Taking advantages of a disadvantage: Digital forensics and steganography using document metadata
Journal of Systems and Software
New XML-Based Files Implications for Forensics
Computing in Science and Engineering
A Data Hiding Scheme on Word Documents Using Multiple-Base Notation System
IIH-MSP '10 Proceedings of the 2010 Sixth International Conference on Intelligent Information Hiding and Multimedia Signal Processing
IEEE Transactions on Information Forensics and Security
Data concealment and detection in Microsoft Office 2007 files
Digital Investigation: The International Journal of Digital Forensics & Incident Response
| Hi-index | 0.00 |
The simplest container of digital information is the file and among the vast array of files currently available, MS-Office files are the most widely used. The "Microsoft Compound Document File Format" (MCDFF) has often been used to host secret information. The new format created by Microsoft, first used with MS-Office 2007, makes use of a new standard, the "Office Open XML Formats" (OOXML). The benefits include that the new format introduces the OOXML format, which lowers the risk of information leakage, as well as the use of MS-Office files as containers for steganography. This work presents some new methods of embedding information into the OOXML file format which can be extremely useful when using MSOffice documents in steganography. The authors highlight how the new methods introduced in this paper can also be used in many other scenarios, not only in MS-Office documents. An evaluation of the limits of the proposed methods is carried out by comparing them against the tool introduced by Microsoft to sanitize MS-Office files. The methods presented can be combined in order to extend the amount of data to be hidden in a single cover file.