JOURNAL BROWSE
Search
Advanced SearchSearch Tips
An effective detection method for hiding data in compound-document files
facebook(new window)  Pirnt(new window) E-mail(new window) Excel Download
 Title & Authors
An effective detection method for hiding data in compound-document files
Kim, EunKwang; Jeon, SangJun; Han, JaeHyeok; Lee, MinWook; Lee, Sangjin;
  PDF(new window)
 Abstract
Traditionally, data hiding has been done mainly in such a way that insert the data into the large-capacity multimedia files. However, the document files of the previous versions of Microsoft Office 2003 have been used as cover files as their structure are so similar to a File System that it is easy to hide data in them. If you open a compound-document file which has a secret message hidden in it with MS Office application, it is hard for users who don`t know whether a secret message is hidden in the compound-document file to detect the secret message. This paper presents an analysis of Compound-File Binary Format features exploited in order to hide data and algorithms to detect the data hidden with these exploits. Studying methods used to hide data in unused area, unallocated area, reserved area and inserted streams led us to develop an algorithm to aid in the detection and examination of hidden data.
 Keywords
Steganography;Data hiding;Compound File Binary Format;Microsoft Office;
 Language
Korean
 Cited by
 References
1.
Byers, S., "Information leakage caused by hidden data in published documents," IEEE Security Privacy vol. 2, no. 2, pp. 23-27, Mar. 2004. crossref(new window)

2.
T. Ngo, "Office Open XML Overview," EC MA TC45 white paper, online at http://www.ecma-international.org/news/TC45_current_work/OpenXML%20White%20Paper.pdf, last accessed April. 2011.

3.
Daniel Rentz, "Microsoft Compound Document- File Format", http://www.openoffice.org/sc/compdocfileformat.pdf

4.
http://www.hancom.com/forMatQna.boardIntro.do

5.
http://www.yonhapnews.co.kr/bulletin/2015/03/02/0200000000AKR20150302142100009.HTML

6.
Jung Heum Park, Bora Park, Sangjin Lee, Seokhie Hong, and Jong Hyuk Park, "Extraction of Residual Information in the Microsoft PowerPoint file from the Viewpoint of Digital Forensics considering PerCom Environment," The 2nd International Workshop on Web and Pervasive Security, IEEE, pp.584-589, Mar. 2008.

7.
A. Castiglione, De Santis, and C. Soriente, "Taking advantages of a disadvantage : Digital forensics and steganography using document metadata," The Journal of Systems and software, vol 80, Issue 5, pp.750-764, May. 2007. crossref(new window)

8.
Hyukdon Kwon, Yeog Kim, Sangin Lee, and Jongin Lim, "A Tool for the Detection of Hidden Data in Microsoft Compound Document File Format," International Conference on Information Science and Security ICISS, p.141-146, Jan. 2008.

9.
http://www.payneconsulting.com/products.

10.
http://peccatte.karefil.com/software/Catalogue.

11.
http://www.workshare.com

12.
W. Bender, D. Gruhl, N. Morimoto, and A. Lu, "Techniques for datahiding?," IBM Syst. J., vol. 35, no. 3.4, pp. 313-336, Apr. 1996. crossref(new window)

13.
G. Sui and H. Luo, "A new steganography method based on hypertext?," in Proc. Radio Science Conf. pp. 181-184. Aug. 2004.

14.
A. M. S. Rahma, B. AbdulWahab, and A. Y. Al-Noori, "Proposed steganographic method for data hiding in Microsoft word documents structure," Al-Mansour Journal, no. 15, pp. 1-29, 2011.

15.
W. Bhaya, A. Rahma, and D. Al-Nasrawi, "Text steganography based on font type in ms-word documents," Journal of Computer Science, vol. 9, no. 7, pp. 898-904, 2013. crossref(new window)

16.
http://www.mitec.cz/ssv.html

17.
http://compound-file-explorer.software.informer.com/1.8/