Sign In

Communications of the ACM

Review articles

Information Hiding: Challenges For Forensic Experts

Information Hiding: Challenges for Forensic Experts, illustrative photo

Credit: Andrij Borys Associates / Shutterstock

Information hiding is a research domain that covers a wide spectrum of methods that are used to make (secret) data difficult to notice. Due to improvements in network defenses such techniques are recently gaining an increasing attention from actors like cybercriminals, terrorist and state-sponsored groups as they allow to store data or to cloak communication in a way that is not easily discoverble.22 There are several real-world cases that reached the attention of the public media, including the following:23,38

  • the arrest of one of al Qaeda's members in Berlin with video files containing hidden information on ongoing and future terrorists' operations (2012),a
  • the exfiltration of confidential data from the U.S. to Moscow by Russian spies (2010),b
  • the transfer of child pornographic material by a group of pedophiles called "Shadowz Brotherhood" (2002),c and
  • the planning of a terrorist attack after the September 11, 2001 attacks. A number of articles suggested that al Qaeda members used steganography to coordinate their actions (2001).d

Back to Top

Key Insights


In these cases, information-hiding techniques were used to hide the confidential or illegal data into innocent-looking material, for example, digital pictures.


Xianfeng Zhao

Whereas steganalysis, the technology for detecting information hiding, has been more and more widely researched and developed, this article, however, points out that information hiding is still a challenge for forensic experts. In my view, the viewpoint of the authors is right absolutely. In research, we focus on the scenarios or model in which a steganographer and a steganalyst can compete. For example, one often assumes that the former has some a priori knowledge on the latters method and parameters so that he can build a correct way in detection. Even though such a detection can verify the security of steganography better, in real-world, it is hard to correctly decide such knowledge for doing proper detection. Generally, a steganalytic system must face thousands of steganographic ways and thousands of media setting and format concurrently. Count the number of combinations! Moreover, in many cases one or several alarms provide insufficient proof for detecting a steganographer.

I am very pleased to see that CUIng Initiative is solving the problem as an international organization. And in the paper, the big difficulty of such task, which is often neglected by many sponsors and investors, is fully addressed. I hope that the organization can raise enough fund for launching an open project, in which the algorithmic interfaces are open and every people in the world can submit his or her detection module for analyzing a kind of steganography. We are doing such work in China, and we are seriously thinking about the cooperation with CUIng Initiative.

Displaying 1 comment

Log in to Read the Full Article

Sign In

Sign in using your ACM Web Account username and password to access premium content if you are an ACM member, Communications subscriber or Digital Library subscriber.

Need Access?

Please select one of the options below for access to premium content and features.

Create a Web Account

If you are already an ACM member, Communications subscriber, or Digital Library subscriber, please set up a web account to access premium content on this site.

Join the ACM

Become a member to take full advantage of ACM's outstanding computing information resources, networking opportunities, and other benefits.

Subscribe to Communications of the ACM Magazine

Get full access to 50+ years of CACM content and receive the print version of the magazine monthly.

Purchase the Article

Non-members can purchase this article or a copy of the magazine in which it appears.
Sign In for Full Access
» Forgot Password? » Create an ACM Web Account