Tweet
CANCELED:
URL=https://training.defcon.org/products...ion-techniques
URL=https://training.defcon.org/products...ion-techniques
Originally posted by URL
Name of Training:
Malicious Steganography - Advanced Hiding and Detection Techniques
Description:
Training description:
Steganography is the science and art of hiding data innocuously within other data, commonly in images, audio, and video, such that it cannot be extracted and/or detected even when sought. Malicious programs and bad actors are increasingly using steganography to conceal their activities so there is a heightened interest in understanding and detecting steganographic techniques. In this course, we'll explore steganography well beyond the common Least Significant Bit (LSB) techniques. Want to learn about jpeg hiding? We'll hide it many ways. Want to listen to a CD with megabytes of secretly embedded data? We do the wave with you. Executables, video, and bitmaps too.
This course introduces you to the concepts required for comprehending steganography such as data compression, information theory and entropy, human perception, digital imaging and audializaiton, and basic least significant bit hiding/detection techniques. Then it showcases more advanced steganographic and steganalytic techniques such as bit-plane complexity segmentation, high-capacity jpeg hiding, F5, and statistical hiding in audio and video along with corresponding detection techniques and some existing malware applications. Emphasis is on practical applications and implementation rather than "theory" with a number of hands-on exercises with custom steganographic/steganalytic programs not published on the web.
YOU can decide the effectiveness for yourself. Can you see it? Can you hear it? We shall see … or not!
Additional notes:
- Steganography tends to be a niche topic, but you get a lot more out of this class because it requires knowledge in multiple areas: data compression, forensics, number theory, digital audio/graphics
- This is not just a suite of programs to play with - students are taught concepts behind graphics/audio/video to understand how and why the hiding works.
- We also spend a fair amount of time on detection which has more commercial interest than data hiding.
Trainer(s) bio:
John Ortiz
John A. Ortiz is a Senior Research Engineer for L3Harris corporation. In his current position, he is reversing and patching a complex embedded Satellite Communications System. He developed a 6809 emulator and a number of other tools used for analysis and testing.
In prior roles, he analyzed vulnerabilities and developed proof of concept exploits for various platforms, including mobile and automobile applications. Prior to working at L3Harris, he spent 5 years at SRA International and 5 years at General Dynamics developing defense related software, researching data hiding techniques, and analyzing malware. Past presentations at Black Hat, Def Con, and Cyber Crime Conferences continue to generate interest and emails - keep 'em coming!
In a second role, Mr. Ortiz developed and teaches multiple courses at the University of Texas at San Antonio (UTSA) including Steganography and Reverse Malware Engineering. The Steganography course covers a broad spectrum of data hiding techniques in both the spatial and transform domains including least significant bit, discrete cosine transform, echo hiding, hiding in executable programs, and hiding in network protocols. For the course, Mr. Ortiz developed several steganographic programs for testing and analysis which he continues to use. The Reverse Engineering course makes heavy use of IDA Pro, Ghidra, WinDbg, and other custom analysis tools to focus on approaches and techniques for analyzing malicious software.
Mr. Ortiz holds two master’s degrees from the Air Force Institute of Technology, MSEE - Electrical Engineering and MSCE - Computer Engineering, and a BSEE from Rose-Hulman Institute of Technology.
Past content:
- Black Hat 2011 - Speaker
https://www.blackhat.com/html/bh-ad-...briefings.html - Introduction to More Advanced Steganography
- Black Hat 2012
https://www.blackhat.com/html/bh-us-...anography.html
- Black Hat 2013
https://www.blackhat.com/us-13/train...anography.html
- Black Hat Asia 2014
https://www.blackhat.com/asia-14/tra...lications.html
- Full semester course at the University of Texas in San Antonio (https://www.utsa.edu/sciences/comput...e/faculty.html)
--- NOTE: The course materials have been updated substantially since these trainings with more diverse steganographic programs as well as a deeper dive into computer graphics and audio
Trainer(s) social media links:
https://www.linkedin.com/in/john-ortiz-48990a19/
Outline:
Day 1:
Introduction to Steganography
Basic Math/Data Compression/Image/Audio Concepts
Computer Graphics in Detail
Hands-On Exercise
Hiding in Bitmaps and Waves
Hands-On Exercise
Detection in Bitmaps and Waves
Hands-On Exercise
Day 2:
Jpeg Transformation Concepts
Hiding Techniques in Jpeg
Hands-On Exercise
Detection in Jpegs
Hands-On Exercise
Intro to Video Concepts, Hiding in Executables
Malware Applications
Technical difficulty:
Intermediate
Suggested Prerequisites:
- Any familiarity with steganography, computer graphics, and/or digital audio would be beneficial
- Knowing how to write programs in C\C++ and/or Python is also a plus
What students should bring:
- To run the lab programs, a Windows machine or Windows virtual machine is required.
DATE: August 14th-15th 2023
TIME: 8am to 5pm PDT
VENUE: Caesars Forum, Las Vegas, NV
TRAINER: John Ortiz
- 16 hours of training with a certificate of completion.
- 2 coffee breaks are provided per day
- Note: Food is not included
Registration terms and conditions:
Trainings are refundable before July 1st, the processing fee is $250.
Trainings are non-refundable after July 10th, 2023.
Training tickets may be transferred. Please email us for specifics.
Failure to attend the Training without prior written notification, will be considered a No-Show. No refund will be given.
By purchasing this ticket you agree to abide by the DCT Code of Conduct and the registration terms and conditions listed above.
Malicious Steganography - Advanced Hiding and Detection Techniques
Description:
- Basic comprehension of how steganography works on a variety of media types including bitmap, jpeg, wave, and a little in video.
- Basic comprehension of how to detect, extract, and/or destroy hidden data.
- Some Current malware implementations of steganography for hiding payloads and/or communications.
- Some cool tools not available online, both steganographic and forensic.
Training description:
Steganography is the science and art of hiding data innocuously within other data, commonly in images, audio, and video, such that it cannot be extracted and/or detected even when sought. Malicious programs and bad actors are increasingly using steganography to conceal their activities so there is a heightened interest in understanding and detecting steganographic techniques. In this course, we'll explore steganography well beyond the common Least Significant Bit (LSB) techniques. Want to learn about jpeg hiding? We'll hide it many ways. Want to listen to a CD with megabytes of secretly embedded data? We do the wave with you. Executables, video, and bitmaps too.
This course introduces you to the concepts required for comprehending steganography such as data compression, information theory and entropy, human perception, digital imaging and audializaiton, and basic least significant bit hiding/detection techniques. Then it showcases more advanced steganographic and steganalytic techniques such as bit-plane complexity segmentation, high-capacity jpeg hiding, F5, and statistical hiding in audio and video along with corresponding detection techniques and some existing malware applications. Emphasis is on practical applications and implementation rather than "theory" with a number of hands-on exercises with custom steganographic/steganalytic programs not published on the web.
YOU can decide the effectiveness for yourself. Can you see it? Can you hear it? We shall see … or not!
Additional notes:
- Steganography tends to be a niche topic, but you get a lot more out of this class because it requires knowledge in multiple areas: data compression, forensics, number theory, digital audio/graphics
- This is not just a suite of programs to play with - students are taught concepts behind graphics/audio/video to understand how and why the hiding works.
- We also spend a fair amount of time on detection which has more commercial interest than data hiding.
Trainer(s) bio:
John Ortiz
John A. Ortiz is a Senior Research Engineer for L3Harris corporation. In his current position, he is reversing and patching a complex embedded Satellite Communications System. He developed a 6809 emulator and a number of other tools used for analysis and testing.
In prior roles, he analyzed vulnerabilities and developed proof of concept exploits for various platforms, including mobile and automobile applications. Prior to working at L3Harris, he spent 5 years at SRA International and 5 years at General Dynamics developing defense related software, researching data hiding techniques, and analyzing malware. Past presentations at Black Hat, Def Con, and Cyber Crime Conferences continue to generate interest and emails - keep 'em coming!
In a second role, Mr. Ortiz developed and teaches multiple courses at the University of Texas at San Antonio (UTSA) including Steganography and Reverse Malware Engineering. The Steganography course covers a broad spectrum of data hiding techniques in both the spatial and transform domains including least significant bit, discrete cosine transform, echo hiding, hiding in executable programs, and hiding in network protocols. For the course, Mr. Ortiz developed several steganographic programs for testing and analysis which he continues to use. The Reverse Engineering course makes heavy use of IDA Pro, Ghidra, WinDbg, and other custom analysis tools to focus on approaches and techniques for analyzing malicious software.
Mr. Ortiz holds two master’s degrees from the Air Force Institute of Technology, MSEE - Electrical Engineering and MSCE - Computer Engineering, and a BSEE from Rose-Hulman Institute of Technology.
Past content:
- Black Hat 2011 - Speaker
https://www.blackhat.com/html/bh-ad-...briefings.html - Introduction to More Advanced Steganography
- Black Hat 2012
https://www.blackhat.com/html/bh-us-...anography.html
- Black Hat 2013
https://www.blackhat.com/us-13/train...anography.html
- Black Hat Asia 2014
https://www.blackhat.com/asia-14/tra...lications.html
- Full semester course at the University of Texas in San Antonio (https://www.utsa.edu/sciences/comput...e/faculty.html)
--- NOTE: The course materials have been updated substantially since these trainings with more diverse steganographic programs as well as a deeper dive into computer graphics and audio
Trainer(s) social media links:
https://www.linkedin.com/in/john-ortiz-48990a19/
Outline:
Day 1:
Introduction to Steganography
Basic Math/Data Compression/Image/Audio Concepts
Computer Graphics in Detail
Hands-On Exercise
Hiding in Bitmaps and Waves
Hands-On Exercise
Detection in Bitmaps and Waves
Hands-On Exercise
Day 2:
Jpeg Transformation Concepts
Hiding Techniques in Jpeg
Hands-On Exercise
Detection in Jpegs
Hands-On Exercise
Intro to Video Concepts, Hiding in Executables
Malware Applications
Technical difficulty:
Intermediate
Suggested Prerequisites:
- Any familiarity with steganography, computer graphics, and/or digital audio would be beneficial
- Knowing how to write programs in C\C++ and/or Python is also a plus
What students should bring:
- To run the lab programs, a Windows machine or Windows virtual machine is required.
DATE: August 14th-15th 2023
TIME: 8am to 5pm PDT
VENUE: Caesars Forum, Las Vegas, NV
TRAINER: John Ortiz
- 16 hours of training with a certificate of completion.
- 2 coffee breaks are provided per day
- Note: Food is not included
Registration terms and conditions:
Trainings are refundable before July 1st, the processing fee is $250.
Trainings are non-refundable after July 10th, 2023.
Training tickets may be transferred. Please email us for specifics.
Failure to attend the Training without prior written notification, will be considered a No-Show. No refund will be given.
By purchasing this ticket you agree to abide by the DCT Code of Conduct and the registration terms and conditions listed above.