Steganography is a method of hidden communication, where the message is in the open, but goes undetected because the very existence of the message is secret.
Kipper’s book examines steganography, covering its history, usage, types, tools, and applications, as well as methods for detecting and attacking it. While not technical in nature, the book does cover a broad range of technical issues, which could be a little daunting for someone without an information technology (IT) (and, in some cases, an electronics) background.
This is a somewhat frustrating book; while it is quite comprehensive, it leaves the reader wishing for greater detail. It is fairly short, and there are a number of sections repeated throughout the book. Furthermore, the chapters on steganography tools and products and companies (nearly one-third of the book) tend to be brief product descriptions, more suitable for an appendix.
The book is divided into four parts, the first being an introduction to steganography, and to some of the events and people that have used this method over the years. This is quite an entertaining section, especially the parts about historical applications, such as the use of hard-boiled eggs or quilts during the Civil War.
The second part is a more detailed look at digital steganography and watermarking. Kipper begins by examining three key techniques for steganography (injection, substitution, and generation of new files), six categories for applications (substitution system, transform domain, spread spectrum, statistical method, distortion, and cover generation), and two basic types of steganography (linguistic and technical). These are then followed by detailed discussions of embedding methods for data hiding. The section on watermarking examines its use in a digital context, and looks at how watermarks may be used, attacked, and fingerprinted.
The third part provides a brief overview of some of the many steganographic tools available (such as BMP Secrets, Hide Folders, and S-Tools). Details on various products and companies are also provided.
Finally, the author looks at real-world applications of steganography (such as in medical records, digital music, and the Internet), followed by a short examination of how to detect and defeat steganographic techniques.
As Kipper points out, this book is geared toward law enforcement and the cyber-forensics investigator community, and, as such, if you are looking for a comprehensive guide to steganography, this book will not suffice. If you are looking for a reference guide to steganography, particularly for quick reference to many of the various steganography tools and techniques, then this book would be a good choice.
