Skip to content

Forensic Analysis of Android Steganography Apps

Conference/Workshop:
G. Peterson and S. Shenoi, eds., Advances in Digital Forensics XIV, Cham. Springer Int’l. Publishing, 2018, pp. 293-312.
Journal: IFIP International Conference on Digital Forensics
Published: 2018
Primary Author: Wenhao Chen
Secondary Authors: Y. Wang, Y. Guan, J. Newman, L. Lin, S. Reinders
Research Area: Digital

The processing power of smartphones supports steganographic algorithms that were considered to be too computationally intensive for handheld devices. Several steganography apps are now available on mobile phones to support covert communications using digital photographs.

This chapter focuses on two key questions: How effectively can a steganography app be reverse engineered? How can this knowledge help improve the detection of steganographic images and other related files? Two Android steganography apps, PixelKnot and Da Vinci Secret Image, are analyzed. Experiments demonstrate that they are constructed in very different ways and provide different levels of security for hiding messages. The results of detecting steganography files, including images generated by the apps, using three software packages are presented. The results point to an urgent need for further research on reverse engineering steganography apps and detecting images produced by these apps.

Related Resources

Forensic Analysis of Android Cloud SDKs

Forensic Analysis of Android Cloud SDKs

This presentation is from the 76th Annual Conference of the American Academy of Forensic Sciences (AAFS), Denver, Colorado, February 19-24, 2024.
The Impact of Multi-Camera Smart Phones on Source Camera Identification

The Impact of Multi-Camera Smart Phones on Source Camera Identification

An investigator has a questioned image from an unknown source and wants to determine whether it came from a camera on a person of interest’s smartphone. This scenario is referred…
Likelihood ratios for changepoints in categorical event data with applications in digital forensics

Likelihood ratios for changepoints in categorical event data with applications in digital forensics

We investigate likelihood ratio models motivated by digital forensics problems involving time-stamped user-generated event data from a device or account. Of specific interest are scenarios where the data may have…
Producing Datasets: Capturing Images on Multi-Camera Smartphones for Source Camera Identification

Producing Datasets: Capturing Images on Multi-Camera Smartphones for Source Camera Identification

This poster introduces the new CSAFE Multi-camera Smartphone Image Database and describes how the image were collected and reviewed.