Terrorist Attack on September 11th

¶ … terrorist attack on September 11th of 2001, the entire security of the internet medium has been given a new meaning. Following the attacks various theories have been advanced to explain the way the terrorist were able to successfully pass their messages to their intended recipients. The details of the messages stored or rather hidden in the steganographs included the details of the intended targets and the weapons of choice. Steganography is a method of covertly hiding within other messages is purported to have been employed by the terrorists. The art of steganography draws its origin and usage in the old war times. However, currently modern techniques of the art have been advanced through the use of information technology. This paper explores the technology behind steganography, its history, how it can be detected and the relevant legislative clauses put in place to guide its usage. This paper will also explore the possible threats that steganography poses to national security and the possible ways of detecting its presence in various messages.

Introduction

Steganography is the art and science of hiding messages in such a manner that only the sender and its intended recipients are able to decipher the actual content contained in the message. The continued interest in the field of steganography was stirred by the previous terrorist attack on U.S. soil. The specific attack that caused the security mechanisms to be reevaluated is the September 11th, 2001 terrorist attack of the Twin Towers. The otherwise previous less known or suspected domain of steganograhy quickly became the subject of various discussions and news headlines.

The computer security mechanisms and policies that have been developed since that day are all meant to be pre-emptive measure to counteract the possibilities of the terrorist using various form of otherwise normal imagery to covertly plan and execute their malicious operations. The measures whose implementations were marked with the appropriate legislative enactments have resulted in a complete paradigm shift in the way online internet security is perceived and handled.

The key legal acts and bills that have been created and maybe amended in order to take care of the perceived threat posed by the use of steganographic imagery are the U.S.A. Patriotic Act and the Anti-terrorism bill. These bills have resulted in the prescription of suitable punitive measures to individuals and organization who take part in the process of inappropriately using the internet as platform to advance their terrorist agendas.Among the key developments in the effort to curtail the criminal use of steganographic imagery in conveying of terrorist messages is the Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 used in the process of actively detecting thirds of information that could be held on certain imagery on which steganographic messages have been embedded. This possibility has therefore shown how the power and joy that came through the invention of the internet and its public usage can be quietly turned around with the intention of advancing certain ulterior motives.

Background

The use of steganography had been used in early day in order to covertly pass certain messages by means of common objects and persons. The use of steganography is never new. It is recorded that the art and science found its application during the Roman times. A perfect example is that of Histiaeus, a Roman General who successfully passed an encoded steganographic message to its intended recipients by tattooing messages to the head of his most trusted slave. He would the wait forth slave's hair to grow. Later on he would let the slave's hair to grow up and then send the slave to the message's intended receipint.The recipient would then shave the slave's hair in order to reveal the hidden information.

The advancement in the field of information technology has however given birth to a different form of steganography which is even harder to decode. This is the ability that is purportedly being used or had been used in the past in order to pass crucial terrorist information between different terrorist cells and with their leaders. The current order involves the sending of an encoded message on a rather normal looking imagery. The encoded information contained in the imagery is then decoded back to its original by use of a special key only accessible to the original sender of the message. The key in this can be in various forms such as a certain phrase that can be used by the electronic system in order to decode the original message.

The fact that the electronic system known as Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 has the amazing ability to seamlessly encode, carry out the transmission and eventually decode the message content points out why it could be the terrorists way of choice in the process of carrying out their covert and terrorist activities

Literature Review

Numerous studies have been done by researchers in the field of Steganography. These researchers have studied the Steganographic ways and come up with a variety of ways of handling, dealing with, and mastering the art. The following are a section of writers that have contributed their findings in Steganography.

Modern steganography has been expressed as the process of enclosing a message file in a container file through manipulation of the least significant information to hide the message. The container appearance or sound file gets changed to a level which the human eye will not detect. Steganography tends to serve like a very devious technique to adopt but it is well designed to curb illegal data movements via the modern electrical gargets. (Johnson, 2001)

Simmons defines a subliminal channel as a channel in which hidden information piggybacks on an innocuous-like legitimate form of communication; on the other hand, Lampson describes a covert channel as one that is not intended for transfer of data. Through definition, carriers of steganography are subliminal channels since the kind of information they portray appears innocent, but in real sense this information is holds ulterior intentions hidden below the threshold of perception.

Since 1983 when Simmons introduced prisoner's problems, there have been active wardens in the area of postulation. Simmons prisoner's problems presents Bob and Alice as prisoners who have a collective wish of planning an escape, but Bob and Alice are in different parts of the prison. The only way they have to communicate is through the prison warden who must not suspect any secret communication between them; otherwise he will not permit any more communication privileges. Although the warden knows that Alice and Bob need to secretly communicate, he must carefully study all the correspondences between Alice and Bob without incurring a noticeable delay or message alteration. Simmons explains in this context- a subliminal channel as a communications channel that is in existence but has not been detected by the warden.

Carvin (2001) explains the public accusations regarding al Jazeera which is the Arab-language news service that broadcasted messages videotaped by Osama Bin Laden and his allies. His statement was steganographic, thus prompted President Bush and his administration to quickly respond by presenting requests to all media, directing them to be more discreet when airing statements from Al Qaeda; with fear that secret messages may be contained in the unedited statements.

Few years ago, Louis Freeh who was the FBI Director tried convincing the government authorities that terrorists were supporting their organizations using steganography and encryption. The legislators were urged to enact internet usage laws which were stricter, basing his argument on harmful effects that could befall the Americans. (McCullagh). Terrorist organizations such as Hezbollah, Hamas, and Al Qaeda e.t.c have adopted more advanced steganographic techniques with the sole purpose of communicating through the internet, undetected. There have been several terrorist attacks that have pushed United States and the rest of the world to innovate more techniques of detecting and preventing this electronic subterfuge. This may reduce the motivation of these terrorism networks in using the internet to as a communication medium. (McCullagh)

Various forms of steganography have been utilized by the darker sides of governments. For example, German spies in the Second World War used null ciphers, which covered the real information inside less suspecting "sounding" message. (Johnson, 2001). The clandestine world was forced to come up with new technologies that could enable them communicate and be less conspicuous. This was happened after message detection also got better. 1941 was the year in which the first microdots were discovered on a typed envelope in possession of a German. The message was not encrypted or hidden; it was just too small to be noticed. The microdot allowed transmission of huge amounts of data that included drawings, documents, photographs and maps. This prompted censors to tamper with or prohibit flower deliveries, children drawings, song requests, weather reports, or even knitting instructions which may encode axis intelligence. (Dibbell, 2001)

Carvin (2001) adds that apart from using microdot, there was another steganography which was well publicized that happened during the war in Vietnam. Vietnamese forces shot down and captured Commander Jeremiah Danton who was a naval aviator. He was paraded at the front of the news media, knowing very well that he will not be able to say anything critical about his captors. When he was put to speak, he passed message by blinking his eyes in Morse code which spelled out T-O-R-T-U-R-E.

In computers, images are array of numbers representing light intensities at various pixels or points. Digital pictures have either 8 bit or 24 bit per pixel. Each bit represents an association of palette or color index. In color image of the 8-bit, every pixel that points out to only one of the 256 colors is represented by a single byte (sellars). 0's and 1s are bits whereby 8 bits create a byte. An example, of a byte is the 111 11110. The less significant bit is the position where zero is located. The least Significant bit (LSB) way is the staganography technique that is mostly implemented. When applying techniques of LSB to every byte of a 24-bit image, there are three bits of LSB that can be encoded to every pixel. Any variations in the LSB produce images which can not be distinguished from the original. This kind of technique may work well in 24-bit images but poorly in 8 bit images. (Johnson, 2001)

Modern Steganography

Modern steganography involves the use of computer technology to actively and passively code, convey and subsequently decode the steganographic message. The computer by itself identifies a picture in terms of very tiny picture elements. The picture elements are usually described in terms of various bits. The digital picture format is composed of either 24 bits or 8 bits per pixel. The individual bits are however linked to particular color index.

A perfects example is that in an 8-bit color digital imagery, one of the 256 colors per pixel is denoted as a single byte (Sellars).The 24-bit color imagery also has its own schema. The various bytes that represent the colors can be manipulated to contain certain hidden information. This is done by using one picture to hide a certain message file inside another file. The file which contains the hidden message is referred to as the "container file." The container file is taken through a very manipulative and yet non-destructive process which leaves the original message intact and undetectable by the human eye and ear. The paradox that surrounds the use of this technology is that its original use was targeted towards the prevention of the illegal distribution of sensitive documents electronically. This could have resulted in the various copyright infringers gaining access to the documents without duly paying the original owner of the document (Sellars).

In the past few years, more complex methods of steganography have been devised. These new methods are built with the intention of beating or rather evading detection by the common or rather standard detection techniques. The modern methods include the analysis of the image to be used prior to embedding the information on it. This is in order to determine its statistical properties. The redundant bits of the image are then located and then they get replaced probabilistically with new but redundant information bits. This method helps in beating the common statistical steganographic analyzers. The image is then subsequently modified in certain parts. This makes it very hard to recreate the original statistical footprints of the image.

The previous introductions of various encoding software have made it absolutely easy for anyone to compose a steganographic message. Most of the steganographic tools are also available online as freeware and therefore easily downloadable over the internet. Examples include the "StegFS" which is windows based. The steganograhic tool hide the information in the imagery. The various steganographic tools therefore are developed and then subsequently released in order to detect the existence of steganographic content. An image suspected to contain hidden information is then ran through the software which initiates a dictionary attack on the suspect image in order to determine the various key phrases.

Detection of Steganography

It is very important for various governments and corporations to devise effective and efficient methods of detecting the existence of covertly stored information within the various imagery that are being transmitted across their national borders, be it electronically or otherwise. This is because steganography can be a major source of national insecurity as it may aid rebels and terrorists in easily communicating right under the noses of the authorities.

The recent involvement of the U.S. authorities with Iomart, a Scottish corporate spyware vendor in an effort of tracking down Osama Bin Laden has shed some light into the possible detection of steganographic messages.The firm leaked certain information regarding the use of Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46

In detecting and identifying several files some of which had Arabic text and dates.

The commissioning of WetStone Technologies by the United States Air Force in order to come up with a set of accurate statistical tests with the ability to detect and isolate secret messages stored or transmitted in computer is one of the major steps that have ever been taken in oerder to combat terrorism communication through steganographs.The firm was also commisiioned to effectively come up and identify the core underlying principles that fueld the steganographic techniques (McCullagh).Their finding a however pointed out categorically that most of the steganography that they discovered were traceable to hacker sites and many more on the high traffic e=-commerce websites such as e-bay and Amazon.com (McCullagh).Other steganographic have been developed and others are under development.An example of a stego-detector is the "Steganography Detection and Recovery Toolkit" (S-DART) which was designed by the WetStone Technologies.