Steganography is the practice of concealing a file, message, image, video or a program within another file in such a way that someone can not know the presence or contents of the hidden message or file. Steganography is an encryption technique to protect a data and can be used along with cryptography for extra protection. The purpose of steganography is covert communication to hide a message from a third party or to hide contents of the hidden file from the recipient usually for malicious intent. Steganography Attack is type of cyber attack that is carried out to evade system/human detection of a harmful program or secret message, this technique is also a common vehicle for secret communication other than or along with cryptography techniques for extra protection.
Cyber criminals use steganography techniques to embed and deliver malicious code such as virus, adware, spyware, etc and as well as malicious payloads. There are different ways attacker hides the message or file in another file, this methods are known as ‘free bytes and injection’. Free bytes in a file which are not necessary and this bytes can be replaced with a secret message or file. Second method is to inject a secret message or file into another file or image which increases the size of original file or image.
The technique for detecting a steganographic file or image is known as Steganalysis, it can be used to decrypt for exposing the hidden file or message from original file. Malware can be delivered to a target system through steganography, when dealing with suspicious steganographic images or files, Steganalysis Tools can be used to analyze such files.