digital watermarking and steganography. Morgan Kaufmann.
Katzenbeisser, S., & Petitcolas, F. (2000). Information hiding techniques for steganography. Artech house
Wayner, P. (2002). Disappearing cryptography: steganography and watermarking. Morgan Kaufmann.