 |
Air University Student Research Paper 2000 Title: VIRAL COMPUTER WARFARE VIA ACTIVATION ENGINE EMPLOYING STEGANOGRAPHY Subject: VIRAL COMPUTER WARFARE VIA ACTIVATION ENGINE EMPLOYING STEGANOGRAPHY Author(s): Dale A. Lathrop, Captain, USAF DTIC Keywords: Abstract: Information warfare is probably the most mysterious, magical, and sophisticated area of study for computer professionals today. Information warfare scientists employ their skills in the use of common electronic mail and the not so common art of steganography in attempts to develop defenses against intrusions and to implement attacks on target systems. To enhance capabilities, steganography is employed and is the art and science of communicating through covert channels. The goal is to hide a message or executable program inside a carrier file such as a photograph in digital form. The growth of attacks in the commercial environment and the possibility of applying those same techniques for military purposes has increased the interest in manipulation of the Internet as a deployment system for cyber-attacks. Electronic mail is currently the most widely exploited practice for the delivery of viruses, Trojan horse programs, or other malicious code. The results of this research indicate that the use of a separate engine followed by an HTML-based electronic mail message containing a photographic image with a steganographically embedded virus or other payload is a vulnerable attack if implemented without the proper environment variables in place. Although successful in delivery of a known virus without detection in the electronic mail reader, it still requires human intervention to initiate the virus attack. Furthermore, the dual stage delivery of the engine, and later the message, allowed for a higher probability of detection at the target system.
|